Monthly Archive: February 2005

Unknown vulnerability in typespeed 0.4.1 and earlier allows local users to gain privileges. Date published : 2005-02-16 http://www.debian.org/security/2005/dsa-684

Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files. Date published : 2005-02-16...

Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute...

wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code....

wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget’s...

Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets. Date published : 2005-02-15 http://www.securityfocus.com/bid/12553 http://securitytracker.com/id?1013179

Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which...

Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows remote attackers to inject arbitrary HTML or web script via the domain name parameter (logindomain) in the login page. Date published : 2005-02-15 http://www.securityfocus.com/bid/12547 http://turtle.ee.ncku.edu.tw/openwebmail/doc/changes.txt

VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the rrdharan world-writable temporary directory, which allows local users to execute arbitrary code. Date published : 2005-02-15 http://security.gentoo.org/glsa/glsa-200502-18.xml

index.php in CubeCart 2.0.4 allows remote attackers to (1) obtain the full path for the web server or (2) conduct cross-site scripting (XSS) attacks via an invalid language parameter, which echoes the parameter in...

Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote attackers to read arbitrary files via the language parameter. Date published : 2005-02-15 http://www.securityfocus.com/bid/12549 http://marc.info/?l=bugtraq&m=110842125901191&w=2

Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ESD#1 allow remote authenticated users to execute arbitrary code via the (1) attrib_valid function, (2) covert function, (3) declare statement, or...

ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL. Date published : 2005-02-15 http://www.securityfocus.com/bid/12556 http://midas.psi.ch/elogs/Forum/941

Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with long file names. Date published : 2005-02-15 http://www.securityfocus.com/bid/12556 http://midas.psi.ch/elogs/Forum/941