Monthly Archive: March 2005

Microsoft Office InfoPath 2003 SP1 includes sensitive information in the Manifest.xsf file in a custom .xsn form, which allows attackers to obtain printer and network information, obtain the database name, username, and password, or...

The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start. Date published : 2005-03-20 http://www.securityfocus.com/bid/12831 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971038.htm

Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters. Date published : 2005-03-20 http://securitytracker.com/id?1013446 https://exchange.xforce.ibmcloud.com/vulnerabilities/19725

Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache...

Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges. Date published : 2005-03-20 http://www.securityfocus.com/bid/12838 http://securitytracker.com/id?1013462

Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem. Date published : 2005-03-20...

Unknown vulnerability in lshd in Lysator LSH 1.x and 2.x before 2.0.1 allows remote attackers to cause a denial of service via unknown vectors. Date published : 2005-03-20 http://www.debian.org/security/2005/dsa-717 http://lists.lysator.liu.se/pipermail/lsh-bugs/2005q1/000328.html

Buffer overflow in Initial Redirect (ir) Squid Proxy Plug-In 0.1 and 0.2 may allow attackers to cause a denial of service and execute arbitrary code via unknown vectors. Date published : 2005-03-20 http://www.securityfocus.com/bid/12827 http://www.vanheusden.com/ir/

The web interface in NotifyLink 3.0 displays passwords in cleartext on the administrative page, which could allow remote attackers or local users to obtain sensitive information. Date published : 2005-03-20 http://www.securityfocus.com/bid/12843 http://www.kb.cert.org/vuls/id/770532

The web interface in NotifyLink 3.0 does not properly restrict access to functions that have been disabled in the GUI, which allows remote authenticated users to bypass intended restrictions via a direct request to...

SQL injection vulnerability in NotifyLink before 3.0 allows remote attackers to execute arbitrary SQL commands via the URL. Date published : 2005-03-20 http://www.securityfocus.com/bid/12843 http://www.kb.cert.org/vuls/id/264097

NotifyLink, when configured for client key retrieval, allows remote attackers to obtain AES keys via a direct request to /hwp/get.asp, then uses a weak encryption scheme (fixed byte reordering) to protect the key, which...

Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007. Date published : 2005-03-20 http://www.securityfocus.com/bid/12795 http://www.kb.cert.org/vuls/id/204710

Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID...