Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor. Date published : 2005-03-12 http://www.securityfocus.com/bid/9431 http://www.kb.cert.org/vuls/id/371470
Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service. Date published : 2005-03-12 http://www.kb.cert.org/vuls/id/636964 http://secunia.com/advisories/9541
Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service (service halt). Date published : 2005-03-12 http://www.kb.cert.org/vuls/id/195644 http://sunsolve.sun.com/search/document.do?assetkey=1-26-52102-1
Unknown vulnerability in Sun Management Center (SunMC) 2.1.1, 3.0, and 3.0 Revenue Release (RR), when installed and run by root, allows local users to create or modify arbitrary files. Date published : 2005-03-12 http://www.securityfocus.com/bid/7960...
Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model. Date published...
ScriptLogic 4.01, and possibly other versions before 4.14, uses insecure permissions for the LOGS$ share, which allows users to modify log records and possibly execute arbitrary code. Date published : 2005-03-12 http://www.securityfocus.com/bid/7476 http://www.kb.cert.org/vuls/id/813737
Services in ScriptLogic 4.01, and possibly other versions before 4.14, process client requests at raised privileges, which allows remote attackers to (1) modify arbitrary registry entries via the ScriptLogic RPC service (SLRPC) or (2)...
Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server’s private key. Date published : 2005-03-12 http://www.securityfocus.com/bid/9956 http://www.kb.cert.org/vuls/id/814198
SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets. Date published : 2005-03-12 http://www.kb.cert.org/vuls/id/333980 http://www.ssh.com/company/newsroom/article/476/
Buffer overflow in the SETI@home client 3.03 and other versions allows remote attackers to cause a denial of service (client crash) and execute arbitrary code via a spoofed server response containing a long string...
Buffer overflow in RealSystem Server 6.x, 7.x and 8.x, and RealSystem Proxy 8.x, related to URL error handling, allows remote attackers to cause a denial of service and possibly execute arbitrary code. Date published...
The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive...
SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows remote attackers to execute arbitrary SQL commands via the Number parameter. Date published : 2005-03-12 http://marc.info/?l=bugtraq&m=111056135818279&w=2
SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote attackers to execute arbitrary SQL commands via the articleid parameter to article.php. Date published : 2005-03-12 http://marc.info/?l=bugtraq&m=111049618519821&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/19660