RHEL 3 : rh-postgresql (RHSA-2004:489)

Updated rh-postgresql packages that fix various bugs are now available. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects, and user-defined types and functions. Trustix has identified improper...

Low: Red Hat Security Advisory: rh-postgresql security update

Updated rh-postgresql packages that fix various bugs are now available. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects, and user-defined types and functions. Trustix has identified improper...

Cisco Transaction Language 1 (TL1) interface fails to properly validate accounts with blank passwords

Overview There is a vulnerability in the Cisco Transaction Language 1 TL1 login interface that could allow a remote attacker to gain access to a Cisco ONS device. Description Transaction Language 1 TL1 is a widely used telecommunications management protocol. A default account, CISCO15, contains a...

CVE-2003-1036

Multiple buffer overflows in the AGate component for SAP Internet Transaction Server ITS allow remote attackers to execute arbitrary code via long 1 command, 2 runtimemode, or 3 session parameters, or 4 a long HTTP Content-Type header...

CVE-2003-1038

The AGate component for SAP Internet Transaction Server ITS allows remote attackers to obtain sensitive information via a command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames...

CVE-2003-1037

Format string vulnerability in the WGate component for SAP Internet Transaction Server ITS allows remote attackers to execute arbitrary code via a high "trace level."...

CVE-2003-1037

Format string vulnerability in the WGate component for SAP Internet Transaction Server ITS allows remote attackers to execute arbitrary code via a high "trace level."...

CVE-2003-1036

Multiple buffer overflows in the AGate component for SAP Internet Transaction Server ITS allow remote attackers to execute arbitrary code via long 1 command, 2 runtimemode, or 3 session parameters, or 4 a long HTTP Content-Type header...

CVE-2003-1038

The AGate component for SAP Internet Transaction Server ITS allows remote attackers to obtain sensitive information via a command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames...

CVE-2003-0747

wgate.dll in SAP Internet Transaction Server ITS 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters 1 service, 2 templatelanguage, 3 language, 4 theme, or 5 template, which leaks the...

CVE-2003-0749

Cross-site scripting XSS vulnerability in wgate.dll for SAP Internet Transaction Server ITS 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the service parameter...

CVE-2003-0748

Directory traversal vulnerability in wgate.dll for SAP Internet Transaction Server ITS 4620.2.0.323011 allows remote attackers to read arbitrary files via ..\ dot-dot backslash sequences in the theme parameter and a template parameter with a filename followed by space characters, which can preven...

GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1)

GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun 1 // source: https://www.securityfocus.com/bid/8699/info cfengine is prone to a stack-based buffer overrun vulnerability. This issue may be exploited by remote attackers who can send malicious transaction packets to cfservd. This issu...

CVE-2003-0748

Directory traversal vulnerability in wgate.dll for SAP Internet Transaction Server ITS 4620.2.0.323011 allows remote attackers to read arbitrary files via ..\ dot-dot backslash sequences in the theme parameter and a template parameter with a filename followed by space characters, which can preven...

CVE-2003-0749

Cross-site scripting XSS vulnerability in wgate.dll for SAP Internet Transaction Server ITS 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the service parameter...

CVE-2003-0749

CVE-2003-0749 describes an XSS vulnerability in SAP Internet Transaction Server (ITS) involving wgate.dll. The affected component is wgate.dll (SAP ITS) with version details in the description, and the vulnerability is exploitable via the ~service parameter to inject arbitrary web script and stea...

CVE-2003-0747

wgate.dll in SAP Internet Transaction Server ITS 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters 1 service, 2 templatelanguage, 3 language, 4 theme, or 5 template, which leaks the...

SAP Internet Transaction Server

Information leak, crossite scripting...

SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Cross-Site Scripting

SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Cross-Site Scripting source: https://www.securityfocus.com/bid/8517/info The 'wgate.dll' componenet of SAP Internet Transaction Server has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of...

SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Information Disclosure

SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Information Disclosure source: https://www.securityfocus.com/bid/8515/info A vulnerability has been discovered in SAP Internet Transaction Server SITSthat could allow an attacker to obtain sensitive information. The problem occurs...