|
Jan 10 2002
|
Legato NetWorker Configuration Error Lets Any NetWorker Server Backup or Restore a Host Running the NetWorker Client
|
|
Jan 10 2002
|
Tinc VPN Tunneling Software Lacks Packet Authentication Allowing Remote Users to Modify and Replay Tunnel Packets and Possibly Determine the Plain Text Contents
|
|
Jan 10 2002
|
Dino's Webserver Directory Traversal Flaw Lets Remote Users Obtain Files Located Anywhere on the Server
|
|
Jan 9 2002
|
EServ Web Server Discloses Password-Protected Files and Directories to Remote Users
|
|
Jan 9 2002
|
(Fix is Available) Re: Linksys Cable/DSL Routers Disclose Information to Remote Users via SNMP Traps
|
|
Jan 9 2002
|
Cisco SN 5420 Storage Router Bugs Disclose the Router Configuration to Remote Users and Allow Remote Users to Crash the Router With Large HTTP Headers or Fragmented Packets
|
|
Jan 9 2002
|
Mandrake Linux Distribution of BIND Has File Permission Errors That May Let Local Users Control the BIND Daemon or Modify It's Configuration
|
|
Jan 8 2002
|
(A User Provides Some Details) Re: Linksys Cable/DSL Routers Disclose Information to Remote Users via SNMP Traps
|
|
Jan 8 2002
|
(A User Has Provided a Solution) Re: ActivePerl for Windows Discloses Directory Path Location to Remote Users
|
|
Jan 7 2002
|
Aftpd FTP Server May Disclose Password File to Remote Users with Valid FTP Account Access
|
|
Jan 7 2002
|
FAQManager Perl-based FAQ Page Management Software Discloses Files on the Server to Remote Users
|
|
Jan 7 2002
|
Linksys Cable/DSL Routers Disclose Information to Remote Users via SNMP Traps
|
|
Jan 5 2002
|
TCL File Server May Disclose Files to Remote Users
|
|
Jan 5 2002
|
Cisco uBR900 Series Cable Routers May Give Remote Users Read/Write Control of the Router
|
|
Jan 5 2002
|
(FreeBSD Issues Fix For mod_auth_pgsql) Several 3rd Party Apache Authentication Modules Allow Remote Users to Execute Arbitrary Code to Gain Access to the System or Execute Stored Procedures to Obtain Arbitrary Database Information
|
|
Jan 4 2002
|
Microsoft Internet Explorer (IE) May Allow Malicious Javascript to Poll a User's System for Known Files
|
|
Jan 4 2002
|
PHP.EXE Windows CGI for Apache Web Server May Let Remote Users View Files on the Server Due to Configuration Error
|
|
Jan 2 2002
|
Microsoft Internet Explorer GetObject() Active Scripting Bug Lets Remote Code Access Files on the PC
|
|
Jan 1 2002
|
(A User Provides a Workaround) Re: ActivePerl for Windows Discloses Directory Path Location to Remote Users
|
|
Dec 31 2001
|
Zml.cgi Markup Language Processor Discloses Files on the Server to Remote Users
|
|
Dec 31 2001
|
Lastlines.cgi Log File Viewing CGI Script Lets Remote Users View Files and Execute Commands on the Server
|
|
Dec 29 2001
|
ActivePerl for Windows Discloses Directory Path Location to Remote Users
|
|
Dec 29 2001
|
Cherokee Web Server Discloses Any File Located on the Web Server to Remote Users
|
|
Dec 29 2001
|
PHP Rocket Add-in for FrontPage Discloses Files on the Server to Remote Users
|
|
Dec 24 2001
|
SorceryNet IRC Daemon (SorIrcd) Chat Server May Disclose User IP Addresses to Remote Users
|
|
Dec 23 2001
|
Microsoft Windows XP Remote Desktop Client May Disclose Recently Used Account Names to Remote Users
|
|
Dec 22 2001
|
Plesk Server Administrator (PSA) Discloses PHP Source Code to Remote Users
|
|
Dec 20 2001
|
(A User Reports That a Fix is Available) Re: Novell NetWare Enterprise Web Server Discloses the Contents of Any File to Remote Users, Including the Console Password
|
|
Dec 20 2001
|
