Monthly Archive: September 2004

Microsoft Outlook 2002 allows remote attackers to cause a denial of service (repeated failure) via an email message with a certain invalid header field that is accessed using POP3, IMAP, or WebDAV, aka "E-mail...

Abuse 2.00 and earlier allows local users to gain privileges via command line arguments that specify alternate Lisp scripts that run at escalated privileges, which can contain functions that execute commands or modify files....

The Application Messaging Gateway for PeopleTools 8.1x before 8.19, as used in various PeopleSoft products, allows remote attackers to read arbitrary files via certain XML External Entities (XXE) fields in an HTTP POST request...

Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message. Date published : 2004-09-01 http://www.securityfocus.com/bid/6089 http://www.debian.org/security/2002/dsa-186

Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument. Date published : 2004-09-01 http://www.securityfocus.com/bid/6094 http://www.idefense.com/advisory/11.01.02.txt

Northern Solutions Xeneo Web Server 2.1.0.0, 2.0.759.6, and other versions before 2.1.5 allows remote attackers to cause a denial of service (crash) via a GET request for a "%" URI. Date published : 2004-09-01...

Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points...

Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format strings in the USER command....

SQL injection vulnerability in PHP-Nuke before 6.0 allows remote authenticated users to modify the database and gain privileges via the "bio" argument to modules.php. Date published : 2004-09-01 http://www.securityfocus.com/bid/6088 http://marc.info/?l=bugtraq&m=103616324103171&w=2

QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point...

The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments. Date...

Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests...

SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc. Date published : 2004-09-01 http://www.securityfocus.com/bid/6025 ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.41

NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed...