|
Oct 26 2001
|
Check Point FireWall-1/VPN-1 Management Functions Can Be Crashed By Remote Users Due to RDP Processing Flaw
|
|
Oct 26 2001
|
iBill Internet Commerce Billing System Uses Weak Authentication Method in the Default Configuration, Allowing Remote Users to Modify User Accounts on the System
|
|
Oct 26 2001
|
RSA SecurID ACE/Agent Software for Windows Can Be Forced into Debug Mode By Remote Users Without Authentication, Potentially Disclosing Information to Remote Users When Certain Programs Crash
|
|
Oct 26 2001
|
RSA SecurID ACE/Agent Unicode Vulnerability Lets Remote Users View Files and Possibly Execute Programs on the WebID Server Without Authenticating
|
|
Oct 26 2001
|
Deltathree's PC-to-Phone Application Discloses Passwords to Local Users
|
|
Oct 25 2001
|
RWhoisd Start of Authority Format String Bug Lets Local Users Execute Code and Gain Elevated Privileges on the System
|
|
Oct 25 2001
|
Webalizer Log File Analyzer Cross-Site Scripting Hole Allows Remote Users to Cause Arbitrary But Trusted Code to Be Executed By Another User When Viewing Webalizer Reports
|
|
Oct 24 2001
|
Red Hat Package Manager (RPM) Archives May Execute Arbitrary Code With Printer (lp) Privileges When Queried, Allowing a Local User to Gain Elevated Privileges on the Host
|
|
Oct 24 2001
|
Apache suEXEC Wrapper Fails to Observe Minimum Group ID Security Settings in Certain Situations
|
|
Oct 23 2001
|
Macintosh Cients Using Windows 2000 NTFS Volumes May Modify Directory Permissions in Certain Cases
|
|
Oct 23 2001
|
6tunnel IPv6 Tunneling Software Can Be Crashed By Local and Remote Users
|
|
Oct 23 2001
|
Check Point FireWall-1 SecuRemote VPN System Discloses Information About Valid Usernames
|
|
Oct 23 2001
|
Hotmail E-mail Service Allows Malicious Javascript to be Passed via the HTML Image Tag and Executed on the User's Browser
|
|
Oct 23 2001
|
HP Secure OS Software for Linux Has an Access Control Error in File System Protection Feature That Gives Local Users Unauthorized Access to Files
|
|
Oct 23 2001
|
Sun Java Runtime Environment (JRE) Flaw May Let Malicious Applets Gain Unauthorized Access to the System Clipboard
|
|
Oct 23 2001
|
SGI IRIX Operating System IGMP Protocol Error Lets Remote Users Cause a Kernel Panic
|
|
Oct 22 2001
|
Webmin Creates Insecure Temporary Files That Can Be Modified By Local Users to Cause Webmin to Execute Arbitrary Commands with Root Level Privileges
|
|
Oct 22 2001
|
Sun Solaris in.fingerd Discloses Complete List of All Account Names to Remote Users
|
|
Oct 22 2001
|
Lotus Notes E-mail Client Automatically Executes Arbitrary LotusScript Code
|
|
Oct 22 2001
|
Network Query Tool PHP Utility Lacks Metacharacter Filtering and Lets Remote Users Execute Arbitrary Commands on the Server
|
|
Oct 22 2001
|
Linux Kernel Quota Flaw Lets Local Users Exceed Quota Limits and Create Large Files
|
|
Oct 22 2001
|
Tomcat Java Server Fails to Apply Security Constraints to URLs in a Certain Format, Giving Remote Users Unauthorized Access
|
|
Oct 21 2001
|
nvi Text Editor Format String Flaw May Let Local Users Obtain Elevated Privileges
|
|
Oct 20 2001
|
Mountain Network Systems WebCart Lets Remote Users Execute Arbitrary Commands on the Web Server
|
|
Oct 20 2001
|
