SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name. Date...
Mantis 0.17.5 and earlier stores its database password in cleartext in a world-readable configuration file, which allows local users to perform unauthorized database operations. Date published : 2003-07-04 https://www.debian.org/security/2003/dsa-335
Caché Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows local users to execute arbitrary code by adding server-side scripts that are executed with root privileges. Date published : 2003-07-04 https://www.intersystems.com/support-learning/support/product-news-alerts/support-alerts-2003/ http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=7
Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs. Date published : 2003-07-04 https://www.intersystems.com/support-learning/support/product-news-alerts/support-alerts-2003/ http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=7
The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows local users to create or overwrite arbitrary files. Date published : 2003-07-04 http://marc.info/?l=bugtraq&m=105786393628728&w=2 http://www.debian.org/security/2003/dsa-331
Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable. Date published : 2003-07-04 http://www.debian.org/security/2003/dsa-334