Monthly Archive: May 2003

Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka...

Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message....

The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed...

BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, generates an "Account does not exist" error message when an invalid username is entered, which makes it easier for remote attackers to...

BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user names and passwords in plaintext in the blackmoon.mdb file, which can allow local users to gain privileges. Date published :...

Cross-site scripting (XSS) vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attackers to insert arbitrary script via the Search field. Date published : 2003-05-23 http://marc.info/?l=bugtraq&m=105353266220520&w=2

Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login names and passwords to gain privileges. Date published : 2003-05-23 http://archives.neohapsis.com/archives/bugtraq/2003-05/0230.html

Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests. Date published : 2003-05-23 http://marc.info/?l=bugtraq&m=105353178019353&w=2 http://marc.info/?l=bugtraq&m=105361764807746&w=2

Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests. Date published : 2003-05-23...

The ckconfig command in lsadmin for Load Sharing Facility (LSF) 5.1 allows local users to execute arbitrary programs by modifying the LSF_ENVDIR environment variable to reference an alternate lsf.conf file, then modifying LSF_SERVERDIR to...

Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora. Date...

rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec. Date published : 2003-05-23 http://marc.info/?l=bugtraq&m=105361968110719&w=2

BitchX IRC client 1.0c20cvs and earlier allows attackers to cause a denial of service (core dump) via certain channel mode changes that are not properly handled in names.c. Date published : 2003-05-23 http://www.securityfocus.com/bid/7551 http://marc.info/?l=bugtraq&m=105259643606984&w=2

Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define,...