|
Oct 7 2001
|
Webodex PHP-based E-mail List Management Software Executes Remotely Supplied Code
|
|
Oct 7 2001
|
Gallery PHP-based Web Photo Gallery Software Permits Remote Users to Supply and Execute Arbitrary Code
|
|
Oct 7 2001
|
thatphpware PHP-based Web Portal Software Allows Remote Users to Execute Arbitrary Code
|
|
Oct 7 2001
|
SIPS PHP-based Web Log Tracking System Will Execute Remotely Supplied Arbitrary Code
|
|
Oct 7 2001
|
pSplash Web Portal Software Lets Remote Users Execute Arbitrary Code
|
|
Oct 7 2001
|
phpAdsNew PHP-based Banner Management System Lets Remote Users Supply and Execute Arbitrary Code
|
|
Oct 7 2001
|
Phormation PHP-based HTML Form Development Tool Executes Remotely Supplied Arbitrary Code
|
|
Oct 7 2001
|
Phorecast PHP-based Personal Information Manager Application Executes Remotely Supplied Arbitrary Code
|
|
Oct 7 2001
|
myphpPagetool Lets Remote Users Execute Arbitrary Code
|
|
Oct 7 2001
|
Moregroupware PHP-based Groupware System Executes Remotely Supplied Arbitrary Code
|
|
Oct 7 2001
|
Empris PHP-based Job and Volunteer Application Management System Lets Remote Users Execute Arbitrary Code on the Server
|
|
Oct 7 2001
|
DarkPortal PHP-based Web Portal Lets Remote Users Supply and Execute Arbitrary Code
|
|
Oct 7 2001
|
CCC PHP-based Computer Repair Shop Tracking System Will Execute Remotely Supplied Arbitrary Code
|
|
Oct 7 2001
|
AWOL PHP-based In/Out Personnel Tracking Board Lets Remote Users Supply and Execute Arbitrary Code
|
|
Oct 7 2001
|
ActionPoll PHP-based Survey Voting Script Executes Arbitrary Code Supplied by Remote Users
|
|
Oct 5 2001
|
Microsoft PowerPoint Macro Security Features Can Be Bypassed by Malformed PowerPoint Documents
|
|
Oct 5 2001
|
Microsoft Excel Macro Security Features Can Be Bypassed by Malformed Excel Documents
|
|
Oct 5 2001
|
WinMySQLadmin Database Administration Tool Discloses MySQL Password to Local Users
|
|
Oct 3 2001
|
Xgames Collection for GNOME Features Buffer Overflow that Enables Local Users to Execute Arbitrary Code with Root Privileges to Obtain Root Access
|
|
Oct 3 2001
|
BestWWWD Web Server Lets Remote Users Execute Shell Commands on the Server
|
|
Oct 3 2001
|
ToolTalk Database Server Format String Flaw Lets Remote Users Gain Root Level Privileges on Several UNIX Operating System Platforms
|
|
Oct 3 2001
|
(HP Issues Workaround) Re: ToolTalk Database Server Format String Flaw Lets Remote Users Gain Root Level Privileges on Several UNIX Operating System Platforms
|
|
Oct 3 2001
|
HP-UX Rpcbind Can Be Crashed By Remote Users
|
|
Oct 2 2001
|
HP OpenView Network Node Manager Component Lets Local Users Gain Elevated Privileges
|
|
Oct 2 2001
|
Sendmail Security Holes Let Local Users Obtain Elevated Privileges on the System, Access the E-mail Queue, and Cause Information Loss
|
|
Oct 1 2001
|
AmTote Homebet Internet Betting Server Application Discloses User PIN Codes to Remote Users
|
|
Sep 29 2001
|
Network Associates PGP Keyserver Configuration Error Gives Keyserver Administrative Access to Remote Users Without Requiring Authentication
|
|
Sep 29 2001
|
COM2001's Alexis Internet-enabled PBX Discloses Voice Mail Passwords When the Web Access Component is Used Over a Network
|
|
Sep 29 2001
|
Meteor FTP Server Directory Traversal Security Hole Lets Remote Users Download Files From the Server That Are Located Outside the FTP Directory
|
|
Sep 28 2001
|
3Com HomeConnect Cable Modem Can Be Reset or Crashed By Remote Users
|
|
Sep 28 2001
|
CardBoard Greeting Card CGI Application Lets Remote Users Execute Arbitrary Commands on the Web Server
|
|
Sep 28 2001
|
IBM's High Availability Cluster Multi-Processing (HACMP) Software Can Be Crashed By Remote Users
|
|
Sep 28 2001
|
H-Sphere Web Hosting Software Discloses Files on the System to Remote Users with Valid Web Management Accounts
|
|
Sep 28 2001
|
PHP-Nuke Lets Remote Users Upload Files to the Server and Copy Files on the Server, Yielding User Level Access on the Server
|
|
Sep 27 2001
|
Microsoft Outlook Web Access Directory Validation Flaw Lets Remote Users Consume CPU Resources by Requesting Mail from Nested Folders
|
|
Sep 26 2001
|
OpenSSH May Fail to Properly Restrict IP Addresses in Certain Configurations
|
|
Sep 26 2001
|
Cisco Secure PIX Firewall SMTP Mail Filtering Flaw Lets Remote Users Bypass the Firewall's SMTP Command Filtering Feature
|
|
Sep 26 2001
|
QVT/Term FTP Server Lets Remote Users Traverse the Directory and Can Also Be Crashed By Remote Users
|
|
Sep 26 2001
|
Setserial Utility Uses Predictable Temporary File Names in Certain Configurations and May Let Local Users Obtain Root Level Access