Microsoft Windows Me Universal Plug and Play (UPnP) Ssdpsrv.exe Server Component Can Be Crashed by Remote Users
|
|
Oct 20 2001
|
Mozilla Browser Will Return HTTP Cookies to an FTP Server at the Same Domain as the HTTP Server, Which Could Be a Different Domain if the HTTP Server is Hosting Virtual Domains
|
|
Oct 20 2001
|
Apple's Claris Emailer Buffer Overflow Lets Remote Users Crash the E-mail Client and May Allow Arbitrary Code to be Executed
|
|
Oct 20 2001
|
Microsoft Internet Explorer Has Fixed Security Zone for about: URLs and Has Shared Cookie Flaw That Diminishes Cross-Site Scripting Protections
|
|
Oct 20 2001
|
Microsoft Internet Explorer for Mac OS X is Configured to Automatically Execute Downloaded Files
|
|
Oct 19 2001
|
Several Network Looking Glass Scripts Disclose Potentially Sensitive Information About the Network to Remote Users
|
|
Oct 19 2001
|
gFTP Displays Passwords on the Screen in Plain Text
|
|
Oct 19 2001
|
Oracle9iAS Web Cache Allows Remote Users to Execute Arbitrary Code or Cause the Caching Process to Exit or Hang
|
|
Oct 19 2001
|
Microsoft Terminal Servers Can Be Crashed By Remote Users Sending Certain Remote Desktop Protocol (RDP) Packets
|
|
Oct 18 2001
|
Linux Kernel Ptrace Flaw Lets Local Users Obtain Root Level Privileges on the Host
|
|
Oct 18 2001
|
Linux Kernel Nested Symlink Dereferencing Flaw Lets Local Users Deny Service to Other Processes on the Host
|
|
Oct 18 2001
|
HP-UX OS for Itanium Processor Family Has Incorrect Permissions on All HP-UX Commands, Letting Local Users Obtain Elevated Privileges
|
|
Oct 18 2001
|
Mac OS X NetInfo Manager Lets Local Users Log in as Root Level Users
|
|
Oct 17 2001
|
Citrix MetaFrame Application Server Can Be Crashed By Remote Users Initiating Bogus Sessions with the Server
|
|
Oct 16 2001
|
Internet Explorer Sends Potentially Sensitive Web Browser Contents to Microsoft via the Network When an Error Occurs
|
|
Oct 16 2001
|
Microsoft Office XP Sends Potentially Sensitive Information to Microsoft Via the Network When an Error Occurs
|
|
Oct 16 2001
|
Dtaction Common Desktop Environment (CDE) Buffer Overflow in the Action Argument May Let Local Users Gain Elevated Privileges
|
|
Oct 16 2001
|
Caldera Open Unix Common Desktop Environment (CDE) Dt Utilities Have Buffer Overflows That Let Local Users Obtain Root Privileges on the Host
|
|
Oct 16 2001
|
Snes9x Super Nintendo Entertainment System Emulator Buffer Overflow Lets Local Users Execute Arbitrary Code and, on Some UNIX and Linux Systems, Obtain Root Level Access
|
|
Oct 16 2001
|
Trend Micro Office Scan (aka Virus Buster) Corporate Edition Discloses Passwords to Remote Users
|
|
Oct 16 2001
|
Novell GroupWise WebAccess Discloses Files to Remote Users
|
|
Oct 14 2001
|
Apache Web Server Virtual Hosting Split-Logfile Function Lets Remote Users Write Log Entries to Arbitrary Files on the System
|
|
Oct 13 2001
|
Post-Nuke Web Portal Software Authentication Flaw Lets Remote Users Access User Accounts Without Requiring the Password
|
|
Oct 12 2001
|
Ipswitch's IMail Server's Web Calendaring Function Has Buffer Overflow That Lets Remote Users Execute Arbitrary Code with System Level Privileges
|
|
Oct 12 2001
|
Ipswitch's IMail Server POP3 Daemon Discloses Information on Username Validity to Remote Users and Lets Valid Remote Users Change Account Names of Other Users
