cpe:/a:novell:nsure_audit:1.0.1

CVE-2005-1247

2004-01-15T00:00:00.000-05:00

2008-09-05T16:48:38.453-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-05-10T16:39:00.000-04:00

BUGTRAQ 20040115 OpenSSL ASN.1 parsing bugs PoC / brute forcer MISC http://www.cirt.dk/advisories/cirt-31-advisory.pdf CONFIRM http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097379.htm VULNWATCH 20050424 [CIRT.DK - Advisory] Novell Nsure Audit 1.0.1 Denial of Service webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to cause a denial of service via malformed ASN.1 packets in corrupt client certificates to an SSL server, as demonstrated using an exploit for the OpenSSL ASN.1 parsing vulnerability.

cpe:/a:realnetworks:realplayer:10.0_beta cpe:/a:realnetworks:realplayer:10.5_6.0.12.1040 cpe:/a:realnetworks:realplayer:10.0_6.0.12.690 cpe:/a:realnetworks:realplayer:10.0:::english cpe:/a:realnetworks:realone_player:2.0 cpe:/a:realnetworks:realplayer:10.5_6.0.12.1016_beta cpe:/a:realnetworks:realplayer:10.0:::japanese cpe:/a:realnetworks:realone_player:1.0 cpe:/a:realnetworks:realplayer:10.0::german cpe:/a:realnetworks:realplayer:10.5

CVE-2005-0190

2004-09-29T00:00:00.000-04:00

2008-09-05T16:45:33.260-04:00

2.6

NETWORK

HIGH

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-03T15:35:00.000-04:00

XF realplayer-media-file-deletion(17551) BID 11308 MISC http://www.ngssoftware.com/advisories/real-02full.txt CONFIRM http://service.real.com/help/faq/security/040928_player/EN/ SECUNIA 12672 BUGTRAQ 20050119 RealPlayer Arbitrary File Deletion Vulnerability (#NISR19012005f) BUGTRAQ 20050119 RealPlayer Arbitrary File Deletion Vulnerability (#NISR19012005f) BUGTRAQ 20041006 Patch available for multiple high risk vulnerabilities in RealPlayer BUGTRAQ 20041006 Patch available for multiple high risk vulnerabilities in RealPlayer Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension.

cpe:/a:athoc:athoc_toolbar

CVE-2005-0188

2004-10-06T00:00:00.000-04:00

2008-09-05T16:45:32.933-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T14:57:00.000-04:00

ALLOWS_USER_ACCESS

XF athoc-toolbar-format-string(17628) BID 11341 MISC http://www.ngssoftware.com/advisories/athoc-01full.txt BUGTRAQ 20050119 Multiple vulnerabilities in the AtHoc Toolbar (#NISR19012005c) BUGTRAQ 20041006 Patch available for high risk flaws in the AtHoc Toolbar Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug log.

CVE-2005-0189

2004-10-06T00:00:00.000-04:00

2008-09-05T16:45:33.090-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T15:10:00.000-04:00

ALLOWS_USER_ACCESS

CERT-VN VU#698390 BID 12311 MISC http://service.real.com/help/faq/security/040928_player/EN/ BUGTRAQ 20050119 RealPlayer 'ShowPreferences' Buffer Overflow Vulnerability (#NISR19012005e) BUGTRAQ 20041006 Patch available for multiple high risk vulnerabilities in RealPlayer NTBUGTRAQ 20050119 RealPlayer 'ShowPreferences' Buffer Overflow Vulnerability (#NISR19012005e) BUGTRAQ 20050119 RealPlayer 'ShowPreferences' Buffer Overflow Vulnerability (#NISR19012005e) BUGTRAQ 20041006 Patch available for multiple high risk vulnerabilities in RealPlayer Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument.

CVE-2005-0192

2004-10-06T00:00:00.000-04:00

2008-09-05T16:45:33.637-04:00

2.6

NETWORK

HIGH

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-03T15:48:00.000-04:00

XF realplayer-rjs-filenane-directory-traversal(18984) MISC http://www.ngssoftware.com/advisories/real-03full.txt MISC http://service.real.com/help/faq/security/040928_player/EN/ BUGTRAQ 20050119 RealPlayer Miscellaneous Vulnerabilities (#NISR19012005g) BUGTRAQ 20041006 Patch available for multiple high risk vulnerabilities in RealPlayer BUGTRAQ 20050119 RealPlayer Miscellaneous Vulnerabilities (#NISR19012005g) BUGTRAQ 20041006 Patch available for multiple high risk vulnerabilities in RealPlayer Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.

