Monthly Archive: August 2005

rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to...

Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code. Date published : 2005-08-16 http://www.securityfocus.com/bid/11002 http://www.securityfocus.com/bid/11033

Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function. Date published...

EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path information (home directory) via an HTTP request for init.emu. Date published : 2005-08-16 http://www.securityfocus.com/bid/9861 http://members.lycos.co.uk/r34ct/main/emu/emu.txt

NullSoft Winamp 5.02 allows remote attackers to cause a denial of service (crash) by creating a file with a long filename, which causes the victim’s player to crash when the file is opened from...

Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to bypass cross-frame scripting restrictions and capture keyboard events from other domains via an HTML document with Javascript that is outside a frameset that includes...

The PerfectNav plugin for Microsoft Internet Explorer allows remote attackers to cause a denial of service (browser crash) via a malformed URL such as "?". Date published : 2005-08-16 http://www.securityfocus.com/bid/9753 http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017830.html

HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length. Date published : 2005-08-16 http://www.securityfocus.com/bid/9917 http://cvs.sourceforge.net/viewcvs.py/jetty/Jetty/src/org/mortbay/http/HttpRequest.java?r1=1.75&r2=1.76

Directory traversal vulnerability in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to write arbitrary files via a .. (dot dot) in the attfile parameter. Date published : 2005-08-16 http://members.lycos.co.uk/r34ct/main/TW-webserver/TWwebserver.txt http://www.securitytracker.com/alerts/2004/Mar/1009443.html

Multiple cross-site scripting (XSS) vulnerabilities in @Mail 3.64 for Windows allow remote attackers to inject arbitrary web script or HTML via (1) the Displayed Name attribute in util.pl and (2) the Folder attribute in...

@Mail 3.64 for Windows allows remote attackers to cause a denial of service ("unusable" server) via a large number of POP3 connections to the server. Date published : 2005-08-16 http://www.securityfocus.com/bid/9749 http://members.lycos.co.uk/r34ct/main/@mail_3.64/@mail_3.64.txt

Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled....

Buffer overflow in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request with a long attfile attribute....

Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an APOP USER command with a...