Monthly Archive: February 2005

Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X allows remote attackers to inject arbitrary web script or HTML via the (1) return_module, (2) return_action, (3) name, (4) module, or (5) record parameter. Date...

Multiple SQL injection vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to execute arbitrary SQL commands via the (1) parent or (2) sortposted parameter. Date published : 2005-02-10 http://www.securityfocus.com/bid/12114 http://marc.info/?l=bugtraq&m=110461644407935&w=2

Multiple cross-site scripting (XSS) vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) expand or (2) order parameter. Date published : 2005-02-10...

Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument. Date published : 2005-02-10 http://www-1.ibm.com/support/search.wss?rs=0&q=IY67124&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY67136&apar=only

Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument. Date published : 2005-02-10 http://www-1.ibm.com/support/search.wss?rs=0&q=IY66933&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY67750&apar=only

lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files. Date published : 2005-02-10 http://www-1.ibm.com/support/search.wss?rs=0&q=IY67457&apar=only...

Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to execute arbitrary code via a long packet to UDP port 41524, which is not properly handled...

Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows...

The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL. Date published : 2005-02-10 http://www.securityfocus.com/bid/12519 http://marc.info/?l=bugtraq&m=110815313218389&w=2

Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library. Date published : 2005-02-10 http://www.debian.org/security/2005/dsa-672 https://exchange.xforce.ibmcloud.com/vulnerabilities/19271

Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via "…/….///" sequences, which are not properly cleansed by regular expressions that are...

The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not...

The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with world or group write permissions, which...

Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic). Date published...