Monthly Archive: May 2002

Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote attackers to bypass authentication with a 0 length...

Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server’s response to a TFTP broadcast and providing an alternate HoldMusic file. Date published : 2002-05-03 http://online.securityfocus.com/archive/1/202344 http://www.iss.net/security_center/static/6956.php

Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot. Date published : 2002-05-03...

Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload. Date published : 2002-05-03 http://online.securityfocus.com/archive/1/202344 http://www.iss.net/security_center/static/6953.php

Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server. Date published...

Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 allows remote attackers to execute arbitrary Javascript embedded in an email. Date published : 2002-05-03 http://www.securityfocus.com/bid/3082 http://online.securityfocus.com/archive/1/198495

kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the (1) /tmp/.kmmodreg_lock and (2) /tmp/kmpath.tmp temporary files. Date published : 2002-05-03 http://www.securityfocus.com/bid/2821 http://www.securityfocus.com/archive/1/188568

WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database. Date published : 2002-05-03 http://www.securityfocus.com/bid/3381 http://online.securityfocus.com/archive/1/217848

Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server,...

Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.ini file, which could allow local users to make long distance calls as other users. Date published : 2002-05-03...

vWebServer 1.2.0 allows remote attackers to cause a denial of service (hang) via a small number of long URL requests, possibly due to a buffer overflow. Date published : 2002-05-03 http://www.securityfocus.com/bid/2979 http://online.securityfocus.com/archive/1/194418

vWebServer 1.2.0 allows remote attackers to cause a denial of service via a URL that contains MS-DOS device names. Date published : 2002-05-03 http://www.securityfocus.com/bid/2978 http://online.securityfocus.com/archive/1/194418

vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts via a request for an ASP script that ends with a URL-encoded space character (%20). Date published : 2002-05-03 http://www.securityfocus.com/bid/2975 http://online.securityfocus.com/archive/1/194418

Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header...