Monthly Archive: May 2003

3com OfficeConnect Remote 812 ADSL Router 1.1.7 does not properly clear memory from DHCP responses, which allows remote attackers to identify the contents of previous HTTP requests by sniffing DHCP packets. Date published :...

The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports. Date published : 2003-05-15 http://www.debian.org/security/2003/dsa-311...

Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated. Date published...

Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter. Date published : 2003-05-14 http://www.securityfocus.com/bid/7565 http://marc.info/?l=bugtraq&m=105286031812533&w=2

Buffer overflow in the file & folder transfer mechanism for IP Messenger for Win 2.00 through 2.02 allows remote attackers to execute arbitrary code via file with a long filename, which triggers the overflow...

Cross-site scripting (XSS) vulnerability in Movable Type before 2.6, and possibly other versions including 2.63, allows remote attackers to insert arbitrary web script or HTML via the Name textbox, possibly when the "Allow HTML...

SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable. Date published : 2003-05-14 http://www.securityfocus.com/bid/35764 http://www.securityfocus.com/bid/7549

IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay...

Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde...

Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a "

Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence. Date published : 2003-05-14 http://www.securityfocus.com/bid/7550...

Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling...

Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands. Date published : 2003-05-14 http://www.securityfocus.com/bid/7547 http://www.securityfocus.com/bid/7548

Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using (1) the viewlink function and cid parameter, or...