|
Jan 6 2002
|
Hosting Controller Windows-based Web Hosting Management Software Lets Remote Users Establish Administrator Accounts and Upload and Execute Arbitrary Code on the Server
|
|
Jan 5 2002
|
FreeBSD pw(8) Password and Group Management Utility Has a Temporary File Access Control Error That May Allow Local Users to View the 'master.passwd' File Contents
|
|
Jan 5 2002
|
eXtended Account Managing Software (XAMS) E-mail Account Management Software Has Access Control Flaw That May Let Remote Administrators Edit Users and Aliases Belonging to Other Administrators
|
|
Jan 5 2002
|
TCL File Server May Disclose Files to Remote Users
|
|
Jan 5 2002
|
Geeklog Web-based Community Portal Software May Let a Remote User Obtain Administrative Priviliges on the Application
|
|
Jan 5 2002
|
PHPFileExchange Web-Based File Storage System Has Access Control Bug That Allows Remote Users With Valid Accounts to Upload Files to Read-Only Directories
|
|
Jan 5 2002
|
Cisco uBR900 Series Cable Routers May Give Remote Users Read/Write Control of the Router
|
|
Jan 5 2002
|
'Tasked' PHP-based Task List Application Permission Flaw Lets Valid Users View Other User's Tasks
|
|
Jan 5 2002
|
Pkg_add Software Installation Utility Directory Permission Error May Let Local Users Obtain Elevated Privileges on the Host
|
|
Jan 4 2002
|
Microsoft Internet Explorer (IE) May Allow Malicious Javascript to Poll a User's System for Known Files
|
|
Jan 4 2002
|
PHP.EXE Windows CGI for Apache Web Server May Let Remote Users View Files on the Server Due to Configuration Error
|
|
Jan 3 2002
|
(Patches Are Available) Re: Smcboot Component of Solaris Management Console Lets Local Users Damage the System When the System Boots
|
|
Jan 3 2002
|
(Newer Versions Fix the Flaw) Re: Mozilla Personal Security Manager Uses Unsafe Temporary Files and May Allow Local Users to Overwrite Critical Files on the Server
|
|
Jan 2 2002
|
Microsoft Internet Explorer GetObject() Active Scripting Bug Lets Remote Code Access Files on the PC
|
|
Jan 1 2002
|
(A User Provides a Workaround) Re: ActivePerl for Windows Discloses Directory Path Location to Remote Users
|
|
Jan 1 2002
|
Ipswitch IMail Server Access Control Flaw Lets Remote Administrators for One Hosted Domain Access Administrator Functions for a Different Hosted Domain
|
|
Dec 31 2001
|
Zml.cgi Markup Language Processor Discloses Files on the Server to Remote Users
|
|
Dec 31 2001
|
Mac OS X PPP Utility Discloses PPP Configuration Username and Password to Local Users
|
|
Dec 29 2001
|
ActivePerl for Windows Discloses Directory Path Location to Remote Users
|
|
Dec 29 2001
|
Cherokee Web Server Discloses Any File Located on the Web Server to Remote Users
|
|
Dec 29 2001
|
Oracle Application Server Web Cache Installation File Permission Error Lets Local Users Obtain Elevated Privileges
|
|
Dec 29 2001
|
PHP Rocket Add-in for FrontPage Discloses Files on the Server to Remote Users
|
|
Dec 28 2001
|
Smcboot Component of Solaris Management Console Lets Local Users Damage the System When the System Boots
|
|
Dec 27 2001
|
ELSA Lancom Router Discloses the Administrator Password to Remote Users, Allowing Them to Change the Router's Configuration and Upload Modified Firmware
|
|
Dec 27 2001
|
(Centra Issues Fix) Re: CentraOne Training and Collaboration Software Discloses Passwords to Local Users
|
|
Dec 27 2001
|
Mozilla Personal Security Manager Uses Unsafe Temporary Files and May Allow Local Users to Overwrite Critical Files on the Server
|
|
Dec 23 2001
|
Microsoft Windows XP Remote Desktop Client May Disclose Recently Used Account Names to Remote Users
|
|
Dec 22 2001
|
Microsoft Excel Password Protection Flaw Lets Local Users Obtain Contents of Password-Protect Cells
|
|
Dec 22 2001
|
Plesk Server Administrator (PSA) Discloses PHP Source Code to Remote Users
|
|
Dec 21 2001
|
D-Link DWL-1000AP Wireless Access Point SNMP Flaw Discloses the Administrator Password
|
|
Dec 20 2001
|
(A User Reports That a Fix is Available) Re: Novell NetWare Enterprise Web Server Discloses the Contents of Any File to Remote Users, Including the Console Password
|
|
Dec 20 2001
|
(Trustix Issues Fix) OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
|
|
Dec 19 2001
|
(HP Issues Notice for HP Secure OS for Linux) Ghostscript Postscript Interpreter Lets Local Users Read Files on the System
|
|
Dec 19 2001
|
Magic Enterprise Edition Application Environment Lets Local Users Obtain Root Privileges and May Give Remote Users Access to the System
|
|
Dec 19 2001
|
Novell NetWare Enterprise Web Server Discloses the Contents of Any File to Remote Users, Including the Console Password
|
|
Dec 18 2001
|
Qualcomm's Eudora Qpopper 'popauth' Module Symlink Bug May Let Local Users Obtain Elevated Privileges on the Server
|
|
Dec 18 2001
|
Microsoft Windows XP Hot Key Function Lets Physically Local Users Execute Administrator Hot Key Functions in Certain Situations
|
|
Dec 17 2001
|
