Monthly Archive: February 2005

Format string vulnerability in the Log_Resolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with DEBUG enabled, allows remote attackers to execute arbitrary code. Date published...

firehol.sh in FireHOL before 1.224 creates temporary files with predictable file names, which could allow local users to overwrite arbitrary files via a symlink attack. Date published : 2005-02-06 http://www.securityfocus.com/bid/12336 http://cvs.sourceforge.net/viewcvs.py/firehol/firehol/firehol.sh

Unknown vulnerability in HP-UX B.11.04 running Virtualvault 4.5 through 4.7, when running the TGA daemon, allows remote attackers to cause a denial of service via certain network traffic. Date published : 2005-02-06 http://marc.info/?l=bugtraq&m=110726808700080&w=2 http://secunia.com/advisories/14082/

The Software Development Kit (SDK) and Run Time Environment (RTE) 1.4.1 and 1.4.2 for Tru64 UNIX allows remote attackers to cause a denial of service (Java Virtual Machine hang) via object deserialization. Date published...

main.php in Gallery 2.0 Alpha allows remote attackers to gain sensitive information by changing the value of g2_subView parameter, which reveals the path in an error message. Date published : 2005-02-06 http://marc.info/?l=bugtraq&m=110608459222364&w=2 http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=147

Cross-site scripting (XSS) vulnerability in login.php in Gallery 2.0 Alpha allows remote attackers to inject arbitrary web script or HTML via the g2_form[subject] field. Date published : 2005-02-06 http://marc.info/?l=bugtraq&m=110608459222364&w=2 http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=147

Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 allows remote attackers to inject arbitrary web script or HTML via the username field. Date published : 2005-02-06 http://marc.info/?l=bugtraq&m=110608459222364&w=2 http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=147

Multiple cross-site scripting (XSS) vulnerabilities in Gallery 1.3.4-pl1 allow remote attackers to inject arbitrary web script or HTML via (1) the index field in add_comment.php, (2) set_albumName, (3) slide_index, (4) slide_full, (5) slide_loop, (6)...

ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL. Date published : 2005-02-06 http://sourceforge.net/project/shownotes.php?release_id=300116 http://seclists.org/lists/fulldisclosure/2005/Jan/0332.html

SQL injection vulnerability in index.php in Invision Community Blog allows remote attackers to execute arbitrary SQL commands via the eid parameter. Date published : 2005-02-06 http://www.securityfocus.com/bid/12205 http://marc.info/?l=bugtraq&m=110538277223800&w=2

Cross-site scripting (XSS) vulnerability in formmail.php in Woltlab Burning Board Lite 1.0.0, 1.0.1e, and possibly other versions, allows remote attackers to inject arbitrary web script and HTML via the userid parameter. Date published :...

Mozilla 1.6 and possibly other versions allows remote attackers to cause a denial of service (application crash) via a XBM (X BitMap) file with a large (1) height or (2) width value. Date published...

Directory traversal vulnerability in Simple PHP Blog (SPHPBlog) 0.3.7c allows remote attackers to read or create arbitrary files via a .. (dot dot) in the entry parameter. Date published : 2005-02-06 http://www.securityfocus.com/bid/12193 http://marc.info/?l=bugtraq&m=110512850603989&w=2

Directory traversal vulnerability in WinHKI 1.4d allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a zip file. Date published : 2005-02-06 http://www.securityfocus.com/bid/12176 http://marc.info/?l=bugtraq&m=110505334903257&w=2