Cross-site scripting (XSS) vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to inject arbitrary web script or HTML via certain integer variables. Date published : 2005-02-06 http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html http://marc.info/?l=bugtraq&m=110702772714662&w=2
PHP remote file inclusion vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that...
Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long string without a newline character. Date published : 2005-02-06 http://www.securityfocus.com/bid/12418 http://marc.info/?l=bugtraq&m=110746336728781&w=2
The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to...
prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, allows remote attackers to inject local code into the SquirrelMail code via custom preference handlers. Date published : 2005-02-06 http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html http://marc.info/?l=bugtraq&m=110702772714662&w=2
The f2 shell script in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files. Date published : 2005-02-06 http://www.securityfocus.com/bid/12380 http://www.debian.org/security/2005/dsa-661
The f2c translator in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files. Date published : 2005-02-06 http://www.securityfocus.com/bid/12380 http://www.debian.org/security/2005/dsa-661
Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious NetWare servers to execute arbitrary code on the NetWare client. Date published : 2005-02-06 http://www.securityfocus.com/bid/12400 ftp://platan.vc.cvut.cz/pub/linux/ncpfs/Changes-2.2.6
nwclient.c in ncpfs before 2.2.6 does not drop root privileges before executing utilities using the NetWare client functions, which allows local users to gain privileges. Date published : 2005-02-06 http://www.securityfocus.com/bid/12400 ftp://platan.vc.cvut.cz/pub/linux/ncpfs/Changes-2.2.6