|
|
Oct 12 2001
|
Ipswitch's IMail Server Contains Multiple Flaws that Allow Remote Users to Access E-mail Accounts and Cause Denial of Service Conditions
|
|
Oct 11 2001
|
Progress Database PROTERMCAP and PROMSGS Errors Let Local Users Execute Arbitrary Code with Root Level Privileges
|
|
Oct 11 2001
|
Zope Dynamic Content Management Tool fmt Attribute Flaw Lets Remote Authenticated Users Call Unauthorized Methods
|
|
Oct 11 2001
|
PIX Firewall Manager Discloses PIX Firewall Passwords to Local Users
|
|
Oct 11 2001
|
Mac OS X Desktop Folder Security Permission Fix Fails on Certain 10.0.x to 10.1 Upgrades
|
|
Oct 11 2001
|
phpBB String Processing Bug Lets Remote Users Submit SQL Queries to the Database
|
|
Oct 11 2001
|
Open Projects Network Internet Relay Chat (IRC) Server Software Lets Remote Users Spoof DNS Hostnames
|
|
Oct 11 2001
|
Microsoft Internet Explorer (IE) Web Browser Has Multiple URL-related Flaws That May Allow for Remote Code Execution, Remote HTTP Request Generation, and Application of Incorrect Security Restrictions
|
|
Oct 11 2001
|
ht://Dig Search Engine Software Has Remote Denial of Service and Local Information Disclosure Bugs in htsearch
|
|
Oct 10 2001
|
UNIX Dtterm Terminal Emulator Utility Has Buffer Overflow That May Allow Local Users to Execute Arbitrary Code with Root Privileges
|
|
Oct 10 2001
|
Linux Kernel devfs Race Condition Lets Local Users Gain Root Level Privileges
|
|
Oct 10 2001
|
Linux 2.4 Kernel Netfilter iptables Firewall Software May Fail to Properly Drop Some Packets
|
|
Oct 10 2001
|
TYPSoft FTP Server for Microsoft Windows Can Be Crashed by Remote Users
|
|
Oct 10 2001
|
Advanced Poll PHP-based Voting/Polling Software Gives Remote Users Administrative Access to the Application
|
|
Oct 10 2001
|
Progress RDBMS Database System Has Multiple Vulnerabilities That Permit Local Users to Gain Root Level Access on the Host
|
|
Oct 9 2001
|
Cisco IOS Router Flaw in Processing Cisco Discovery Protocol (CDP) Messages Allows Remote Users on the Local Network to Cause the Device to Crash
|
|
Oct 9 2001
|
W3Mail Web Mail Front End Has Metacharacter Input Validation Flaw that Lets Authenticated Remote Users Execute Arbitrary Shell Commands on the Server
|
|
Oct 9 2001
|
Trillian Chat Application Can Be Crashed by Remote Users
|
|
Oct 9 2001
|
Symantec's LiveUpdate Component of Norton Anti-Virus and Other Products Fails to Use Integrity Mechanisms on Updates Allowing Remote Users to Conduct Denial of Service Attacks
|
|
Oct 8 2001
|
AOL Instant Messenger (AIM) Can Be Crashed by Remote Users
|
|
Oct 7 2001
|
ZorbStats PHP-based Web Statistics Generator Allows Remote Users to Execute Arbitrary Code on the Server
|
|
Oct 7 2001
|
Webodex PHP-based E-mail List Management Software Executes Remotely Supplied Code
|
|
Oct 7 2001
|
Gallery PHP-based Web Photo Gallery Software Permits Remote Users to Supply and Execute Arbitrary Code
|
|
Oct 7 2001
|
thatphpware PHP-based Web Portal Software Allows Remote Users to Execute Arbitrary Code
|
|
Oct 7 2001
|
SIPS PHP-based Web Log Tracking System Will Execute Remotely Supplied Arbitrary Code
|
|
Oct 7 2001
|
pSplash Web Portal Software Lets Remote Users Execute Arbitrary Code
|
