| OSVDB ID | Disclosure Date | Title |
|---|
|
4622
Description:
Unknown / Incomplete
|
2003-05-31
|
xmame --lang Parameter Local Overflow
|
|
4654
Description:
Unknown / Incomplete
|
2003-05-30
|
iisCart2000 File Upload
|
|
4651
Description:
Yahoo! Audio Conferencing contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is due to an unchecked buffer in the Audio Conferencing ActiveX Control. If an attacker sends a specially crafted request, they may be able to overflow the buffer and execute arbitrary code.
|
2003-05-30
|
Yahoo! Audio Conferencing ActiveX Control Overflow
|
|
4467
Description:
Windows servers with WebDAV enabled contain a flaw that may allow a remote attacker to execute arbitrary code. The issue is due to the ntdll.dll component of the WebDAV not properly sanitizing input to a path conversion function. If an attacker sends a specially crafted request to this function, they may be able to execute arbitrary code with SYSTEM privileges.
|
2003-05-30
|
Microsoft Windows WebDav ntdll.dll Remote Overflow
|
|
4652
Description:
Unknown / Incomplete
|
2003-05-30
|
JBoss %00 Request JSP Source Disclosure
|
|
4765
Description:
Zeus Web Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'server' variable upon submission to the /apps/web/vs_diag.cgi script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2003-05-30
|
Zeus Technologies Zeus Web Server vs_diag.cgi server Parameter XSS
|
|
4655
Description:
A local overflow exists in the Microsoft IIS web server. The service fails to validate the length of the parameter passed to the SSI include() function, resulting in a stack overflow. With a specially crafted SHTML page, an attacker can execute arbitrary code on this system, resulting in a loss of confidentiality, integrity, and/or availability.
|
2003-05-30
|
Microsoft IIS ssinc.dll Long Filename Overflow
|
|
4656
Description:
Unknown / Incomplete
|
2003-05-30
|
Desktop Orbiter DoS
|
|
39362
Description:
Unknown / Incomplete
|
2003-05-30
|
Netscape Enterprise Server CBC Mode Block Ciphers Unspecified Timing Attack
|
|
24539
Description:
(Description Provided by CVE) : Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation.
|
2003-05-30
|
Baby FTP Server Unspecified DoS
|
|
24538
Description:
(Description Provided by CVE) : Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command.
|
2003-05-30
|
Baby FTP Server CWD Command Traversal
|
|
60383
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid (admin) cookie to the Web_Links module in a (2) viewlink, (3) MostPopular, or (4) NewLinksDate action, different vectors than CVE-2003-0279.
|
2003-05-30
|
PHP-Nuke modules.php uid Cookie SQL Injection
|
|
60384
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid (admin) cookie to the Web_Links module in a (2) viewlink, (3) MostPopular, or (4) NewLinksDate action, different vectors than CVE-2003-0279.
|
2003-05-30
|
PHP-Nuke Web_Links Module aid Cookie SQL Injection
|
|
60550
Description:
Unknown / Incomplete
|
2003-05-30
|
Linux /bin/mail Carbon Copy Field Local Overflow
|
|
62124
Description:
(Description Provided by CVE) : Buffer overflow in pamverifier in Change Manager (CM) 1.0 for Sun Management Center (SunMC) 3.0 on Solaris 8 and 9 on the sparc platform allows remote attackers to execute arbitrary code via unspecified vectors.
|
2003-05-30
|
Sun Management Center (SunMC) pamverifier Unspecified Overflow
|
|
35133
Description:
(Description Provided by CVE) : siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a session ID string in the value of the SMSESSION parameter in a URL, which might allow remote attackers to obtain the ID by sniffing, reading Referer logs, or other methods.
|
2003-05-29
|
Netegrity SiteMinder SmMakeCookie.ccc SMSESSION Session ID Disclosure
|
|
50531
Description:
Unknown / Incomplete
|
2003-05-29
|
CafeLog b2 blogger-2-b2.php b2inc Parameter Remote File Inclusion
|
|
50532
Description:
Unknown / Incomplete
|
2003-05-29
|
CafeLog b2 gm-2-b2.php b2inc Parameter Remote File Inclusion
|
|
30741
Description:
Netegrity SiteMinder contains a flaw that may allow a remote attacker to conduct user-complicit attacks that would redirect a person to an arbitrary web site. The issue is due to the SmMakeCookie.ccc script not properly sanitizing input to the TARGET variable. By providing an arbitrary web site to this variable, a URL can be crafted that would appear to be a legitimate site link. When clicked, the SiteMinder script would then redirect the person to the arbitrary site.