cpe:/o:apple:mac_os_x_server:10.2.8 cpe:/o:apple:mac_os_x_server:10.2.6 cpe:/o:apple:mac_os_x_server:10.2.7 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x_server:10.2.5 cpe:/o:apple:mac_os_x_server:10.1.5 cpe:/o:suse:suse_linux:1.0::desktop cpe:/o:apple:mac_os_x:10.0.4 cpe:/a:cyrus:sasl:1.5.27 cpe:/a:cyrus:sasl:1.5.28 cpe:/o:apple:mac_os_x:10.0.2 cpe:/o:suse:suse_linux:9.2::x86_64 cpe:/o:apple:mac_os_x:10.0.3 cpe:/o:apple:mac_os_x_server:10.1.4 cpe:/o:apple:mac_os_x_server:10.1.3 cpe:/o:apple:mac_os_x:10.0.1 cpe:/a:cyrus:sasl:1.5.24 cpe:/o:apple:mac_os_x_server:10.1.2 cpe:/o:apple:mac_os_x_server:10.1.1 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x:10.0 cpe:/o:apple:mac_os_x:10.1 cpe:/a:suse:suse_cvsup:16.1h_36.i586 cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.1.5 cpe:/o:apple:mac_os_x:10.3 cpe:/o:suse:suse_linux:8.0::i386 cpe:/o:apple:mac_os_x:10.3.1 cpe:/o:apple:mac_os_x:10.3.2 cpe:/o:apple:mac_os_x:10.3.3 cpe:/o:apple:mac_os_x:10.3.4 cpe:/o:apple:mac_os_x:10.3.5 cpe:/o:apple:mac_os_x:10.3.6 cpe:/a:cyrus:sasl:2.1.9 cpe:/o:apple:mac_os_x:10.1.4 cpe:/o:apple:mac_os_x:10.3.7 cpe:/o:apple:mac_os_x:10.1.3 cpe:/o:apple:mac_os_x:10.3.8 cpe:/o:apple:mac_os_x:10.1.2 cpe:/o:apple:mac_os_x:10.1.1 cpe:/o:apple:mac_os_x:10.2.8 cpe:/o:apple:mac_os_x_server:10.1 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.2.5 cpe:/o:apple:mac_os_x_server:10.0 cpe:/o:apple:mac_os_x_server:10.3 cpe:/o:apple:mac_os_x:10.2.6 cpe:/o:suse:suse_linux:9.1::x86_64 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x:10.2.7 cpe:/o:conectiva:linux:9.0 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:suse:suse_linux:9.0 cpe:/o:suse:suse_linux:9.1 cpe:/o:suse:suse_linux:9.0::x86_64 cpe:/o:suse:suse_linux:9.2 cpe:/a:cyrus:sasl:2.1.14 cpe:/a:cyrus:sasl:2.1.13 cpe:/o:suse:suse_linux:8.2 cpe:/a:cyrus:sasl:2.1.12 cpe:/o:suse:suse_linux:8.1 cpe:/a:cyrus:sasl:2.1.11 cpe:/a:cyrus:sasl:2.1.10 cpe:/a:openpkg:openpkg:2.2 cpe:/a:cyrus:sasl:2.1.18 cpe:/a:cyrus:sasl:2.1.17 cpe:/a:cyrus:sasl:2.1.16 cpe:/a:cyrus:sasl:2.1.15 cpe:/a:openpkg:openpkg:2.1 cpe:/o:suse:suse_linux:8.0 cpe:/a:cyrus:sasl:2.1.18_r1 cpe:/o:apple:mac_os_x_server:10.3.2 cpe:/o:apple:mac_os_x_server:10.3.1 cpe:/o:suse:suse_linux:9.0::enterprise_server cpe:/o:apple:mac_os_x_server:10.3.3 cpe:/o:apple:mac_os_x_server:10.3.4 cpe:/o:apple:mac_os_x_server:10.3.5 cpe:/o:apple:mac_os_x_server:10.3.6 cpe:/o:apple:mac_os_x_server:10.3.7 cpe:/o:apple:mac_os_x_server:10.3.8 cpe:/o:redhat:fedora_core:core_1.0 cpe:/o:conectiva:linux:10.0

CVE-2005-0373

2004-10-07T00:00:00.000-04:00

2008-09-10T15:35:27.477-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T10:47:00.000-04:00

ALLOWS_USER_ACCESS

XF cyrus-sasl-digestmda5-bo(17642) BID 11347 MLIST [openbsd-ports] 20040717 UPDATE: cyrus-sasl-2.1.19 SUSE SUSE-SR:2005:006 GENTOO GLSA-200410-05 CONFIRM https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171&content-type=text/x-cvsweb-markup CONFIRM https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170&r2=1.171 MANDRAKE MDKSA-2005:054 Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

cpe:/a:tcp:tcp

CVE-2005-0066

2004-12-22T00:00:00.000-05:00

2008-09-05T16:45:13.120-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-02T14:35:00.000-04:00

MISC http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html BID 13124 The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP acknowledgement number checking"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.

cpe:/a:tcp:tcp

CVE-2005-0067

2004-12-22T00:00:00.000-05:00

2008-09-05T16:45:13.277-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-02T14:40:00.000-04:00

