| OSVDB ID | Disclosure Date | Title |
|---|
|
4009
Description:
Cisco ONS 15000 Series contains a flaw that may allow a remote denial of service. The issue is triggered when specially crafted TCP packets are directed to port 1080, and will result in loss of availability for the platform.
|
2004-02-19
|
Cisco ONS 15000 Control Card DoS
|
|
4010
Description:
Cisco ONS 15000 series contains a flaw that may allow a malicious user to gain unauthorized access. The issue is triggered because a superuser whose account has been locked out is still able to telnet to the device and log in. It is possible that the flaw may allow unathorized access resulting in a loss of confidentiality, integrity, and/or availability.
|
2004-02-19
|
Cisco ONS 15000 Superuser Account Lock Bypass
|
|
6880
Description:
XFree86 contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when using the GLX extension and Direct Rendering Infrastructure (DRI), allowing a remote attacker to gain root privileges.
|
2004-02-19
|
XFree86 GLX/DRI Out-of-bounds Array Index Privilege Escalation
|
|
6881
Description:
XFree86 contains a flaw in the GLX extension and Direct Rendering Infrastructure that may allow a local denial of service. The issue is due to an integer signedness error when using the GLX extension and Direct Rendering Infrastructure (DRI). With a specially crafted request, a local attacker can cause the service to crash.
|
2004-02-19
|
XFree86 GLX/DRI Integer Signedness Error Privilege Escalation
|
|
3992
Description:
(Description Provided by CVE) : Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.
|
2004-02-19
|
Linux kernel ncpfs Privilege Escalation
|
|
3994
Description:
Webstores 2000 contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "SEARCH_SKU" variable upon submission to the error.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-02-19
|
Webstores 2000 error.asp XSS
|
|
4064
Description:
OmniSwitch 7700 and 7800 contain a flaw that may allow a remote denial of service. The issue is triggered when specially crafted packets are sent to the switch, and will result in loss of availability for the platform.
|
2004-02-19
|
Alcatel OmniSwitch 7000 Series Unspecified DoS
|
|
45011
Description:
(Description Provided by CVE) : cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
|
2004-02-19
|
Linux Kernel cryptoloop IV Computation Weakness Watermarked File Detection
|
|
45012
Description:
(Description Provided by CVE) : dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
|
2004-02-19
|
Linux Kernel dm-crypt IV Computation Weakness Watermarked File Detection
|
|
4002
Description:
The WAP55AG Access Point contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a user with read access requests the SNMP read/write community string. This flaw may lead to a loss of confidentiality, integrity and/or availability.
|
2004-02-19
|
Cisco Linksys WAP55AG SNMP Community Strings Disclosure
|
|
91593
Description:
By default, Dell DRAC III installs with default admin credentials (username/password combination). The 'root' account has a password of 'calvin', which is publicly known and documented. This allows remote attackers to trivially access the program or system and gain privileged access.
|
2004-02-19
|
Dell DRAC III Default Admin Credentials
|
|
5242
Description:
Outlook Express contains a flaw in the handling of MHTML URLs that may allow a malicious user to execute remote code in the Local Machine security zone. The issue is triggered when OE receives a malformed CLSID parameter while parsing an MHTML URL. The ability to run remote code in the Local Machine security zone may allow a malicious user to gain control of the system, resulting in a loss of confidentiality, integrity, and/or availability.
|
2004-02-18
|
Microsoft IE/Outlook MHTML .chm ITS Protocol Handler Code Execution
|
|
6424
Description:
OfficeConnect 812 ADSL Router contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted long string is sent to the telnet port, and will result in loss of availability for the platform.
|
2004-02-18
|
3Com OfficeConnect 812 ADSL Router Telnet Protocol DoS
|
|
3987
Description:
The Metamail fails to check buffer overflow in the ShareThisHeader function in the splitmail.c file. With a specially crafted mail message, containing a long Subject header an attacker can cause buffer overflow and execute arbitrary code on system with privileges of the user, once the message is opened, resulting in a loss of confidentiality and/or integrity.
|
2004-02-18
|
Metamail Long Subject Header Message Parsing System Overflow
|
|
3988
Description:
A remote overflow exists in Metamail. Metamail fails to correctly handle messages containing certain encoded characters in mail headers or containing a "multipart/alternative" media type and format specifiers in the "Content-Type" header resulting in a format string overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code on a user's system. resulting in a loss of confidentiality, integrity, and/or availability.
|
2004-02-18
|
Metamail Message Parsing System Format String Compromise
|
|
4331
Description:
The Metamail fails when parsing the mail headers resulting in a buffer overflow. With a specially crafted mail message containing a header with encoded non-ASCII characters and a long character set name , an attacker can overflow a buffer and execute code on system with privileges of the user, once the message is opened resulting in a loss of confidentiality and/or integrity.
|
2004-02-18
|
Metamail Long Character/Non-ASCII Message Parsing System Overflow
|
|
3986
Description:
The Linux kernel contains a flaw that may allow a malicious user to gain access to unauthorized privileges due to improper checks on return values performed in the do_mremap function for the mremap system call. This flaw may lead to a loss of Confidentiality, Integrity and Availability.
|
2004-02-18
|
Linux Kernel mremap() Missing Return Value Checking
Privilege Escalation
|
|
3991
Description:
A remote overflow exists in ZoneAlarm. The 'vsmon.exe' program fails to perform proper bounds checking resulting in a buffer overflow. By specifying a overly long argument in the RCPT TO command, a remote attacker can cause arbitrary code execution with SYSTEM privileges resulting in a loss of integrity.
