Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 allows remote attackers to read arbitrary files or list directories via hex-encoded "..//" sequences ("%2e%2e%2f%2f"). NOTE: it was later reported that 0.6.21 and earlier is...
Buffer overflow in ADA Image Server (ImgSvr) 0.4 allows remote attackers to cause a denial of service (web server crash) or execute arbitrary code via a long GET request. Date published : 2005-08-20 http://www.securityfocus.com/bid/10046...
cplay 1.49 on Linux allows local users to overwrite arbitrary files via a symlink attack on the cplay_control temporary file. Date published : 2005-08-20 http://www.securityfocus.com/bid/10597 http://www.osvdb.org/7222
Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code. Date published : 2005-08-20 http://www.securityfocus.com/bid/11123 http://gnubiff.sourceforge.net/changelog.php
Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list. Date published : 2005-08-20 http://www.securityfocus.com/bid/11123 http://gnubiff.sourceforge.net/changelog.php
Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table. Date published : 2005-08-20 http://sourceforge.net/project/shownotes.php?group_id=94176&release_id=248016 http://www.osvdb.org/7250
Open WebMail 2.30 and earlier, when use_syshomedir is disabled or create_syshomedir is enabled, creates new directories before authenticating, which allows remote attackers to create arbitrary directories. Date published : 2005-08-20 http://www.securityfocus.com/bid/10087 http://openwebmail.org/openwebmail/download/cert/patches/SA-04:02/openwebmail.pl.patch
Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows remote attackers to cause a denial of service (crash) via a large amount of UDP traffic. Date published : 2005-08-20 http://www.securityfocus.com/bid/11685 http://www.osvdb.org/11839
SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action. Date published : 2005-08-20 http://www.securityfocus.com/bid/11688 http://www.minibb.net/forums/index.php?action=vthread&forum=9&topic=1854
Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the...
aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive information such as hashed passwords from (1) hotlog.htm and (2) config.xml. Date published : 2005-08-20 http://sourceforge.net/tracker/index.php?func=detail&aid=976450&group_id=54091&atid=472655 http://www.osvdb.org/8123
Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack vectors. Date published : 2005-08-20 http://www.securityfocus.com/bid/11127 http://sourceforge.net/project/shownotes.php?release_id=265832
Unknown vulnerability in Hitachi Cosminexus Portal Framework 01-00, 01-01, 01-02, 02-01, 02-02, 02-03, and other versions allows remote attackers to obtain sensitive information in the tag library. Date published : 2005-08-20 http://www.securityfocus.com/bid/11128 http://www.hitachi-support.com/security_e/vuls_e/HS04-006_e/01-e.html
Roger Wilco 1.4.1.6 and earlier, or Roger Wilco Base Station 0.30a or earlier, allows remote attackers to send audio to arbitrary channels, aka the "Voices from the deep" bug. Date published : 2005-08-20 http://www.securityfocus.com/bid/10025...