Monthly Archive: September 2003

SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remote attackers to gain privileges by decrypting the password that is returned by the server. Date published : 2003-09-06...

The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchnews to hang while...

Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument...

Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server. Date published : 2003-09-04 http://marc.info/?l=bugtraq&m=106260760211958&w=2 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000736

VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack. Date published : 2003-09-04 http://marc.info/?l=bugtraq&m=106029217115023&w=2 http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1106

The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of service (crash) via a long year parameter. Date published : 2003-09-04 http://marc.info/?l=bugtraq&m=106062021711496&w=2 http://marc.info/?l=bugtraq&m=106252188522715&w=2

The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library....

Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9.x and earlier allow remote attackers to execute arbitrary web script via (1) the day parameter in the calendar module, (2) the fatcat_id parameter in the fatcat...

SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and earlier allows remote attackers to execute arbitrary SQL queries, as demonstrated using the year parameter. Date published : 2003-09-04 http://marc.info/?l=bugtraq&m=106062021711496&w=2 http://marc.info/?l=bugtraq&m=106252188522715&w=2

Unknown vulnerability in the pam_filter mechanism in pam_ldap before version 162, when LDAP based authentication is being used, allows users to bypass host-based access restrictions and log onto the system. Date published : 2003-09-04...

Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 through 7.0, allow remote attackers to execute arbitrary web script and steal authentication credentials...

CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or...

CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a...

Buffer overflow in Microsoft Wordperfect Converter allows remote attackers to execute arbitrary code via modified data offset and data size parameters in a Corel WordPerfect file. Date published : 2003-09-04 http://marc.info/?l=bugtraq&m=106261952827573&w=2 http://marc.info/?l=bugtraq&m=106279971612961&w=2