Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename argument of a PUT command. Date published : 2005-07-15 http://www.securityfocus.com/bid/14232 http://marc.info/?l=bugtraq&m=112119962704397&w=2
The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing. Date published...
SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL. Date published : 2005-07-14 http://www.securityfocus.com/bid/2150...
The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access...
violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters. Date published : 2005-07-14 http://www.securityfocus.com/bid/2272 http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html
SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter. Date published : 2005-07-14 http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html http://hispahack.ccc.de/mi020.html
upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables via an unknown method. Date published : 2005-07-14 http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html http://hispahack.ccc.de/mi020.html
code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary files in the phorum directory via the query string. Date published : 2005-07-14 http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html http://hispahack.ccc.de/mi020.html
Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to access restricted web pages via an HTTP request with the PHP_AUTH_USER parameter set to "boogieman". Date published : 2005-07-14 http://www.securityfocus.com/bid/2274 http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html
Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitrary files via ".." (dot dot) sequences in the default .langfile name field in the Master Settings administrative function, which causes the...
Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables. Date published : 2005-07-14 http://www.securityfocus.com/bid/2271 http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html
The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets. Date published : 2005-07-14 http://www.securityfocus.com/bid/3418...
The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing. Date published : 2005-07-14...
Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes other...