|
|
Sep 26 2001
|
HylaFAX Format String Vulnerabilities Let Local Users Obtain Elevated Privileges
|
|
Sep 25 2001
|
Baltimore Technologies MAILsweeper Fails to Block Some Malicious Code in HTML-based E-mail Messages
|
|
Sep 25 2001
|
Slrn News Reader Automatically Executes Shell Scripts Embedded Within News Articles
|
|
Sep 24 2001
|
HP's cu Terminal Emulator May Let Local Users Obtain Elevated Privileges
|
|
Sep 24 2001
|
Lotus Domino Web Server Discloses Internal Network Address to Remote Users
|
|
Sep 22 2001
|
XCache Web Caching Server Discloses Path Names for Web Documents to Remote Users
|
|
Sep 22 2001
|
SpoonFTP Server Discloses Files Located Outside of the FTP Root Directory to Remote Users
|
|
Sep 21 2001
|
Squid Proxy Caching Server Can Be Crashed by Remote Users with Mkdir PUT Requests
|
|
Sep 21 2001
|
IBM WebSphere Application Server Uses Predictable Session ID Cookies, Allowing Remote Users to Guess Session IDs and Hijack Web Sessions
|
|
Sep 21 2001
|
Half-Life Gaming Server Can Execute Arbitrary Code on the Client
|
|
Sep 20 2001
|
ICQ Web Portal Cross-Site Scripting Vulnerability May Allow Remote Users to Cause Arbitrary Code to Be Executed by a Target User's Browser via the ICQ Web Site
|
|
Sep 20 2001
|
Lotus Notes API Lets Authorized Remote Users Obtain Unauthorized Access to Other User File Attachments
|
|
Sep 20 2001
|
OpenSSH's Sftp-server Subsystem Lets Authorized Remote Users with Restricted Keypairs Obtain Additional Access on the Server
|
|
Sep 20 2001
|
Check Point FireWall-1/VPN-1 Management Server GUI Buffer Overflow Lets Remote Users Execute Arbitrary Code on the Management Server
|
|
Sep 19 2001
|
ZyXEL ADSL Router Filters Fail to Block Internal Administrative Access
|
|
Sep 19 2001
|
Webdiscount.net's eshop Commerce System Lets Remote Users Execute Arbitrary Commands on the System and Gain Shell Access
|
|
Sep 19 2001
|
Caldera Open Unix (SCO) lp Utilities May Let Local Users Gain Elevated Privileges
|
|
Sep 19 2001
|
Majordomo Configuration Error Lets Local Users Gain Elevated Privileges
|
|
Sep 18 2001
|
Oracle Application Server Discloses Full Path to Remote Users in Response to Requests for Non-existent JSP Files
|
|
Sep 18 2001
|
Most, a Pager Application, Contains a Buffer Overflow That Allows Remote Users to Execute Arbitrary Code and Gain User Level Privileges
|
|
Sep 18 2001
|
Microsoft Index Server Sample File Discloses File Information to Remote Users
|
|
Sep 17 2001
|
ARCserveIT Storage Management Discloses Backup Account Password to Remote Users
|
|
Sep 17 2001
|
Counterpane's Password Safe Password Encryption Utility for Microsoft Windows May Disclose Passwords to Local Users in Certain Situations
|
|
Sep 17 2001
|
Login Class Capability Database Lets Local Users Read Any File on the System
|
|
Sep 13 2001
|
Cisco Internet Content Distribution Network (iCDN) Products May Let Remote Users Masquerade as Valid Authenticated Clients Due to Security Flaw in RSA BSAFE Library
|
|
Sep 13 2001
|
TrendMicro InterScan eManager for InterScan VirusWall Lets Remote Users Reconfigure the System and Also Execute Arbitrary Code with System Level Privileges
|
|
Sep 13 2001
|
EFTP File Transfer and Encryption Software Lets Authorized Remote Users Execute Arbitrary Code, Create Denial of Service Conditions, and Obtain File and Directory Information; Local Users Can Obtain User Passwords
|
|
Sep 13 2001
|
Microsoft Outlook Express Will Execute Active Scripting in Plain Text E-mail Messages, Circumventing Some Scripting Controls
|
|
Sep 12 2001
|
RSA's BSAFE SSL-J Secure Sockets Layer Java Toolkit Has Session Caching Bug That May Allow Remote Users to Masquerade as Other Valid SSL Clients
|
|
Sep 12 2001
|
Libnss-pgsql Name Service Switch (NSS) using PostgreSQL Let Remote Users Inject SQL Code into the Database
|
|
Sep 11 2001
|
NetOp School Remote Desktop Management Software Gives System Level Access to Remote Users Due to Authentication Flaw
|
|
Sep 11 2001
|
IBM AIX Line Printer Daemon (lpd) Has Buffer Overflow That Lets Remote Users Obtain Root Privileges
|
|
Sep 11 2001
|
Cgiemail Web-based E-mail Remotely Executes Arbitrary Code With the Privileges of the Web Server
|
|
Sep 11 2001
|
Microsoft Windows NT Remote Procedure Call (RPC) Services Can Be Crashed With Malformed Packets
|
|
Sep 11 2001
|
Hotmail Web E-mail Service Allows Remote Users to Cause Malicious Javascript to be Executed by the Recipient's Browser, Potentially Stealing Authentication Cookies
|
|
Sep 11 2001
|
Msgchk Message Checking Utility for MH Mail Handler System Lets Local Users Execute Arbitary Code to Gain Root Level Privileges
|
