Monthly Archive: April 2002

Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments....

Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. Date published : 2002-04-18 http://marc.info/?l=bugtraq&m=98455723123298&w=2 http://www.debian.org/security/2001/dsa-089

Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. Date published : 2002-04-18 http://marc.info/?l=bugtraq&m=98438880622976&w=2 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000387

Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that resolves to a...

Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client. Date published : 2002-04-18 http://www.securityfocus.com/bid/4415 http://marc.info/?l=bugtraq&m=101780890326179&w=2

Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server. Date published : 2002-04-12...

Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump. Date published : 2002-04-12...

Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document’s object via a Notes API call (NSFDbReadObject) that directly accesses the object. Date...

LogWatch 2.5 allows local users to gain root privileges via a symlink attack, a different vulnerability than CVE-2002-0162. Date published : 2002-04-05 http://marc.info/?l=bugtraq&m=101787227513000&w=2 http://list.kaybee.org/archives/logwatch-announce/2002-March/000003.html

Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain...