Monthly Archive: September 2004

Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows local users to cause a denial of service via a series of deeply nested symlinks, which causes the kernel to spend extra time when...

Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters. Date published : 2004-09-01 http://www.securityfocus.com/bid/6795 http://marc.info/?l=bugtraq&m=100626531103946&w=2

DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder. Date...

Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check. Date published :...

Format string vulnerability in XChat 1.2.x allows remote attackers to execute arbitrary code via a malformed nickname. Date published : 2004-09-01 http://www.securiteam.com/exploits/5AP0Q2A4AQ.html https://exchange.xforce.ibmcloud.com/vulnerabilities/7416

Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to read arbitrary files via a webserver root directory set to system root. Date published : 2004-09-01 http://www.securityfocus.com/bid/2775 http://www.securityfocus.com/archive/1/186418

Cisco Hot Standby Routing Protocol (HSRP) allows local attackers to cause a denial of service by spoofing HSRP packets. Date published : 2004-09-01 http://www.securityfocus.com/bid/2684 http://archives.neohapsis.com/archives/bugtraq/2001-05/0035.html

Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing dangerous programs by making...

McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of packets to port 5045. Date published : 2004-09-01 http://www.securityfocus.com/bid/2726 http://archives.neohapsis.com/archives/bugtraq/2001-05/0158.html

Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable. Date published : 2004-09-01 http://www.securityfocus.com/bid/3081 http://marc.info/?l=bugtraq&m=99598918914068&w=2

Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option. Date published : 2004-09-01 http://www.securityfocus.com/bid/2656 http://archives.neohapsis.com/archives/bugtraq/2001-04/0475.html

Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093. Date published : 2004-09-01 http://www.securityfocus.com/bid/2581 http://archives.neohapsis.com/archives/bugtraq/2001-04/0217.html

Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests. Date published...

PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences. Date published : 2004-09-01 http://www.securityfocus.com/bid/2060 http://www.securityfocus.com/archive/1/149210