Monthly Archive: July 2005

Web Wiz Forums 7.9 and 8.0 allows remote attackers to view message titles of a hidden forum. Date published : 2005-07-12 http://www.securityfocus.com/bid/14207

Softiacom wMailserver 1.0 stores passwords in plaintext in the DarsiteMAILSRVAdmin key, which allows local users to gain administrator privileges. Date published : 2005-07-12 http://www.securityfocus.com/bid/14212 http://marc.info/?l=bugtraq&m=112120030308592&w=2

Microsoft Outlook Express 6.0 leaks the default news server account when a user responds to a "watched" conversation thread, which could allow remote attackers to obtain sensitive information. Date published : 2005-07-12 http://www.securityfocus.com/bid/14225 http://support.microsoft.com/default.aspx/kb/900930

Microsoft MSN Messenger allows remote attackers to cause a denial of service via a plaintext message containing the ".pif" string, which is interpreted as a malicious file extension and causes users to be kicked...

aspnet_wp.exe in Microsoft ASP.NET web services allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a crafted SOAP message to an RPC/Encoded method. Date published : 2005-07-12 http://www.securityfocus.com/bid/14217...

Unknown vulnerability in the SMTP service in MailEnable Standard before 1.9 and Professional before 1.6 allows remote attackers to cause a denial of service (crash) during authentication. Date published : 2005-07-12 http://www.mailenable.com/professionalhistory.asp http://www.mailenable.com/standardhistory.asp

Unknown vulnerability in the HTTPMail service in MailEnable Professional before 1.6 has unknown impact and attack vectors. Date published : 2005-07-12 http://www.mailenable.com/professionalhistory.asp http://securitytracker.com/id?1014427

** DISPUTED ** Multiple SQL injection vulnerabilities in Dragonfly Commerce allows remote attackers to modify SQL statements and possibly execute arbitrary SQL commands via the (1) key parameter to dc_Categoriesview.asp, (2) dc_productslist_Clearance.asp, (3) PID...

** DISPUTED ** Dragonfly Commerce allows remote attackers to change a product price by modifying the x_DragonflyCartProductPrice hidden field to (1) dc_Categorieslist.asp, (2) dc_Categoriesview.asp, (3) dc_productslist.asp, and (4) dc_productslist_Clearance.asp. NOTE: the vendor has disputed...

Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to perform unauthorized actions, such as modifying the credit limit, via a direct request to AccountActions.asp and modifying the CreditLimit parameter in an UpdateCreditLimit action....

Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables. Date published : 2005-07-12 http://securitytracker.com/id?1014396

PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo Gallery 1.5 and earlier allows remote attackers to execute arbitrary code via the news_file parameter. Date published : 2005-07-12 http://securitytracker.com/id?1014397

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different...

Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, and SGI ProPack 4, allows local users to execute arbitrary shells as root on other hosts...