| OSVDB ID | Disclosure Date | Title |
|---|
|
16208
Description:
Unknown / Incomplete
|
2005-05-01
|
IceWarp WebMail settings.html Signature Parameter XSS
|
|
16209
Description:
Unknown / Incomplete
|
2005-05-01
|
IceWarp WebMail calendarsettings.html Shared Calendars Parameter XSS
|
|
16210
Description:
(Description Provided by CVE) : Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to obtain the full path of the server via certain requests to (1) calendar_addevent.html, (2) calendar_event.html, or (3) calendar_task.html.
|
2005-05-01
|
IceWarp WebMail calendar_addevent.html id Variable Path Disclosure
|
|
16211
Description:
(Description Provided by CVE) : Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to obtain the full path of the server via certain requests to (1) calendar_addevent.html, (2) calendar_event.html, or (3) calendar_task.html.
|
2005-05-01
|
IceWarp WebMail calendar_event.html id Variable Path Disclosure
|
|
16212
Description:
(Description Provided by CVE) : Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to obtain the full path of the server via certain requests to (1) calendar_addevent.html, (2) calendar_event.html, or (3) calendar_task.html.
|
2005-05-01
|
IceWarp WebMail calendar_task.html id Variable Path Disclosure
|
|
16213
Description:
(Description Provided by CVE) : Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2, when the mailbox.dat file does not exist, allows remote authenticated users to determine if a file exists via the folder parameter to attachment.html.
|
2005-05-01
|
IceWarp WebMail attachment.html File Enumeration
|
|
16254
Description:
Mac OS X contains a flaw that may lead to an unauthorized information disclosure. The problem is that non-setuid root applications can't change the permissions of a pseudo terminal tty (pty), which may allow a malicious user to arbitrarily read other user's sessions resulting in a loss of confidentiality.
|
2005-05-01
|
Apple Mac OS X pty Permission Weakness
|
|
16047
Description:
Mtp Target contains a flaw that may allow a malicious user to cause a denial of service. The issue is caused by improper filtering of user-supplied input. A remote attacker could send a specially-crafted message to the game server and cause all connected user's games to crash, resulting in a loss of availability.
|
2005-05-01
|
Mtp Target Message Visualization Format String
|
|
16048
Description:
A remote overflow exists in Mtp Target. The NeL library fails to verify if the amount of memory to allocate, a user-supplied integer parameter, is less than 1,000,000 bytes. With a specially crafted request containing a negative value, an attacker can cause the server to allocate a large amount of memory through a call to STLport, resulting in a loss of availability of the server process.
|
2005-05-01
|
Mtp Target NeL Library STLport Remote DoS
|
|
16049
Description:
A remote overflow exists in GlobalSCAPE Secure FTP Server. The Secure FTP Server fails to perform adequate bounds checking of user-supplied input resulting in a buffer overflow. With a specially crafted request in the format "[3000 Bytes] \r\n" , an attacker can overwrite the EIP and SEH registers and execute arbitrary code on the system, resulting in a loss of integrity.
|
2005-05-01
|
GlobalSCAPE Secure FTP Server (gsftps) Command Parsing Remote Overflow
|
|
16067
Description:
04WebServer contains a flaw that allows a remote attacker to access arbitrary files outside the www root folder but not outside the 04webserver installation folder (C:\Program FilesWebServer). The issue is due to the application web server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the URI, resulting in a loss of confidentiality.
|
2005-05-01
|
04WebServer Traversal Arbitrary File Access
|
|
16302
Description:
HP OpenView Network Node Manager contains an unspecified flaw that may allow an attacker to remotely execute arbitrary privileged code or cause a denial of service. Compromise of OpenView Network Node Manager could give an attacker the means to access and compromise other systems managed by this application. No further details have been provided.
|
2005-05-01
|
HP OpenView Network Node Manager (OV NNM) Multiple Unspecified Issues
|
|
16456
Description:
(Description Provided by CVE) : Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash).
|
2005-05-01
|
FreeRADIUS rlm_sql.c sql_escape_func Function Overflow
|
|
16457
Description:
(Description Provided by CVE) : SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) group_membership_query, (2) simul_count_query, or (3) simul_verify_query configuration entries.
|
2005-05-01
|
FreeRADIUS rlm_sql.c radius_xlat Function SQL Injection
|
|
16171
Description:
Unknown / Incomplete
|
2005-05-01
|
GmailAgent Login Information Local Disclosure
|
|
17186
Description:
Gibraltar Firewall contains a flaw that may fail to detect some viruses. The issue is triggered when the clamav virus scanning plugin for squid has been updated to version 0.81, which removed the method formerly used to scan internal memory buffers for viruses. This causes clamav and Gibraltar to report that no virus has been found even if if the squid memory buffers contained a virus. It is possible that the flaw may allow viruses to pass through the firewall undetected resulting in a loss of integrity and/or availability.
|
2005-05-01
|
Gibraltar Firewall Clam AntiVirus (clamav) Scanning Failure
|