Microsoft Internet Explorer (IE) Web Browser 'document.open()' Scripting Flaw Lets Remote Users Steal Cookies, Read Local Files, and Spoof Web Sites
|
|
Dec 20 2001
|
Oracle iAS Application Server 'MODPLSQL' Component Discloses Files to Remote Users, Can Be Crashed By Remote Users, and Lets Remote Users Execute Arbitrary Code on the Server
|
|
Dec 19 2001
|
(HP Issues Notice for HP Secure OS for Linux) Ghostscript Postscript Interpreter Lets Local Users Read Files on the System
|
|
Dec 19 2001
|
Novell NetWare Enterprise Web Server Discloses the Contents of Any File to Remote Users, Including the Console Password
|
|
Dec 19 2001
|
Data Wizard Technologies FtpXQ FTP Server Default Configuration Lets Remote Users Access the C:\ Drive
|
|
Dec 17 2001
|
Webmin Management Tool Lets Valid Remote Users View and Edit Files on the Web Server
|
|
Dec 17 2001
|
(FreeBSD Issues Fix) ht://Dig Search Engine Software Has Remote Denial of Service and Local Information Disclosure Bugs in htsearch
|
|
Dec 15 2001
|
Microsoft Internet Explorer Version 6 Lets Remote Scripts Access and Send Local Files
|
|
Dec 14 2001
|
Html2Wml Conversion Tool Allows Remote Users to View Files on the System
|
|
Dec 13 2001
|
EFTP File Transfer Server Discloses All Directory Contents to Remote Users With Accounts on the Server
|
|
Dec 13 2001
|
Citrix ICA Client for Windows Allows Remote Malicious Code to Execute on a User's PC Without Warning
|
|
Dec 13 2001
|
(Vendor Issues Patch) Re: Platform Computing's Platform LSF Load Sharing Application Contains Multiple Flaws, Disclosing Files to Local Users, Giving Local Users Root Access, and Crashing When Remote Users Send Malformed Packets
|
|
Dec 11 2001
|
(Vendor Cannot Reproduce Claim) Re: Microsoft Windows 2000 RunAs Utility May Disclose Sensitive Information to Local Users
|
|
Dec 8 2001
|
(Vendor Responds) Re: Platform Computing's Platform LSF Load Sharing Application Contains Multiple Flaws, Disclosing Files to Local Users, Giving Local Users Root Access, and Crashing When Remote Users Send Malformed Packets
|
|
Dec 5 2001
|
Platform Computing's Platform LSF Load Sharing Application Contains Multiple Flaws, Disclosing Files to Local Users, Giving Local Users Root Access, and Crashing When Remote Users Send Malformed Packets
|
|
Dec 1 2001
|
Easynews PHP Script Lets Remote Users Modify The News Database and Discloses the Administrator Password to Local Users
|
|
Nov 30 2001
|
Alchemy Eye Network Management Software Default Configuration Lets Remote Users View the Monitoring Logs
|
|
Nov 30 2001
|
(Red Hat Issues Fix) OpenSSH's Sftp-server Subsystem Lets Authorized Remote Users with Restricted Keypairs Obtain Additional Access on the Server
|
|
Nov 29 2001
|
CoolSoft's PowerFTP Server Discloses Any File on the System to Remote Users and Can Be Crashed By Remote Users
|
|
Nov 26 2001
|
Microsoft Internet Explorer ActiveX Flaw Permits Remote Malicious HTML Code Containing an 'htmlfile' or 'htmlfile_FullWindowEmbed' Object to Access Local Files and Potentially Execute Commands
|
|
Nov 23 2001
|
Red Hat Stronghold Secure Web Server Discloses Sensitive System Files to Remote Users
|
|
Nov 23 2001
|
Informix Database May Disclose Files on the System to Remote Users
|
|
Nov 23 2001
|
Jakarta Tomcat Java Server May Disclose the Server's Installation Path to Remote Users
|
|
Nov 21 2001
|
High-bandwidth Digital Content Protection (HDCP) System Feasibly Allows A User to Decrypt Data and Clone Devices
|
|
Nov 20 2001
|