|
2004-02-18
|
ZoneAlarm SMTP Service (vsmon.exe) RCPT TO Command Remote Overflow
|
|
3985
Description:
By default, APC Smartslot Web/SNMP Management Card ships with a default password. An attacker can supply any account name and a password of TENmanUFactOryPOWER which is publicly known and documented. This allows attackers to trivially access the program or system.
|
2004-02-18
|
APC SmartSlot Web/SNMP Management Card Default Password
|
|
3995
Description:
Webstores2000 contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that user input is not sanitized in the browse_items.asp module and will allow an attacker to inject or manipulate SQL queries.
|
2004-02-18
|
Webstores 2000 browse_items.asp Search_Text Parameter SQL Injection
|
|
19853
Description:
Oracled9i Database Server contains multiple vulnerabilities that could lead to SQL injection, buffer overflows, denial of service, trigger abuse, or character set conversion bugs. This could result in a loss of integrity.
|
2004-02-18
|
Oracle9i Database Server Multiple Unspecified SQL Related Issues
|
|
3990
Description:
(Description Provided by CVE) : The Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying data from userspace to kernel space, which crosses security boundaries and allows local users to cause a denial of service.
|
2004-02-18
|
Linux Kernel Vicam USB Driver Insecure Userspace Access
|
|
3993
Description:
OWLS contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the glossaries/index.php not properly sanitizing user input supplied to the "file" variable.
|
2004-02-18
|
OWLS glossaries/index.php file Parameter Arbitrary File Access
|
|
4003
Description:
OWLS contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the multiplechoice/index.php not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "file" variable.
|
2004-02-18
|
OWLS multiplechoice/index.php Arbitrary File Access
|
|
4004
Description:
OWLS contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the readings/index.php not properly sanitizing user input supplied to the "filename" variable.
|
2004-02-18
|
OWLS readings/index.php Arbitrary File Access
|
|
4005
Description:
OWLS contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the resultsignore.php not properly sanitizing user input supplied to the "filename" variable.
|
2004-02-18
|
OWLS resultsignore.php Arbitrary File Access
|
|
4006
Description:
OWLS contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the glossary.php not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "editfile" variable.
|
2004-02-18
|
OWLS glossary.php Arbitrary File Access
|
|
4007
Description:
OWLS contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the newmultiplechoice.php not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "editfile" variable.
|
2004-02-18
|
OWLS newmultiplechoice.php Arbitrary File Access
|
|
3982
Description:
(Description Provided by CVE) : Buffer overflow in Purge Jihad 2.0.1 and earlier allows remote game servers to execute arbitrary code via an information packet that contains large (1) battle type and (2) map name fields.
|
2004-02-18
|
Purge Jihad Client Information Packet Overflow
|
|
4014
Description:
Jigsaw contains a non-descript flaw that may allow an attacker to access arbitrary files outside of the web root. The issue is due to improper sanity checking on remote URI requests. No further details have been provided.
|
2004-02-18
|
Jigsaw URI Parsing Unspecified Remote Issue
|
|
4022
Description:
Oracle9i Lite contains a flaw that may allow an authenticated, knowledgeable and malicious user to gain unauthorized access to a connected Oracle database server if the Oracle9i Lite Mobile Server is installed. This vulnerability is not exploitable by unauthenticated users of Oracle9i Lite Mobile Server. It is possible that the flaw may allow unauthorised access resulting in a loss of confidentiality and integrity.
|
2004-02-18
|
Oracle9i Lite Unauthorized Access Bypass
|
|
5950
Description:
DansGuardian contains a flaw that may allow an attacker to bypass the filter. The issue is due to the filter not properly handling URLs with "double dot" path notation (/../). With a specially crafted URL, the filter will not recognize it allowing it past any established rules.
|
2004-02-18
|
DansGuardian Double Dot Filter Bypass
|
|
7784
Description:
(Description Provided by CVE) : Unknown vulnerability in (1) duplicates.cgi and (2) buglist.cgi in Bugzilla 2.16.x before 2.16.6, 2.18 before 2.18rc1, when configured to hide products, allows remote attackers to view hidden products.
|
2004-02-18
|
Bugzilla duplicates.cgi Hidden Product Disclosure
|
|
7785
Description:
(Description Provided by CVE) : Unknown vulnerability in (1) duplicates.cgi and (2) buglist.cgi in Bugzilla 2.16.x before 2.16.6, 2.18 before 2.18rc1, when configured to hide products, allows remote attackers to view hidden products.
|
2004-02-18
|
Bugzilla buglist.cgi Hidden Product Disclosure
|
|
12050
Description:
Unknown / Incomplete
|
2004-02-18
|
IRCnet IRCD channel.c m_part() Function Overflow DoS
|
|
15446
Description:
Online Store Kit contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'shop.php' script not properly sanitizing user-supplied input to the 'cat' variable. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database.
|
2004-02-17
|
Online Store Kit shop.php cat Parameter SQL Injection
|
|
15447
Description:
Online Store Kit contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'shop_by_brand.php' script not properly sanitizing user-supplied input to the 'cat_manufacturer' variable. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database.
|
2004-02-17
|
Online Store Kit shop_by_brand.php cat_manufacturer Parameter SQL Injection
|
|
15448
Description:
Online Store Kit contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'listing.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database.
|
2004-02-17
|
Online Store Kit listing.php id Parameter SQL Injection
|
|
23450
Description:
Unknown / Incomplete
|
2004-02-17
|
LinPHA Auto Create / Delete Thumbnail Public Permission Persistence
|
|
4001
Description:
Small ftpd contains a flaw that may allow a remote denial of service. The issue is triggered when multiple connections performing RETR commands with more than 463 slashes occur, and will result in loss of availability for the service.
|
2004-02-17
|
smallftpd Crafted RETR Command Remote Overflow DoS
|
