| OSVDB ID | Disclosure Date | Title |
|---|
|
13191
Description:
Cisco IOS contains a flaw that may allow a remote denial of service. The issue is triggered when a certain Multi Protocol Label Switching (MPLS) packet is received, and will result in loss of availability for the platform.
|
2005-01-26
|
Cisco IOS Multi Protocol Label Switching (MPLS) Packet Remote DoS
|
|
13233
Description:
(Description Provided by CVE) : The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.
|
2005-01-26
|
SCO UnixWare X.Org Local Socket Hijacking
|
|
13268
Description:
Unknown / Incomplete
|
2005-01-25
|
Logwatch logrotate on Red Hat Log Analysis Oversight
|
|
13227
Description:
(Description Provided by CVE) : Buffer overflow in LTris before 1.0.10 allows local users to execute arbitrary code via a crafted highscores file.
|
2005-01-25
|
LTris Global Highscores File Overflow
|
|
13160
Description:
A remote overflow exists in Evolution. Evolution contains a flaw in the camel-lock-helper application resulting in an integer overflow. With a specially crafted request, a malicious, local user or POP3 server can execute arbitrary code with the privileges of the camel-lock-helper application resulting in a loss of integrity.
|
2005-01-25
|
Evolution camel-lock-helper Local Integer Overflow
|
|
13198
Description:
Unknown / Incomplete
|
2005-01-25
|
Search and Replace Long ZIP Filename Overflow
|
|
13199
Description:
A format string flaw exists in gpsd. The gpsd_report() function fails to validate string data received on TCP port 2947. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2005-01-25
|
Berlios gpsd gpsd_report() Function Format String
|
|
13174
Description:
(Description Provided by CVE) : vdr before 1.2.6 does not securely create files, which allows attackers to overwrite arbitrary files.
|
2005-01-25
|
Multiple Linux vdr Arbitrary File Overwrite
|
|
13200
Description:
(Description Provided by CVE) : The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline.
|
2005-01-25
|
SCO OpenServer scosession Local Privilege Escalation
|
|
13171
Description:
Solaris contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the pntadm utility fails to validate the LD_LIBRARY_PATH variable, allowing a mailicious local user to specify alternate libraries, and execute arbitrary code as root by then running the pntadm utility. This flaw may lead to a loss of integrity.
|
2005-01-25
|
Solaris DHCP Admin Utility pntadm Arbitrary Code Execution
|
|
13172
Description:
Sun Solaris DHCP Administration Utility contains a flaw that may allow a malicious user to execute commands with root privleges. The issue is triggered when a user specifies an alternate path for the environment variable LD_LIBRARY_PATH causing the service to crash and abitrary code to be run. It is possible that the flaw may allow root access resulting in a loss of system integrity.
|
2005-01-25
|
Solaris DHCP Admin Utility Arbitrary Code Execution
|
|
13173
Description:
Unknown / Incomplete
|
2005-01-25
|
Solaris DHCP Admin Utility dhcpmgr Arbitrary Code Execution
|
|
13188
Description:
Exponent CMS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'module' variable upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-01-25
|
Exponent CMS index.php module Parameter XSS
|
|
13189
Description:
(Description Provided by CVE) : Exponent 0.95 allows remote attackers to obtain sensitive information via a direct HTTP request to (1) search.info.php, (2) permissions.info.php, (3) security.info.php, (4) formcontrol.php, or (5) file_modules.php, which reveals the path in an error message because the pathos_core_version variable is undefined.
|
2005-01-25
|
Exponent CMS Multiple Script pathos_core_version Variable Path Disclosure
|
|
13190
Description:
Exponent CMS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'module' variable upon submission to the 'mod.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-01-25
|
Exponent CMS mod.php module Parameter XSS
|
|
13159
Description:
zhcon contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when zhcon accesses a configuration file supplied by the user with escalated privileges occurs, which will disclose arbitrary files information resulting in a loss of confidentiality.
|
2005-01-25
|
zhcon Arbitrary File Disclosure
|
|
13346
Description:
(Description Provided by CVE) : Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
|
2005-01-25
|
Squid HTTP Response Splitting Cache Poisoning
|
|
13205
Description:
iChain contains a flaw that may allow a malicious user to gain unauthorized access. The issue is triggered when an attacker generates a user certificate signed by ANY iChain appliance's ICS_TREE CA. It is possible that the flaw may allow unauthorized access to protected devices resulting in a loss of integrity.
|
2005-01-25
|
Novell iChain Mutual Authentication ICS_TREE CA Arbitrary Appliance Access
|
|
13175
Description:
BIND contains a flaw that may allow a remote denial of service. The issue is triggered by an error within the authvalidated() function, and will result in loss of availability for the service.
|
2005-01-25
|
ISC BIND dnssec authvalidated Crafted Packet Remote DoS
|
|
13176
Description:
A remote overflow exists in BIND. The q_usedns can be overrun resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service resulting in a loss of availability.
|
2005-01-25
|
ISC BIND q_usedns Array Remote Overflow DoS
|
|
13180
Description:
Mac OS X contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the batch command fail to drop root privileges, and run user-specified commands as root. By passing the -f argument to the command, a malicious user could execute and/or read arbitrary files resulting in a loss of integrity.
