Novell GroupWise Internet Agent 6.5.1

Novacoast Security Advisory Novell GroupWise 6.5 Vulnerability Synopsis: Novacoast has discovered a vulnerability in the Novell GroupWise 6.5 Wireless Webaccess logging functionality. The software exposes all username and passwords within the log file in clear text. This information could be used...

Microsoft Windows Media Services contains buffer overflow in "nsiislog.dll"

Overview Microsoft Windows Media Services provides streaming audio and video capabilities. A vulnerability in a component of this software could allow a remote attacker to compromise the server running it. Description According to Microsoft Security Bulletin MS03-022:Microsoft Windows Media...

mod_mylo buffer overflow

Buffer overflow in logging function...

CLIVITT-2003-5.txt

Security Vulnerability Advisory Product: modmylo Apache 1.3.x module Versions:...

mod_mylo for Apache mylo_log Logging Function HTTP GET Overflow

According to the banner, the remote host is using a vulnerable version of mylolog, a MySQL logging module for Apache. Such versions have a buffer overflow vulnerability which could result in arbitrary code execution. C Tenable Network Security, Inc. The overflow occurs after the server replied to...

Apache stops writing access/error logs after processing "Request-URI" containing "0x1A" characters

Overview A vulnerability in the logging of URI requests may permit a remote attacker to disable logging on an Apache HTTP Server. Version 1.3.27 on Windows systems is reported vulnerable to this issue. Description Apache HTTP Server 1.3.27 running on Win32 systems contains a vulnerability that...

CPanel 5.0/5.3/6.x - Admin Interface HTML Injection

source: https://www.securityfocus.com/bid/8119/info cPanel is prone to an HTML injection vulnerability. It is possible for remote attacks to include hostile HTML and script code in requests to cPanel, which will be logged. When logs are viewed by an administrative user, the injected code could be...

Apache Httpd < 1.3.28 : RotateLogs DoS

The rotatelogs support program on Win32 and OS/2 would quit logging and exit if it received special control characters such as 0x1A...

CVE-2003-0412

Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities...

Microsoft Windows NT 4.02000 - Media Services nsiislog.dll Remote Buffer Overflow

Microsoft Windows NT 4.02000 - Media Services nsiislog.dll Remote Buffer Overflow // source: https://www.securityfocus.com/bid/8035/info Microsoft has reported a buffer overflow vulnerability in Windows Media Services. This is due to a problem with how the logging ISAPI extension handles incoming...

Microsoft Windows NT 4.0/2000 - Media Services &#039;nsiislog.dll&#039; Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/8035/info Microsoft has reported a buffer overflow vulnerability in Windows Media Services. This is due to a problem with how the logging ISAPI extension handles incoming client requests. This could cause arbitrary code execution in IIS, which is...

UPB: Discussion Board/Web-Site Takeover

=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: UPB: Discussion Board/Web-Site Takeover product: Ultimate PHP Board v1.9 latest vendor: www.myupb.com risk: high date: 05/24/2k3 discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/024.en.txt...

CVE-2003-0412

Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities...

Solaris syslogd overflow

Synopsis: Solaris syslogd is vulnerable to a remote buffer overflow. Versions: Solaris 2.6 SPARC: Not vulnerable Solaris 2.7 SPARC/x86: Untested Solaris 8 SPARC: Vulnerable Solaris 8 x86: Vulnerable Solaris 9 SPARC: Not vulnerable Solaris 9 x86: Untested Impact: Low-Medium. While I've not been ab...

Mod_gzip Debug Mode Vulnerabilities

Multiple Vulnerabilities in modgzip Debugging Routines I. Synopsis Affected Systems: modgzip 1.3.26.1a and prior Risk: Development: High Production: Minimal Developer URL: http://www.sourceforge.net/projects/mod-gzip Status: Vendor is not supporting project at this time. II. Product Description...

CVE-2003-0227

Microsoft Windows Media Services ISAPI extension (nsiislog.dll) handling unicast/multicast logging on Windows NT 4.0/2000 is vulnerable. A remote attacker can cause IIS denial of service and execute arbitrary code via a crafted network request. OpenVAS notes active code execution vulnerabilities;...

Geeklog 1.3.7sr1 and below multiple vulnerabilities.

Products: Geeklog 1.3.7sr1 and below http://www.geeklog.net Date: 29 May 2003 Author: pokleyzz pokleyzzatscan-associates.net Contributors: skatscan-associates.net shaharilatscan-associates.net muniratscan-associates.net URL: http://www.scan-associates.net Summary: Geeklog 1.3.7sr1 and below...

UPB: Discussion Board/Web-Site Takeover

=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: UPB: Discussion Board/Web-Site Takeover product: Ultimate PHP Board v1.9 latest vendor: www.myupb.com risk: high date: 05/24/2k3 discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/024.en.txt...

CVE-2003-0340

Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login names and passwords to gain privileges...

Magic Winmail Server format string bug

Format string bug during POP3 logging...