ammar_secret
01-01-2004, 10:48 AM
************************************************** *********************
December 23, 2003
O-044: Sun Security Issue Involving the tcsh(1) ls-F Builtin on Solaris 8
A local unprivileged user may be able to create or remove files or gain
privileges of another user, possibly root, if the tcsh(1) builtin command ls-F
is used.
[Only registered and activated users can see links]
December 27, 2003
2003-12-27: PHP-Nuke Survey Module SQL Injection Vulnerability
A vulnerability has been reported to exist in the Survey module of PHP-Nuke that
may allow a remote attacker to inject malicious SQL syntax into database
queries.
[Only registered and activated users can see links]
December 27, 2003
2003-12-27: LANDesk Software LANDesk Management Suite IRCBoot.DLL ActiveX
Control Buffer Overrun Vulnerability
A problem has been identified in the handling of some types of requests by
ActiveX controls installed with LANDesk Management Suite.
[Only registered and activated users can see links]
December 27, 2003
2003-12-27: OpenBB Board.PHP Cross-Site Scripting Vulnerability
OpenBB is prone to a cross-site scripting vulnerability in the 'board.php'
script.
[Only registered and activated users can see links]
December 26, 2003
2003-12-26: Apache mod_php Module File Descriptor Leakage Vulnerability
It has been reported that Apache mod_php module may be prone to a vulnerability
that may allow a local attacker to gain access to privileged file descriptors.
[Only registered and activated users can see links]
December 26, 2003
2003-12-26: Squirrelmail G/PGP Encryption Plugin Remote Command Execution
Vulnerability
A problem in the handling of some types of input passed to the Squirrelmail
G/PGP Plugin has been discovered.
[Only registered and activated users can see links]
December 26, 2003
2003-12-26: Web Merchant Services Storefront Shopping Cart login.asp SQL
Injection Vulnerability
It has been reported that Storefront shopping cart may be vulnerable to a SQL
injection.
[Only registered and activated users can see links]
December 26, 2003
2003-12-26: GNU Indent Local Heap Overflow Vulnerability
It has been reported that GNU Indent may be prone to a local heap overflow
vulnerability that can be exploited through a malicious C source input file.
[Only registered and activated users can see links]
December 26, 2003
2003-12-26: OpenBB Index.PHP Remote SQL Injection Vulnerability
It has been reported that OpenBB does not properly check input passed via the
'index.php' script.
[Only registered and activated users can see links]
December 26, 2003
2003-12-26: Surfboard [Only registered and activated users can see links] Remote Buffer Overflow Vulnerability
May allow an attacker to gain unauthorized access to a system running the
vulnerable software.
[Only registered and activated users can see links]
December 25, 2003
2003-12-25: Cyrus IMSP Daemon Remote Buffer Overflow Vulnerability
A vulnerability has been reported to exist in the software that may allow a
remote user to launch cross-site scripting attacks.
[Only registered and activated users can see links]
December 23, 2003
O-044: Sun Security Issue Involving the tcsh(1) ls-F Builtin on Solaris 8
A local unprivileged user may be able to create or remove files or gain
privileges of another user, possibly root, if the tcsh(1) builtin command ls-F
is used.
[Only registered and activated users can see links]
December 27, 2003
2003-12-27: PHP-Nuke Survey Module SQL Injection Vulnerability
A vulnerability has been reported to exist in the Survey module of PHP-Nuke that
may allow a remote attacker to inject malicious SQL syntax into database
queries.
[Only registered and activated users can see links]
December 27, 2003
2003-12-27: LANDesk Software LANDesk Management Suite IRCBoot.DLL ActiveX
Control Buffer Overrun Vulnerability
A problem has been identified in the handling of some types of requests by
ActiveX controls installed with LANDesk Management Suite.
[Only registered and activated users can see links]
December 27, 2003
2003-12-27: OpenBB Board.PHP Cross-Site Scripting Vulnerability
OpenBB is prone to a cross-site scripting vulnerability in the 'board.php'
script.
[Only registered and activated users can see links]
December 26, 2003
2003-12-26: Apache mod_php Module File Descriptor Leakage Vulnerability
It has been reported that Apache mod_php module may be prone to a vulnerability
that may allow a local attacker to gain access to privileged file descriptors.
[Only registered and activated users can see links]
December 26, 2003
2003-12-26: Squirrelmail G/PGP Encryption Plugin Remote Command Execution
Vulnerability
A problem in the handling of some types of input passed to the Squirrelmail
G/PGP Plugin has been discovered.
[Only registered and activated users can see links]
December 26, 2003
2003-12-26: Web Merchant Services Storefront Shopping Cart login.asp SQL
Injection Vulnerability
It has been reported that Storefront shopping cart may be vulnerable to a SQL
injection.
[Only registered and activated users can see links]
December 26, 2003
2003-12-26: GNU Indent Local Heap Overflow Vulnerability
It has been reported that GNU Indent may be prone to a local heap overflow
vulnerability that can be exploited through a malicious C source input file.
[Only registered and activated users can see links]
December 26, 2003
2003-12-26: OpenBB Index.PHP Remote SQL Injection Vulnerability
It has been reported that OpenBB does not properly check input passed via the
'index.php' script.
[Only registered and activated users can see links]
December 26, 2003
2003-12-26: Surfboard [Only registered and activated users can see links] Remote Buffer Overflow Vulnerability
May allow an attacker to gain unauthorized access to a system running the
vulnerable software.
[Only registered and activated users can see links]
December 25, 2003
2003-12-25: Cyrus IMSP Daemon Remote Buffer Overflow Vulnerability
A vulnerability has been reported to exist in the software that may allow a
remote user to launch cross-site scripting attacks.
[Only registered and activated users can see links]