Monthly Archive: April 2003

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. Date...

xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges. Date published : 2003-04-15 http://www.kb.cert.org/vuls/id/111673 http://www.debian.org/security/2003/dsa-283

DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing...

decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites...

psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file. Date published : 2003-04-15 http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=188366 http://www.debian.org/security/2003/dsa-285

GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages. Date published : 2003-04-15 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000737 http://www.mandriva.com/security/advisories?name=MDKSA-2003:046

The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious...

The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or...

Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner. Date published : 2003-04-08 http://www.securityfocus.com/bid/6921 http://marc.info/?l=bugtraq&m=104610380126860&w=2

Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK). Date published : 2003-04-08 http://marc.info/?l=bugtraq&m=104940730819887&w=2 http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt

Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT...

vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended. Date published :...

Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names. Date published : 2003-04-03 http://marc.info/?l=bugtraq&m=104931360606484&w=2 http://marc.info/?l=bugtraq&m=105418115512559&w=2

A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each...