XSane Image Scanning Front End May Allow Local Users to Cause Sensitive Files to Be Overwritten
|
|
Dec 17 2001
|
CentraOne Training and Collaboration Software Discloses Passwords to Local Users
|
|
Dec 16 2001
|
Mailto.exe CGI Script For Sending Mail Allows Remote Users to Send SPAM
|
|
Dec 15 2001
|
Microsoft Internet Explorer Version 6 Lets Remote Scripts Access and Send Local Files
|
|
Dec 14 2001
|
Html2Wml Conversion Tool Allows Remote Users to View Files on the System
|
|
Dec 14 2001
|
Microsoft Windows Explorer Discloses Stored FTP Passwords to Local Users
|
|
Dec 14 2001
|
(Mandrake Issues Fix) Re: OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
|
|
Dec 14 2001
|
KDE 'kdeutils' Contains Vulnerable 'klprfax_filter' FAX Application That May Let Local Users Overwrite Files With the Permissions of Another User
|
|
Dec 14 2001
|
(Microsoft Issues Fix) Microsoft Internet Explorer May Execute Javascript Contained Within an 'About:' URL in an Unauthorized Security Domain When the URL Contains an Extraneous '%' Character
|
|
Dec 13 2001
|
EFTP File Transfer Server Discloses All Directory Contents to Remote Users With Accounts on the Server
|
|
Dec 13 2001
|
(Conectiva Issues Fix) OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
|
|
Dec 13 2001
|
(Vendor Issues Patch) Re: Platform Computing's Platform LSF Load Sharing Application Contains Multiple Flaws, Disclosing Files to Local Users, Giving Local Users Root Access, and Crashing When Remote Users Send Malformed Packets
|
|
Dec 13 2001
|
(Caldera Issues Fix) OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
|
|
Dec 13 2001
|
IBM WebSphere Discloses Administration Server 'Root' Password to Local Users
|
|
Dec 13 2001
|
Util-linux Package Contains 'Script' Command With Hard Link Flaw That May Let Local Users Overwrite Any File on the System in Certain Situations
|
|
Dec 12 2001
|
(HP Issues Fix for HP Secure OS for Linux) OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
|
|
Dec 12 2001
|
(Caldera Issues Revised Fix) Caldera OpenServer (SCO) Kernel Flaw May Let Local Users Execute Arbitrary Code
|
|
Dec 12 2001
|
Microsoft Internet Explorer May Execute Javascript Contained Within an 'About:' URL in an Unauthorized Security Domain When the URL Contains an Extraneous '%' Character
|
|
Dec 11 2001
|
ZoneAlarm Firewall Fails to Block Outbound Packets From Alternate Protocol Stacks
|
|
Dec 11 2001
|
Tiny Personal Firewall Fails to Block Outbound Packets From Alternate Protocol Stacks
|
|
Dec 11 2001
|
(Vendor Cannot Reproduce Claim) Re: Microsoft Windows 2000 RunAs Utility May Disclose Sensitive Information to Local Users
|
|
Dec 11 2001
|
(The Vendor Questions The Risk Due to this Vulnerability) Re: Microsoft Windows 2000 RunAs Service May Disclose Authentication Credentials to Local Users
|
|
Dec 9 2001
|
McKesson's Pathways Homecare Medical Application Discloses Passwords to Local Users
|
|
Dec 8 2001
|
Kebi Webmail Server Gives Remote Users Access to Administrative Functions Via a 'Hidden' URL
|
|
Dec 8 2001
|
(Vendor Responds) Re: Platform Computing's Platform LSF Load Sharing Application Contains Multiple Flaws, Disclosing Files to Local Users, Giving Local Users Root Access, and Crashing When Remote Users Send Malformed Packets
|
|
Dec 7 2001
|
(Vendor Issues Patch) Re: Allaire's JRun Java Server Discloses JSP Source Code to Remote Users When Used As a Connector With Commercial Web Servers
|
|
Dec 7 2001
|
(Vendor Issues Patch) Re: Allaire JRun Java Server Discloses Web Server Directory Contents to Remote Users Requesting URLs Containing '%3f.jsp'
|
|
Dec 6 2001
|
Caldera Open UNIX and UnixWare Dtsession Bug May Let Local Users Grab Elevated Privileges
|
|
Dec 6 2001
|
(HP Issues Fix for HP Secure OS for Linux) Linux Kernel Ptrace Flaw Lets Local Users Obtain Root Level Privileges on the Host
|
|
Dec 6 2001
|
WindowMaker TV (wmtv) for Linux Lets Local Users Execute Commands With Root Level Privileges
|
|
Dec 5 2001
|
Platform Computing's Platform LSF Load Sharing Application Contains Multiple Flaws, Disclosing Files to Local Users, Giving Local Users Root Access, and Crashing When Remote Users Send Malformed Packets
|
|
Dec 5 2001
|
(Debian Issues Fix) OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
|
|
Dec 5 2001
|
(Debian Issues Fix) Icecast Audio Broadcasting Server Discloses MP3 Files Located Anywhere on the Installed Drive to Remote Users and Can Be Crashed Remotely
|
|
Dec 5 2001
|
(Red Hat Issues Fix) OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
|
|
Dec 4 2001
|
(FreeBSD Issues Fix With Corrected Patch Instructions) OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
|
|
Dec 4 2001
|
OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
|
|
Dec 4 2001
|
Red Hat APMD Power Management Package Temporary File Symlink Vulnerability May Allow a Local User to Conduct Some Types of Denial of Service Attacks
|
|
Dec 3 2001
|
(SuSE Issues Fix) OpenSSH May Fail to Properly Restrict IP Addresses in Certain Configurations
|
