Monthly Archive: March 2005

The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be...

The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are...

Stack consumption vulnerability in Microsoft Exchange Server 2003 SP1 allows users to cause a denial of service (hang) by deleting or moving a folder with deeply nested subfolders, which causes Microsoft Exchange Information Store...

Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode. Date published : 2005-03-13 http://www.securityfocus.com/bid/12750 http://seclists.org/lists/fulldisclosure/2005/Mar/0284.html

Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events. Date published : 2005-03-13 http://www.securityfocus.com/bid/12763 http://linux.bkbits.net:8080/linux-2.6/cset@422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html%7CChangeSet@-1d

newsscript.pl for NewsScript allows remote attackers to gain privileges by setting the mode parameter to admin. Date published : 2005-03-13 http://www.securityfocus.com/bid/12761

PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (memory exhaustion and process crash) via a large number of HTTP requests. Date published : 2005-03-13 http://archives.neohapsis.com/archives/fulldisclosure/2005-03/0216.html http://secway.org/advisory/ad20050104.txt

PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to determine the existence of files via an HTTP request with a full pathname, which produces different messages whether the file exists or not....

PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to obtain the full path of the web server via a request for a non-existent filename, which leaks the full path in an error...

PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to Filelist.html. Date published : 2005-03-13 http://archives.neohapsis.com/archives/fulldisclosure/2005-03/0216.html http://secway.org/advisory/ad20050104.txt

PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service via a request to a file on the floppy drive, as demonstrated using A:a.txt. Date published : 2005-03-13...

Format string vulnerability in Xpand Rally 1.1.0.0 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a message. Date published : 2005-03-13 http://aluigi.altervista.org/adv/xprallyfs-adv.txt http://www.securiteam.com/windowsntfocus/5DP0G00F5Q.html

Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long...

XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003, allows remote attackers to execute arbitrary commands via shell metacharacters in a request...