|
2005-01-25
|
Apple Mac OS X at Package batch Command Privilege Escalation
|
|
13181
Description:
A local overflow exists in Mac OS X. The ColorSync component fails to validate ICC color profiles resulting in a heap overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2005-01-25
|
Apple Mac OS X ColorSync ICC Profile Heap Overflow
|
|
13182
Description:
Mac OS X contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when information about the local Ethernet card is used to build the Message-ID header, which will disclose whether any email originated from the same computer resulting in a loss of confidentiality.
|
2005-01-25
|
Max OS X Mail GUUID Mail Header Information Disclosure
|
|
13186
Description:
(Description Provided by CVE) : The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
|
2005-01-25
|
Perl DBI Library (libdbi-perl) DBI::ProxyServer Module Insecure Temporary File Creation
|
|
14932
Description:
Mac OS X contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the atrm command fail to drop root privileges, and run user-specified commands as root, which may allow a malicious user to delete arbitrary files resulting in a loss of integrity.
|
2005-01-25
|
Apple Mac OS X at Package atrm Command Privilege Escalation
|
|
13301
Description:
Unknown / Incomplete
|
2005-01-24
|
RealPlayer Malformed .ra File DoS
|
|
26540
Description:
Unknown / Incomplete
|
2005-01-24
|
WikkaWiki usersettings.php Unspecified Minor Issue
|
|
13184
Description:
MoinMoin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a user performs a full text search, which will return results without respect for any ACLs set on the result pages, and will grant users access to pages that would otherwise be unavailable resulting in a loss of confidentiality.
|
2005-01-24
|
MoinMoin Full-Text Search ACL Security Bypass
|
|
13185
Description:
(Description Provided by CVE) : Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a password.
|
2005-01-24
|
Spectrum Cash Receipting System Weak Password Encryption
|
|
13169
Description:
A local overflow exists in W32Dasm. When importing or exporting functions, the program uses a buffer size of 256, and fails to validate length of the input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2005-01-24
|
URSoft W32Dasm Import/Export Function Local Overflow
|
|
13137
Description:
FireHOL contains a flaw that may allow a malicious user to overwrite arbitrary files on the system. The issue is due to various temporary files being created insecurely. It is possible that the flaw may allow an attacker to use symlink attacks to overwrite arbitrary files on the system with the privileges of the user running the script, resulting in a loss of integrity.
|
2005-01-24
|
FireHOL Symlink Arbitrary File Overwrite
|
|
13347
Description:
The 'quicktime.qts' component in Apple QuickTime contains a flaw that may allow a remote denial of service. The issue is triggered when parsing QuickTime image files (.qtif) with incomplete headers. By creating a malformed image file, a remote attacker could cause a Web browser or PictureViewer to crash, resulting in a loss of availability.
|
2005-01-24
|
Apple QuickTime Malformed qtif Image Parsing DoS
|
|
13163
Description:
A remote overflow exists in IDA PRO. IDA PRO fails to perform proper bounds checking within the Portable Executable import directory library resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2005-01-24
|
Multiple Vendor Portable Executable Import Directory Library Name Overflow
|
|
13138
Description:
WorkCentre Pro contains a flaw that may allow a malicious user to gain unauthorized access to arbitrary files. The issue is due to an input validation error in the ESS/ Network Controller within the PostScript file interpretation code. It is possible that the flaw may allow disclosure of the arbitrary files (e.g. encrypted password file) via a specially crafted PostScript file containing directory traversal characters (../), resulting in a loss of confidentiality.
|
2005-01-24
|
XEROX WorkCentre Pro PostScript Traversal Arbitrary File Access
|
|
13262
Description:
(Description Provided by CVE) : MercuryBoard 1.1.1 allows remote attackers to gain sensitive information via an HTTP request with the n parameter set to 0, which causes a divide-by-zero error and reveals the path in the resulting error message.
|
2005-01-24
|
MercuryBoard global.php num Parameter Multiple Script Path Disclosure
|
|
13263
Description:
MercuryBoard contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 's', 'to', or 're' parameters upon submission to the 'pm.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-01-24
|
MercuryBoard pm.php Multiple Parameter XSS
|
|
13264
Description:
Mercuryboard contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not properly validate the 'l' parameter upon submission to the 'members.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-01-24
|
MercuryBoard members.php l Parameter XSS
|
|
13265
Description:
MercuryBoard contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 's' or 't' parameters upon submission to the 'post.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-01-24
|
MercuryBoard post.php Multiple Parameter XSS
|
|
13266
Description:
Mercuryboard contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not properly validate the 's' variable upon submission to the 'cp.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-01-24
|
MercuryBoard cp.php s Parameter XSS
|
|
13267
Description:
MercuryBoard contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 't' and 'qu' variable in the post.php script is not verified properly and will allow an attacker to inject or manipulate SQL queries.
|
2005-01-24
|
MercuryBoard post.php Multiple Parameter SQL Injection
|
