Monthly Archive: September 2004

Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors. Date published : 2004-09-01 http://www.securityfocus.com/bid/5985 http://www.ciac.org/ciac/bulletins/n-096.shtml

index.php in gBook 1.4 allows remote attackers to bypass authentication and gain administrative privileges by setting the login parameter to true. Date published : 2004-09-01 http://www.securityfocus.com/bid/6033 http://archives.neohapsis.com/archives/bugtraq/2002-10/0328.html

Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager. Date published : 2004-09-01 http://www.securityfocus.com/bid/6163 http://marc.info/?l=bugtraq&m=103712498905027&w=2

dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files. Date published : 2004-09-01 http://archives.neohapsis.com/archives/aix/2002-q4/0002.html http://www.securityfocus.com/bid/8802

Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. Date published : 2004-09-01 http://www.securityfocus.com/bid/6162 http://archives.neohapsis.com/archives/bugtraq/2002-11/0138.html

Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called." Date published :...

Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits,...

Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input. Date published : 2004-09-01 http://www.securityfocus.com/bid/6036 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-025.txt.asc

BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an HTTP request containing an extra / (slash). Date published : 2004-09-01 http://www.securityfocus.com/bid/6044 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0041.html

The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain...

Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the reports of other users by inferring the full URL, whose name is easily predictable. Date published : 2004-09-01 http://www.securityfocus.com/bid/6048 http://archives.neohapsis.com/archives/bugtraq/2002-10/0366.html

admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with modifed form fields such as "u". Date published : 2004-09-01 http://www.securityfocus.com/bid/6056 http://archives.neohapsis.com/archives/bugtraq/2002-10/0385.html

Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share. Date published : 2004-09-01 http://www.securityfocus.com/bid/5904 http://archives.neohapsis.com/archives/bugtraq/2002-10/0083.html

The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (resource exhaustion) via a GET request without the terminating /r/n/r/n (CRLF) sequence, which causes the...