Monthly Archive: May 2002

Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change information for other users by modifying the olduser parameter in the "Change User Information" web form. Date published :...

POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system. Date published : 2002-05-03 http://www.securityfocus.com/bid/3424 http://archives.neohapsis.com/archives/bugtraq/2001-10/0076.html

Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags. Date published : 2002-05-03 http://www.securityfocus.com/bid/3425 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-080.php3

MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking. Date published...

Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges. Date published : 2002-05-03

The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, when running on certain Intel CPUs, allows local users to cause a denial of service (system halt). Date published : 2002-05-03 http://ciac.llnl.gov/ciac/bulletins/l-045.shtml http://www.redhat.com/support/errata/RHSA-2001-013.html

wmtv 0.6.5 and earlier does not properly drop privileges, which allows local users to execute arbitrary commands via the -e (external command) option. Date published : 2002-05-03 http://www.securityfocus.com/bid/3658 http://www.debian.org/security/2001/dsa-092

Directory traversal vulnerability in rar 2.02 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) attack on archived filenames. Date published : 2002-05-03 http://online.securityfocus.com/archive/1/196445 http://www.security.nnov.ru/advisories/archdt.asp

Directory traversal vulnerability in the console version of PKZip (pkzipc) 4.00 and earlier allows attackers to overwrite arbitrary files during archive extraction with the -rec (recursive) option via a .. (dot dot) attack on...

Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the ‘/’ (slash) character. Date published : 2002-05-03 http://online.securityfocus.com/archive/1/196445 http://www.info-zip.org/pub/infozip/UnZip.html

Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename. Date published : 2002-05-03 http://online.securityfocus.com/archive/1/196445 http://www.info-zip.org/pub/infozip/UnZip.html

Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1.21 allows remote attackers to conduct unauthorized operations on arbitrary files via a .. (dot dot) attack. Date published : 2002-05-03 http://www.securityfocus.com/bid/3076 http://online.securityfocus.com/archive/1/198297

Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges. Date published : 2002-05-03 http://www.securityfocus.com/bid/3072 http://www.kb.cert.org/vuls/id/420475

telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers to cause a denial of service (crash) via a large number of characters to port 23, possibly due to a buffer overflow. Date published...