Monthly Archive: April 2003

xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges. Date published...

MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows local users to force the program to dump core via certain arguments, which could allow the users to read sensitive data or gain...

Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files. Date published : 2003-04-02 http://www.securityfocus.com/bid/4706 ftp://patches.sgi.com/support/free/security/advisories/20020504-01-I

netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions. Date published : 2003-04-02 http://www.securityfocus.com/bid/4682 ftp://patches.sgi.com/support/free/security/advisories/20020503-01-I

Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet’s length is less than the IP...

Cross-site scripting vulnerability in codeparse.php of Open Bulletin Board (OpenBB) 1.0.0 allows remote attackers to execute arbitrary script and steal cookies via Javascript in the IMG tag. Date published : 2003-04-02 http://www.securityfocus.com/bid/4171 http://marc.info/?l=bugtraq&m=101466092601554&w=2

Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag. Date published : 2003-04-02 http://www.securityfocus.com/bid/4192 http://marc.info/?l=bugtraq&m=101485184605149&w=2

FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets. Date published : 2003-04-02 http://marc.info/?l=bugtraq&m=101440113410083&w=2 http://www.iss.net/security_center/static/9968.php

SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall’s physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which...

The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack. Date...

gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work...

CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code via a .RVP file that creates a file with an arbitrary extension (such as .BAT), which is executed during a scan. Date published :...

Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey...

Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument. Date published : 2003-04-02 http://www.securityfocus.com/bid/4124 http://marc.info/?l=bugtraq&m=101413521417638&w=2