(SGI Describes Workaround) Re: Sendmail Security Holes Let Local Users Obtain Elevated Privileges on the System, Access the E-mail Queue, and Cause Information Loss
|
|
Nov 19 2001
|
Microsoft Internet Explorer Cookie Disclosure Fix Discloses Patch Information to Remote Users
|
|
Nov 18 2001
|
Gallery Web Photo Gallery Software for PHPNuke Discloses Files on the Server to Remote Users
|
|
Nov 16 2001
|
OPIE One-time Password Software Discloses Information About Valid vs. Non-valid User Accounts
|
|
Nov 16 2001
|
(A User Provides Information About Recent OpenSSH Changes) Re: OpenSSH's S/Key Implementation Information Disclosure Flaw Provides Remote Users With Information About Valid User Accounts
|
|
Nov 16 2001
|
(A User Provides Additional Details) Re: Opera Web Browser May Disclose Web Pages, Cookies, and Links from a Separate Domain to a Remote Server Running Malicious Javascript Code
|
|
Nov 15 2001
|
Opera Web Browser May Disclose Web Pages, Cookies, and Links from a Separate Domain to a Remote Server Running Malicious Javascript Code
|
|
Nov 13 2001
|
mini_httpd Web Server Discloses Password-Protected and Non-Readable Files to Remote Users
|
|
Nov 13 2001
|
thttpd Web Server Discloses Password-Protected and Non-Readable Files to Remote Users in Certain Configurations
|
|
Nov 13 2001
|
OpenSSH's S/Key Implementation Information Disclosure Flaw Provides Remote Users With Information About Valid User Accounts
|
|
Nov 13 2001
|
Microsoft IIS 4.0 Configuration Error May Allow Remote Users to Obtain Physical Directory Path Information
|
|
Nov 13 2001
|
Microsoft Windows 2000 RunAs Utility May Disclose Sensitive Information to Local Users
|
|
Nov 9 2001
|
(Conectiva Issues Fix) Webalizer Log File Analyzer Cross-Site Scripting Hole Allows Remote Users to Cause Arbitrary But Trusted Code to Be Executed By Another User When Viewing Webalizer Reports
|
|
Nov 8 2001
|
(Red Hat Issues Fix) ht://Dig Search Engine Software Has Remote Denial of Service and Local Information Disclosure Bugs in htsearch
|
|
Nov 8 2001
|
(Red Hat Issues Fix) Sendmail Security Holes Let Local Users Obtain Elevated Privileges on the System, Access the E-mail Queue, and Cause Information Loss
|
|
Nov 8 2001
|
(Caldera Issues Fix for OpenServer) Sendmail Security Holes Let Local Users Obtain Elevated Privileges on the System, Access the E-mail Queue, and Cause Information Loss
|
|
Nov 6 2001
|
(SuSE Issues Fix) Webalizer Log File Analyzer Cross-Site Scripting Hole Allows Remote Users to Cause Arbitrary But Trusted Code to Be Executed By Another User When Viewing Webalizer Reports
|
|
Nov 5 2001
|
(Entrust Issues Fix) Re: Entrust GetAccess Input Validation Flaw Lets Remote Users Obtain Files from the Server
|
|
Nov 5 2001
|
Entrust GetAccess Input Validation Flaw Lets Remote Users Obtain Files from the Server
|
|
Nov 1 2001
|
(Mandrake Issues Fix) ht://Dig Search Engine Software Has Remote Denial of Service and Local Information Disclosure Bugs in htsearch
|
|
Nov 1 2001
|
(Engarde Issues Fix) Webalizer Log File Analyzer Cross-Site Scripting Hole Allows Remote Users to Cause Arbitrary But Trusted Code to Be Executed By Another User When Viewing Webalizer Reports
|
|
Oct 31 2001
|
(Red Hat Issues Fix for Linux 7.2) Ghostscript Postscript Interpreter Lets Local Users Read Files on the System
|
|
Oct 30 2001
|
(Red Hat Issues Fix for Red Hat Powertools 7.0 and 7.1) Webalizer Log File Analyzer Cross-Site Scripting Hole Allows Remote Users to Cause Arbitrary But Trusted Code to Be Executed By Another User When Viewing Webalizer Reports
|
