CVE-2002-1084

The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests...

CVE-2002-0888

3Com OfficeConnect Remote 812 ADSL Router, firmware 1.1.9 and 1.1.7, allows remote attackers to bypass port access restrictions by connecting to an approved port and quickly connecting to the desired port, which is allowed by the router...

CVE-2002-0456

Eudora 5.1 and earlier versions stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames...

[SECURITY] [DSA 137-1] New mm packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 137-1 [email protected] http://www.debian.org/security/ Martin Schulze July 30th, 2002 - -------------------------------------------------------------------------- Package : mm Vulnerability...

dotProject 0.2.1 - User Cookie Authentication Bypass

dotProject 0.2.1 - User Cookie Authentication Bypass source: https://www.securityfocus.com/bid/5347/info dotproject is prone to an issue which may allow remote attackers to bypass authentication and gain administrative access to the software. This may be accomplished by submitting a maliciously...

Portcullis Security Advisory - Directory Traversal Vulnerability in SunPS iRunbook 2.5.2

Portcullis Security Advisory Directory Traversal Vulnerability in SunPS iRunbook 2.5.2 Vulnerability discovery and development: John Clayton, Portcullis Security Testing Services Team Leader Affected system: SunPS iRunbook Version 2.5.2 complied by Mike Corlett - 15:00 - 8th January 2002 running ...

Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection

Grsecurity Kernel Patch 1.9.4 Linux Kernel - Memory Protection source: https://www.securityfocus.com/bid/4762/info An attacker with root access may be able to write to kernel memory in spite of the security patch provided by grsecurity. The patch operates by redirecting the write system call, whe...

OpenBSD local DoS and root exploit

The following is research material from FozZy from Hackademy and Hackerz Voice newspaper http://www.hackerzvoice.org, and can be distributed modified or not if proper credits are given to them. For educational purposes only, no warranty of any kind, I may be wrong, this post could kill you mail...

Cobalt RaQ 2.0/3.0/4.0 XTR - 'MultiFileUpload.php' Authentication Bypass (1)

source: https://www.securityfocus.com/bid/4252/info Cobalt RaQ is a server appliance for Internet-based services. It is distributed and maintained by Sun Microsystems. The 'MultiFileUpload.php' script is not sufficiently protected from outside access. While other sensitive administrative scripts...

PHP 4.x5.x MySQL Library - Safe_mode Filesystem Circumvention (3)

PHP 4.x5.x MySQL Library - Safemode Filesystem Circumvention 3 optionsMYSQLIOPTLOCALINFILE, 1; $m-setlocalinfilehandler"r"; $m-query"LOAD DATA LOCAL INFILE '/etc/passwd' INTO TABLE a.a"; $m-close; ?...

Multiple Remote Windows XP/ME/98 Vulnerabilities

Multiple Remote Windows XP/ME/98 Vulnerabilities Release Date: 12/20/01 Severity: High Systems Affected: Microsoft Windows XP All default systems Microsoft Windows 98 Certain configurations Microsoft Windows 98SE Certain configurations Microsoft Windows ME Certain configurations Description:...

CVE-2001-1092

msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mhprofile file...

CVE-2001-0694

Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command...

CVE-2001-0621

The FTP server on Cisco Content Service 11000 series switches CSS before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands...

suse: sdbsearch.cgi vulnerability

Hello, I found weakness in sdbsearch.cgi script which is a part of Suse distribution. This is perl script and since Suse 7.1 they have introduced some form of protection interpreter is called with tainting checking. However, I think it isn't enough and this bug still may produce danger...

CylantSecure 1.0 - Kernel Module Syscall Rerouting

CylantSecure 1.0 - Kernel Module Syscall Rerouting / source: https://www.securityfocus.com/bid/2958/info CylantSecure is a commercial Linux hardening tool and security infrastructure available from Cylant Technology. A problem in the CylantSecure infrastructure could allow users to escape...

Fatal flaw in BestCrypt <= v0.7 (Linux)

Hello fellow Bugtraq'ers. As you can see in the message below I have discovered a flaw in the SUID-root "bctool" program that comes with BestCrypt from Jetico. A session transcript where the flaw is exploited is also included and so is a patch for the problem. For those of you that did not know,...

IRIX 5.36.x - netprint Arbitrary Shared Library Usage

IRIX 5.36.x - netprint Arbitrary Shared Library Usage // source: https://www.securityfocus.com/bid/2656/info The 'netprint' utility shipped with SGI Irix systems is used to send print jobs to print spoolers on remote hosts. It is installed setuid root by default. At the command line, 'netprint'...

FreeBSD 4.2-stable - FTPd glob() Remote Buffer Overflow

FreeBSD 4.2-stable - FTPd glob Remote Buffer Overflow source: https://www.securityfocus.com/bid/2548/info The BSD ftp daemon and derivatives such as IRIX ftpd or the ftp daemon shipped with Kerberos 5 contain a number of buffer overflows that may lead to a compromise of root access to malicious...

Solaris 2.6/7.0 - IN.FTPD CWD 'Username' Enumeration

source: https://www.securityfocus.com/bid/2564/info Solaris is the variant of the UNIX Operating System distributed by Sun Microsystems. Solaris is a versatile operating system designed for use with machines as small as desktop systems and as large as enterprise systems. A problem with the ftp...