| OSVDB ID | Disclosure Date | Title |
|---|
|
16567
Description:
OpenSSH contains a flaw that may allow a remote denial of service. The issue is triggered when a session has been terminated after exceeding the LoginGraceTime setting. The connection is not properly closed and could lead to a connection consumption attack, causing further connections to be refused. This will result in loss of availability for the ssh service.
|
2004-01-28
|
OpenSSH Privilege Separation LoginGraceTime DoS
|
|
19838
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in CPAN WWW::Form before 1.13 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
2004-01-28
|
WWW::Form for Perl (CPAN) Unspecified XSS
|
|
4233
Description:
NikSun NetDetector contains a flaw that allows a remote attacker to make database queries without authentication. The issue is due to a flaw in the /cgi-bin/main_menu.pl script. No further details have been provided.
|
2004-01-28
|
NetDetector main_menu.pl Anauthenticated Database Query
|
|
4685
Description:
Unknown / Incomplete
|
2004-01-28
|
ZoneAlarm Random UDP Flood DoS
|
|
4704
Description:
Unknown / Incomplete
|
2004-01-28
|
BlackICE PC Protection Upgrade File Permission Weakness
|
|
6637
Description:
Lore contains a flaw that may expose unencrypted passwords to local or remote users. The issue is due to the program not encrypting passwords before storing them in the database or user cookies. This may allow an attacker to access the unencrypted passwords resulting in a loss of confidentiality.
|
2004-01-27
|
Lore Cleartext Password Disclosure
|
|
3728
Description:
Unknown / Incomplete
|
2004-01-27
|
BEA WebLogic Boot Credentials Disclosure
|
|
3727
Description:
(Description Provided by CVE) : BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the administrator password in cleartext in config.xml, which allows local users to gain privileges.
|
2004-01-27
|
BEA WebLogic config.xml Cleartext Administrative Password Disclosure
|
|
3725
Description:
(Description Provided by CVE) : BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users in the Operator role to obtain administrator passwords via MBean attributes, including (1) ServerStartMBean.Password and (2) NodeManagerMBean.CertificatePassword.
|
2004-01-27
|
BEA WebLogic ServerStartMBean.Password Password Disclosure
|
|
19832
Description:
(Description Provided by CVE) : BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users in the Operator role to obtain administrator passwords via MBean attributes, including (1) ServerStartMBean.Password and (2) NodeManagerMBean.CertificatePassword.
|
2004-01-27
|
BEA WebLogic NodeManagerMBean.CertificatePassword Password Disclosure
|
|
3724
Description:
(Description Provided by CVE) : The Web Services fat client for BEA WebLogic Server and Express 7.0 SP4 and earlier, when using 2-way SSL and multiple certificates to connect to the same URL, may use the incorrect identity after the first connection, which could allow users to gain privileges.
|
2004-01-27
|
BEA WebLogic Web Services Fat Client Incorrect Identity Privilege Escalation
|
|
3726
Description:
WebLogic Server and Express contain a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate HTTP TRACE requests upon submission to the server. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-01-27
|
BEA WebLogic HTTP TRACE Response XSS
|
|
3723
Description:
(Description Provided by CVE) : Stack-based and heap-based buffer overflows in ProxyNow! 2.75 and earlier allow remote attackers to execute arbitrary code via a GET request with a long ftp:// URL.
|
2004-01-27
|
ProxyNow! HTTP Request Overflow
|
|
3878
Description:
PHP contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when multiple virtual hosts are served from an Apache server, and the same child process is used to access different virtual hosts, which will leak settings between virtual hosts resulting in a loss of confidentiality.
|
2004-01-27
|
PHP Virtual Host Configuration Information Disclosure
|
|
25384
Description:
Unknown / Incomplete
|
2004-01-27
|
IBM WebSphere Application Server (WAS) ESI Cache Component simplefileservlet Exposure
|
|
25385
Description:
Unknown / Incomplete
|
2004-01-27
|
IBM WebSphere Application Server (WAS) FFDC Log Cleartext Password Disclosure (PQ79848)
|
|
3695
Description:
Appweb contains a flaw in the handling of certain HTTP requests that may allow a remote denial of service. The issue is triggered when an attacker sends a GET request containing a DOS device name, which may allow a remote attacker to cause the service to crash.
|
2004-01-27
|
Mbedthis AppWeb DOS Device Request Remote DoS
|
|
3718
Description:
(Description Provided by CVE) : Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote attackers to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server.
|
2004-01-27
|
Finjan SurfinGate Proxy FHTTP Command Admin Functions Authentication Bypass
|
|
3738
Description:
(Description Provided by CVE) : File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an attacker to use the Content-Disposition and Content-Type HTML header fields to modify how the name of the file is displayed, which could trick a user into believing that a file is safe to download.
|
2004-01-27
|
Microsoft IE Content-disposition Header File Download Extension Spoofing
|
|
4201
Description:
Unknown / Incomplete
|
2004-01-27
|
Open WebMail userstat.pl Arbitrary Command Execution
|
|
3730
Description:
(Description Provided by CVE) : Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect.