|
2003-05-29
|
Netegrity SiteMinder SmMakeCookie.ccc TARGET Variable Arbitrary Site Redirection
|
|
4781
Description:
Unknown / Incomplete
|
2003-05-29
|
Tornado www-server Overflow
|
|
4782
Description:
Unknown / Incomplete
|
2003-05-29
|
Tornado www-server Arbitrary File Retrieval
|
|
4764
Description:
Activity Monitor 2002 contains a flaw that may allow a remote denial of service. By connecting to TCP port 15163 and sending an overly long string, a remote attacker could consume all available CPU resources and cause the application to crash resulting in loss of availability for the application.
|
2003-05-29
|
Activity Monitor 2002 Long String DoS
|
|
4499
Description:
Unknown / Incomplete
|
2003-05-29
|
ICQLite Full Control Privileges
|
|
4780
Description:
(Description Provided by CVE) : CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out.
|
2003-05-29
|
CUPS Partial IPP Request DoS
|
|
52991
Description:
Unknown / Incomplete
|
2003-05-29
|
Philboard /database/philboard.mdb Direct Request Database Disclosure
|
|
51702
Description:
Unknown / Incomplete
|
2003-05-29
|
VisNetic FTP Server quote stat Command Traversal Arbitrary Directory Access
|
|
4769
Description:
Philboard contains a flaw that may allow a malicious user to gain admin privileges without authentication. The issue is triggered when an attacker creates cookies which the program uses for admin authorization. It is possible that the flaw may allow unauthorized administrative access resulting in a loss of confidentiality, integrity, and/or availability.
|
2003-05-29
|
Philboard Cookie Injection Authentication Bypass
|
|
52979
Description:
Unknown / Incomplete
|
2003-05-29
|
P-Synch Password Management nph-psf.exe css Parameter Remote File Inclusion
|
|
52980
Description:
Unknown / Incomplete
|
2003-05-29
|
P-Synch Password Management nph-psa.exe css Parameter Remote File Inclusion
|
|
4919
Description:
P-Sync Password Management contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker requests the nph-psa.exe script with a malformed lang parameter, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.
|
2003-05-29
|
P-Synch Password Management nph-psa.exe lang Parameter Path Disclosure
|
|
4920
Description:
M-Tech's P-Synch password management product contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'css' variable upon submission to the nph-psf.exe script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2003-05-29
|
P-Synch Password Management nph-psf.exe css Parameter XSS
|
|
52977
Description:
P-Sync Password Management contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker requests the nph-psf.exe script with a malformed lang parameter, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.
|
2003-05-29
|
P-Synch Password Management nph-psf.exe lang Parameter Path Disclosure
|
|
52978
Description:
M-Tech's P-Synch password management product contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'css' variable upon submission to the nph-psa.exe script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2003-05-29
|
P-Synch Password Management nph-psa.exe css Parameter XSS
|
|
4811
Description:
Geeklog contains a flaw that may allow a malicious user to gain administrative access. The issue is triggered when a connection is made with a cookie of a non-existent user. It is possible that the flaw may allow a full administrative session resulting in a loss of confidentiality, integrity, and availability.
|
2003-05-29
|
Geeklog Nonexistent Session ID Admin Access
|
|
4812
Description:
Geeklog contains a flaw that may allow a malicious user to gain access and execute arbitrary code. The issue is triggered when an image file upload occurs. It is possible that the flaw may allow arbitrary script code execution resulting in a loss of confidentiality, integrity, and availability.
|
2003-05-29
|
Geeklog Image File Upload Arbitrary Code Execution
|
|
4662
Description:
Son hServer contains a flaw that allows a remote attacker to access arbitrary files and directories outside of the web path. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via URI.
|
2003-05-29
|
Son hServer URI Traversal Arbitrary File/Directory Access
|
|
4813
Description:
Geeklog contains a flaw that may allow a remote attacker to gain access to unauthorized privileges. By issuing a floating-point number for the 'userid' variable, a remote attacker could gain administrative access, resulting in a loss of integrity.
|
2003-05-29
|
Geeklog Floating-Point Number Arbitrary Administrative Access
|
|
9396
Description:
Titan FTP contains a flaw that allows a remote attacker to return a directory listing outside of the ftp root path. The issue is due to the STAT command not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the stat variable.
|
2003-05-29
|
Titan FTP Server quote stat Command Traversal Arbitrary Directory Access
|
|
9547
Description:
Mirabilis ICQLite contains a flaw that may allow a malicious local user to overwrite or delete files in the ICQLite folder. The issue exists because ICQLite adds the Interactive Users group with Full Control to the ACL of the ICQLite program folder. It is possible that the flaw may result in a loss of integrity.
|
2003-05-29
|
Mirabilis ICQLite Home Directory Permission Weakness Privilege Escalation
|
|
58685
Description:
Velocity contains a flaw that may allow a malicious user to execute privileged code. The issue is triggered when a malicious user uses the template designer to instantiate an arbitrary class and call arbitrary methods. It is possible that the flaw may allow privileged code execution resulting in a loss of integrity.
|
2003-05-29
|
Apache Velocity Template Designer Privileged Code Execution
|
