SFAD03-001: iWeb Mini Web Server Remote Directory Traversal

================================================================= ...............: S e c u r i t y F r e a k s :............... .................: www.securityfreaks.com :.................. ================================================================= Title : iWeb Mini Web Server Remote...

Fixed in Apache Tomcat 3.3.2

Moderate: Cross site scripting CVE-2003-0044 The root web application and the examples web application contained a number a cross-site scripting vulnerabilities. Note that is it recommended that the examples web application is not installed on production servers. Affects: 3.0, 3.1-3.1.1, 3.2-3.2....

Microsoft Security Bulletin MS02-070: Flaw in SMB Signing Could Enable Group Policy to be Modified (309376)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Flaw in SMB Signing Could Enable Group Policy to be Modified 309376 Date: 11 December 2002 Software: Windows 2000, Windows XP Impact: Modify group policy Max Risk: Moderate Bulletin:...

Microsoft Security Bulletin MS02-067: E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail (331866)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail 331866 Date: 04 December 2002 Software: Microsoft Outlook 2002 Impact: Denial of Service Max Risk: Moderate Bulletin:...

Security Bulletin MS02-060: Flaw in Windows XP Help and Support Center Could Enable File Deletion (Q328940)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Flaw in Windows XP Help and Support Center Could Enable File Deletion Q328940 Date: 16 October 2002 Software: Microsoft Windows XP Impact: Delete files on the user's system Max Risk:...

Squirrel Mail 1.2.7 XSS Exploit

Sorry if you receive two of these. DarC KonQuesT XSS Release- Product: Squirrel Mail 1.2.7 - released June 21, 2002 tested, others possibly vulnerable Vendor: Squirrel Mail - Web: www.squirrelmail.org Problem: Cross Site Scripting Severity: Moderate Operating Systems: Tested against Red Hat 7.3,...

Security Bulletin MS02-049: Flaw Could Enable Web Page to Launch Visual FoxPro 6.0 Application Without Warning (Q326568)

---------------------------------------------------------------------- Title: Flaw Could Enable Web Page to Launch Visual FoxPro 6.0 Application Without Warning Q326568 Date: 04 September 2002 Software: Microsoft Visual FoxPro 6.0 Impact: Attacker could gain control over user's system. Max Risk:...

Security Bulletin MS02-046: Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution (Q327521)

---------------------------------------------------------------------- Title: Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution Q327521 Date: 22 August 2002 Software: Microsoft Terminal Services Advanced Client TSAC ActiveX control, which can be installed on any Windows system...

Security Bulletin MS02-038: Cumulative Patch for SQL Server 2000 Service Pack 2 (Q316333)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Cumulative Patch for SQL Server 2000 Service Pack 2 Q316333 Date: 24 July 2002 Software: Microsoft SQL Server 2000, Microsoft Desktop Engine MSDE 2000 Impact: Two vulnerabilities, bo...

SECURITY vulnerability in ECS-K7S5A(L) boards

A repost, my previous one seem to have failed. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY vulnerability in ECS-K7S5AL boards DESCRIPTION =========== The administrator-password set in the BIOS of the K7S5AL locks out BIOS-access from the console. However, it does not disable access to...

Security Bulletin MS02-016 Q318593: Opening Group Policy Files for Exclusive Read Blocks Policy Application

-----BEGIN PGP SIGNED MESSAGE----- Title: Q318593: Opening Group Policy Files for Exclusive Read Blocks Policy Application Date: 04 April 2002 Software: Microsoft Windows 2000 Server Microsoft Windows 2000 Advanced Server Microsoft Windows 2000 Datacenter Server Impact: Attacker could block...

Microsoft Security Bulletin MS02-014

---------------------------------------------------------------------- Title: Unchecked Buffer in Windows Shell Could Lead to Code Execution Date: 07 March 2002 Software: Microsoft Windows 98, NT 4.0, 2000 Impact: Run code of attacker's choice Max Risk: Moderate Bulletin: MS02-014 Microsoft...

Fixed in Apache Tomcat 3.2.4

Moderate: Information disclosure CVE-2001-1563 No specifics are provided in the vulnerability report. This may be a summary of other issues reported against 3.2.x Affects: 3.2?, 3.2.1, 3.2.2-3.2.3?...

NetWin dMailWeb Unrestricted Mail Relay

Product: NetWin dMailWeb Type: Unrestricted Mail Relay Severity: Moderate Versions: = 2.6g: Case A All, configuration error: Case B Note: NetWin cwMail also appears vulnerable to the same attacks, and appears to be using exactly the same version numbers. --- Overview dMailWeb is a CGI application...

Predictability Problems in IRIX Cron and Compilers

Crimelabs, Inc. www.crimelabs.com Security Note Crimelabs Security Note CLABS200004 Title: Poor Tempfile Use in IRIX: Compilers and Cron Date: 21 June, 2000 Application: MIPSPro Compilers 7.1, 7.2.1 tested, cron Platforms: IRIX 6.3, 6.5 Severity: Moderate, higher in some instances Author: Jose...

Drupal core - Moderately critical - Multiple vulnerabilities - SA-CORE-2019-010

More info at https://www.drupal.org/sa-core-2019-010...