Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port. Date published : 2004-09-01 http://www.securityfocus.com/bid/9421 http://www.securityfocus.com/archive/1/357834
Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code. Date published : 2004-09-01 http://www.securityfocus.com/bid/9382 http://archives.neohapsis.com/archives/bugtraq/2004-01/0063.html
Cisco Personal Assistant 1.4(1) and 1.4(2) disables password authentication when "Allow Only Cisco CallManager Users" is enabled and the Corporate Directory settings refer to the directory service being used by Cisco CallManager, which allows...
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a...
SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sensitive information via the eventid parameter. Date published : 2004-09-01 http://www.securityfocus.com/bid/9360 http://marc.info/?l=bugtraq&m=107340358202123&w=2
SQL injection vulnerability in register.php for Phorum 3.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the hide_email parameter. Date published : 2004-09-01 http://www.securityfocus.com/bid/9363 http://marc.info/?l=bugtraq&m=107340481804110&w=2
admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpinfo command. Date published : 2004-09-01 http://www.securityfocus.com/bid/9371 http://marc.info/?l=bugtraq&m=107340840209453&w=2
Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HTML and web script via the firstname parameter. Date published : 2004-09-01 http://www.securityfocus.com/bid/9369 http://marc.info/?l=bugtraq&m=107340840209453&w=2
PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php. Date published : 2004-09-01 http://marc.info/?l=bugtraq&m=107340840209453&w=2 http://www.osvdb.org/3403
jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands. Date published : 2004-09-01 http://www.securityfocus.com/bid/9397 http://www.debian.org/security/2004/dsa-420
The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files. Date published : 2004-09-01 http://www.securityfocus.com/bid/9387 http://www.debian.org/security/2004/dsa-419
vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL script, which allows local users to gain privileges. Date published : 2004-09-01 http://www.securityfocus.com/bid/9381 http://www.debian.org/security/2004/dsa-418
jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash). Date published : 2004-09-01 http://www.securityfocus.com/bid/9376 http://www.debian.org/security/2004/dsa-414
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code. Date published : 2004-09-01 http://www.securityfocus.com/bid/9377 http://www.ciac.org/ciac/bulletins/o-048.shtml