Monthly Archive: March 2005

Belkin 54G (F5D7130) wireless router enables SNMP by default in a manner that allows remote attackers to obtain sensitive information. Date published : 2005-03-22 http://www.securityfocus.com/bid/12846

Belkin 54G (F5D7130) wireless router allows remote attackers to access restricted resources by sniffing URIs from UPNP datagrams, then accessing those URIs, which do not require authentication. Date published : 2005-03-22 http://www.securityfocus.com/bid/12846

Cross-site scripting (XSS) vulnerability in PHP-Post before 0.33 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Date published : 2005-03-22 http://www.securityfocus.com/bid/12845 http://www.php-post.co.uk/index.php?s=content&p=download

PHP-Post allows remote attackers to spoof the names of other users by registering with a username containing hex-encoded characters. Date published : 2005-03-22 http://www.securityfocus.com/bid/12845 http://www.securityfocus.com/archive/1/393695

Multiple buffer overflows in Xzabite DYNDNSUpdate 0.6.15 and earlier, including the ipcheck function in dyndnsupdate.c, allow remote attackers who spoof a dyndns.org server to execute arbitrary code via unknown vectors. Date published : 2005-03-22...

Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the (1) user_name or (2) user_pass parameters. Date published :...

highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in...

Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans...

OllyDbg 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a dynamic link library (DLL) with a long filename. Date published : 2005-03-22 http://www.securityfocus.com/bid/12850 http://marc.info/?l=bugtraq&m=111125734701262&w=2

Buffer overflow in LTris before 1.0.10 allows local users to execute arbitrary code via a crafted highscores file. Date published : 2005-03-22 http://lgames.sourceforge.net/index.php?action=show_news&news_action=show_item&item_id=108 http://www.gentoo.org/security/en/glsa/glsa-200503-24.xml

Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences. Date published : 2005-03-22 http://www.gentoo.org/security/en/glsa/glsa-200503-23.xml http://bugs.gentoo.org/show_bug.cgi?id=84680

Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable. Date published...

AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box. Date published : 2005-03-22 http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html

The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges. Date published : 2005-03-22...