|
2004-01-27
|
Gaim Yahoo Parser Buffer Overflow
|
|
3731
Description:
A remote overflow exists in Gaim. The URL Parser Function splits a URL into its parts using temporary fixed size stackbuffers in an unsafe way, resulting in a buffer overflow. With a specially crafted set of data, an attacker can overflow the buffer and possibly execute arbitrary code on the system, resulting in a loss of integrity. Note that it is only possible to overwrite the buffers with a limited character set which makes exploitation difficult.
|
2004-01-27
|
Gaim URL Parser Function Overflow
|
|
3732
Description:
A remote overflow exists in Gaim. The HTTP proxy (http_canread function) subsystem fails to check if the proxy sends more than 8192 bytes in a line, resulting in a buffer overflow. With a malicious proxy sending specially crafted input, an attacker can overwrite the buffer and gain control of the instruction pointer resulting in a loss of integrity.
|
2004-01-27
|
Gaim HTTP Proxy Connect Overflow
|
|
3733
Description:
A remote overflow exists in Gaim. The Extract Info Field Function combines data from two tokens into a fixed-length stack buffer without properly checking the size of the resulting string, resulting in a buffer overflow. With a specially crafted set of data, an attacker can overflow the buffer and possibly execute arbitrary code on the system, resulting in a loss of integrity.
|
2004-01-27
|
Gaim Extract Info Field Function Buffer Overflow
|
|
3734
Description:
A remote overflow exists in gaim. Gaim fails to correctly parse some malformed directIM packets, resulting in a heap overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code resulting in a loss of integrity.
|
2004-01-27
|
Gaim DirectIM AIM/Oscar Integer Buffer Overflow
|
|
3735
Description:
(Description Provided by CVE) : Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte.
|
2004-01-27
|
Gaim Yahoo Octal-Encoding Decoder Overflows
|
|
3736
Description:
A remote overflow exists in GAIM Instant Messager client. GAIM fails to address malformed input resulting in a heap overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code resulting in a loss of confidentiality, integrity, and/or availability.
|
2004-01-27
|
Gaim Quoted Printable Decoder Overflows
|
|
20189
Description:
(Description Provided by CVE) : Oracle toplink mapping workBench uses a weak encryption algorithm for passwords, which allows local users to decrypt the passwords.
|
2004-01-27
|
Oracle Toplink Mapping workBench Password Encryption Weakness
|
|
7599
Description:
phpGroupWare contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the tables_update.inc.php script not properly sanitizing input to the "appdir" variable. By providing an arbitrary PHP file on a remote system, an attacker can inject arbitrary commands to be run on the victim host.
|
2004-01-27
|
phpGroupWare tables_update.inc.php Arbitrary Command Execution
|
|
7600
Description:
phpGroupWare contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "date" variable upon submission to the "index.php" script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-01-27
|
phpGroupWare index.php Calendar Date Parameter XSS
|
|
7601
Description:
phpGroupWare contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker requests the "setup.inc.php.sample" script without arguments, which will disclose the software installation path resulting in a loss of confidentiality.
|
2004-01-27
|
phpGroupWare setup.inc.php.sample Path Disclosure
|
|
7602
Description:
phpGroupWare contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker requests the "class.holidaycalc.inc.php" script with no arguments, which will disclose the software installation path resulting in a loss of confidentiality.
|
2004-01-27
|
phpGroupWare class.holidaycalc.inc.php Path Disclosure
|
|
7603
Description:
phpGroupWare contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker requests the "hook_home.inc.php" script with no arguments, which will disclose the software installation path resulting in a loss of confidentiality.
|
2004-01-27
|
phpGroupWare hook_home.inc.php Path Disclosure
|
|
7604
Description:
phpGroupWare contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker requests the "hook_admin.inc.php" script with no arguments, which will disclose the software installation path resulting in a loss of confidentiality.
|
2004-01-27
|
phpGroupWare hook_admin.inc.php Path Disclosure
|
|
17276
Description:
(Description Provided by CVE) : PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb.
|
2004-01-27
|
PortalApp Unauthorized Database Access
|
|
3712
Description:
IBM Net.Data contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate Macro names upon submission to the "DTWP001E" error message. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-01-26
|
IBM Net.Data db2www CGI component XSS
|
|
3709
Description:
TinyServer contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted URL that does not contain both GET and HTTP/1.1 tags, and will result in loss of availability for the service.
|
2004-01-26
|
Tiny Server Malformed HTTP GET Request Remote DoS
|
|
3711
Description:
(Description Provided by CVE) : Microsoft Windows XP Explorer allows attackers to execute arbitrary code via a HTML and script in a self-executing folder that references an executable file within the folder, which is automatically executed when a user accesses the folder.
|
2004-01-26
|
Microsoft Windows XP Malicious Folder Automatic Code Execution
|
|
3755
Description:
BremsServer contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by a failure to validate URLs that contain directory traversal characters, which will disclose arbitrary server file information resulting in a loss of confidentiality.
|
2004-01-26
|
Herberlin BremsServer Directory Traversal
|
|
3707
Description:
Cherokee webserver contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate invalid URLs before they are provided to the user in an error message. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-01-26
|
Cherokee Web Server Error Page XSS
|
