MS03-001: Unchecked buffer in Locate Service (810833)

The Microsoft Locate service is a name server that maps logical names to network-specific names. There is a security vulnerability in this server that allows an attacker to execute arbitrary code in it by sending a specially crafted packet to it. C Tenable Network Security, Inc...

PC-cillin "pop3trap.exe" vulnerable to buffer overflow via long string of characters

Overview A locally exploitable buffer overflow exists in PC-cillin. Description Trend Micro describes PC-cillin as follows:Trend Micro PC-cillin provides all-in-one antivirus security, personal firewall, and PDA protection for your PC. The user-friendly interface makes it easy to install and use...

Anyone can read all XOOPS private messages

www.phpsecure.org advisory. In french : http://www.phpsecure.org/?zone=pComment&d=101 By valdeux Publiacted on december, 13th 2002 As most part of PHP CMS, XOOPS allows users to send and receive Private Messages PMs, that are saved on the DataBase. We found how all messages are readable. And sure...

Pine MUA contains buffer overflow in addr_list_string()

Overview Pine is a mail user agent MUA written and distributed by the University of Washington. Some versions contain a buffer overflow vulnerability in email address handling. Description Versions of Pine prior to 4.50 contain a remotely exploitable buffer overflow in the addrliststring function...

NetScreen Secure Command Shell (SCS) denial-of-service vulnerability

Overview The Secure Command Shell service on NetScreen firewall products contains a remotely exploitable denial-of-service vulnerability. Description Firewall products from NetScreen Technologies, Inc. include a Secure Shell version 1 SSHv1 implementation called Secure Command Shell SCS. The SCS...

Netegrity SiteMinder does not adequately validate user input thereby allowing user to bypass filters via crafted URL

Overview Netegrity SiteMinder does adequately vaildate HTTP requests containing malicious Unicode encodings. Description Netegrity SiteMinder is a platform for securing multiple web applications through a single point of user authentication. SiteMinder does not properly filter HTTP requests when...

NOCC: XSS

NOCC: XSS PROGRAM: NOCC VENDOR: Olivier Cahagne et al. HOMEPAGE: http://nocc.sourceforge.net/ VULNERABLE VERSIONS: 0.9.5, possibly others IMMUNE VERSIONS: 0.9.5 with my patch applied SEVERITY: high LOGIN REQUIRED: no DESCRIPTION: "NOCC is a simple and fast Web-based e-mail reader which can handle...

Microsoft Security Bulletin MS02-061: Elevation of Privilege in SQL Server Web Tasks (Q316333)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Elevation of Privilege in SQL Server Web Tasks Q316333 Released: 16 October 2002 Software: Microsoft SQL Server 7.0 and 2000 Impact: Elevation of privilege Max Risk: Critical Bulleti...

wp-02-0003: MySQL Locally Exploitable Buffer Overflow

Westpoint Security Advisory Title: MySQL Locally Exploitable Buffer Overflow Risk Rating: Medium Software: mySQL Database v3.23.49-nt Platforms: Win32 other platforms not tested Vendor URL: www.mysql.com Author: Matt Moore [email protected] Date: 1st October 2002 Advisory ID: wp-02-0003 CVE...

MyNewsGroups :) XSS patch

MyNewsGroups : XSS patch PROGRAM: MyNewsGroups : VENDOR: Carlos Sanchez Valle et al. HOMEPAGE: http://mynewsgroups.sourceforge.net/ VULNERABLE VERSIONS: 0.4, 0.4.1, possibly others IMMUNE VERSIONS: 0.4.1 with my patch applied SEVERITY: high LOGIN REQUIRED: no DESCRIPTION: "MyNewsGroups : is a...

Microsoft Windows 2000 Indexing Service permits read access to files outside web root via crafted request

Overview A vulnerability exists in the way that Index Server 2.0 and the Indexing Service for Windows 2000 handles search requests. This vulnerability may alllow attackers to view the contents of "include" files located on the web server. Description By submitting a specific search request to a...

Microsoft Office Web Components allows arbitary user to determine whether local file exists via Chart component "Load" method

Overview Microsoft Office Web Components OWC allows a malicious script on a web page to learn if a file exists on the client's filesystem. Description OWC allows viewing of Microsoft Office documents such as spreadsheets and charts to be viewed within an HTML document in Microsoft Internet Explor...

Microsoft Visual FoxPro fails to properly evaluate filenames before launching application

Overview There is a vulnerability in Microsoft Visual FoxPro 6.0 that allows remote attackers to execute Visual FoxPro applications with the privileges of the victim user. Description Microsoft Visual FoxPro 6.0 contains an unspecified vulnerability that allows remote attackers to execute arbitra...

KDE Security Advisory: Konqueror Cross Site Scripting Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE Security Advisory: Konqueror Cross Site Scripting Vulnerability Original Release Date: 2002-09-08 URL: http://www.kde.org/info/security/advisory-20020908-2.txt 0. References http://online.securityfocus.com/archive/1/290710/2002-09-03/2002-09-09/0 ...

WS_FTP Server SITE CPWD Command Remote Overflow

This host is running a version of WSFTP FTP server prior to 3.1.2. Versions earlier than 3.1.2 contain an unchecked buffer in routines that handle the 'CPWD' command arguments. The 'CPWD' command allows remote users to change their password. By issuing a malformed argument to the CPWD command, a...

Microsoft SQL Server 2000,7 OpenRowSet Buffer Overflow vulnerability (#NISR02072002)

NGSSoftware Insight Security Research Advisory Name: OpenRowSet Buffer Overflows Systems: Microsoft SQL Server 2000 and 7, all Service Packs Severity: High Risk Category: Remote Buffer Overrun Vulnerability Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected]...

IPSwitch IMail ADVISORY/EXPLOIT/PATCH

"In 1995, Ipswitch released IMail Server, the first commercial NT Mail Server. Seven years later there are over 49 million users of IMail worldwide. IMail Server 7.1 Greater security, improved usability, and new revenue opportunities for service providers." 7 years in development, 20 minutes of...

Mozilla cookie stealing - Sandblad advisory #9

Sandblad advisory 9 - ---..---..---..---..---..---..---..---..---..---..---..---..---- Title: Steal/spoof arbitrary cookie in Mozilla Date: 2002-07-24 Software: Mozilla Vendor: http://www.mozilla.org Fix: The author has been working with Mozilla to produce a patch. Problem is fixed in Mozilla 1.1...

Denial of Service bug in Pine 4.44

Hi, while using pine I found a small bug which causes pine to crash. When opening a MIME encoded mail with a blank boundary, pine will crash. The header looks like this: ... Content-Type: multipart/mixed; boundary="" Mime-Version: 1.0 ... This is no dangerous bug and you can simply delete the...

Trend Micro Interscan VirusWall for Windows NT 3.52 - Space Gap Scan Bypass

Trend Micro Interscan VirusWall for Windows NT 3.52 - Space Gap Scan Bypass source: https://www.securityfocus.com/bid/5259/info A vulnerability has been reported in certain VirusWall versions. Reportedly, it is possible to bypass the scanning mechanism of VirusWall by adding extraneous spaces in...