Monthly Archive: March 2002

Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (e.g., GET /aux HTTP/1.0). Date...

Directory traversal vulnerability in Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remote attacker to read arbitrary files via a specially crafted URL which includes variations of a ‘..’ (dot dot)...

Omnicron Technologies OmniHTTPD Professional 2.08 and earlier allows a remote attacker to create a denial of service via a long POST URL request. Date published : 2002-03-09 http://www.securityfocus.com/bid/2730 http://archives.neohapsis.com/archives/bugtraq/2001-05/0131.html

Becky! 2.00.05 and earlier can allow a remote attacker to gain additional privileges via a buffer overflow attack on long messages without newline characters. Date published : 2002-03-09 http://www.securityfocus.com/bid/2723 http://archives.neohapsis.com/archives/bugtraq/2001-05/0089.html

Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript. Date published : 2002-03-09 http://www.securityfocus.com/bid/2637 http://marc.info/?l=bugtraq&m=98685237415117&w=2

Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KCMS_PROFILES environment variable, e.g. as demonstrated using the kcms_configure program. Date published : 2002-03-09...

kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument. Date published : 2002-03-09 http://www.securityfocus.com/bid/2558 http://archives.neohapsis.com/archives/bugtraq/2001-04/0140.html

Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to read arbitrary files via a ‘..’ (dot dot) attack in the template parameter. Date published : 2002-03-09 http://www.securityfocus.com/bid/2512 http://archives.neohapsis.com/archives/bugtraq/2001-03/0395.html

Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a ‘..’ (dot dot) attack. Date...

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary ‘jsp’ files via a malformed URL request which does not end with an HTTP protocol...

NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ ‘denial’ policy via specific traffic patterns. Date published : 2002-03-09 http://www.securityfocus.com/bid/2523 http://archives.neohapsis.com/archives/bugtraq/2001-03/0375.html

TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local attacker to recover the administrative credentials for ScanMail via a combination of unprotected registry keys and weakly encrypted passwords. Date published : 2002-03-09 http://archives.neohapsis.com/archives/ntbugtraq/2001-q1/0049.html http://www.osvdb.org/5581

Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long (>= 255 characters) URL request to port 8000 or port 9000. Date published : 2002-03-09 http://www.securityfocus.com/bid/2494 http://archives.neohapsis.com/archives/bugtraq/2001-03/0248.html

Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows a remote attacker to download arbitrary files via a ‘..’ (dot dot) in the URL. Date published : 2002-03-09 http://www.securityfocus.com/bid/2699 http://archives.neohapsis.com/archives/bugtraq/2001-05/0046.html