MISC http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html BID 13124 The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.

cpe:/a:tcp:tcp

CVE-2005-0068

2004-12-22T00:00:00.000-05:00

2008-09-05T16:45:13.417-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-02T14:44:00.000-04:00

MISC http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html BID 13124 The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.

cpe:/a:sybase:adaptive_server_enterprise:11.5::sun cpe:/a:sybase:adaptive_server_enterprise:12.5.3 cpe:/a:sybase:adaptive_server_enterprise:12.5::win cpe:/a:sybase:adaptive_server_enterprise:12.0::digital_unix cpe:/a:sybase:adaptive_server_enterprise:12.5.2 cpe:/a:sybase:adaptive_server_enterprise:12.0.1::sun cpe:/a:sybase:adaptive_server_enterprise:11.9.2::win cpe:/a:sybase:adaptive_server_enterprise:11.5.1::win cpe:/a:sybase:adaptive_server_enterprise:12.5::linux cpe:/a:sybase:adaptive_server_enterprise:11.5.1::hp cpe:/a:sybase:adaptive_server_enterprise:12.0::hp cpe:/a:sybase:adaptive_server_enterprise:12.5::sun cpe:/a:sybase:adaptive_server_enterprise:12.0::sun cpe:/a:sybase:adaptive_server_enterprise:12.0.1::win cpe:/a:sybase:adaptive_server_enterprise:11.5.1::sun cpe:/a:sybase:adaptive_server_enterprise:12.5::sgi cpe:/a:sybase:adaptive_server_enterprise:11.03.3::linux cpe:/a:sybase:adaptive_server_enterprise:11.9.2::digital_unix cpe:/a:sybase:adaptive_server_enterprise:12.5::digital_unix cpe:/a:sybase:adaptive_server_enterprise:11.9.2::sun cpe:/a:sybase:adaptive_server_enterprise:11.5::win cpe:/a:sybase:adaptive_server_enterprise:11.5::hp cpe:/a:sybase:adaptive_server_enterprise:11.5::digital_unix cpe:/a:sybase:adaptive_server_enterprise:12.0.1::digital_unix cpe:/a:sybase:adaptive_server_enterprise:12.0.1::hp cpe:/a:sybase:adaptive_server_enterprise:11.5.1::digital_unix cpe:/a:sybase:adaptive_server_enterprise:11.9.2::hp cpe:/a:sybase:adaptive_server_enterprise:12.0::win cpe:/a:sybase:adaptive_server_enterprise:12.5::hp

CVE-2005-0441

2004-12-22T00:00:00.000-05:00

2008-09-05T16:46:18.007-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2005-06-07T13:29:00.000-04:00

ALLOWS_ADMIN_ACCESS

XF sybase-ase-install-java-bo(19980) XF sybase-ase-abstract-bo(19979) XF sybase-ase-declare-bo(19978) XF sybase-ase-convert-bo(19976) XF sybase-ase-attribvalid-bo(19974) XF sybase-adaptive-server(19354) CONFIRM http://www.sybase.com/detail?id=1034752 CONFIRM http://www.sybase.com/detail?id=1034520 BID 12080 BUGTRAQ 20050321 Details of Sybase ASE bugs withheld SECUNIA 13632 BUGTRAQ 20050405 Sybase ASE Multiple Security Issues (#NISR05042005) BUGTRAQ 20041222 Sybase ASE 12.5.2 vulnerabilities MISC http://www.ngssoftware.com/advisories/sybase-ase.txt Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ESD#1 allow remote authenticated users to execute arbitrary code via the (1) attrib_valid function, (2) covert function, (3) declare statement, or (4) a crafted query plan, or remote authenticated users with database owner or "sa" role privileges to execute arbitrary code via (5) a crafted install java statement.

cpe:/a:sugarcrm:sugarcrm:1.0f cpe:/a:sugarcrm:sugarcrm:1.0g cpe:/a:sugarcrm:sugarcrm:1.1f cpe:/a:sugarcrm:sugarcrm:1.1 cpe:/a:sugarcrm:sugarcrm:1.0 cpe:/a:sugarcrm:sugarcrm:1.5d cpe:/a:sugarcrm:sugarcrm:1.1b cpe:/a:sugarcrm:sugarcrm:1.1c cpe:/a:sugarcrm:sugarcrm:1.1d cpe:/a:sugarcrm:sugarcrm:2.0.1a cpe:/a:sugarcrm:sugarcrm:1.1e cpe:/a:sugarcrm:sugarcrm:2.0.1 cpe:/a:sugarcrm:sugarcrm:1.1a

CVE-2005-0266

2005-01-01T00:00:00.000-05:00

2008-09-05T16:45:48.353-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T13:36:00.000-04:00

BUGTRAQ 20050101 Cross Site Scripting Vulnerabilities and Possible Code Execution XF sugar-sales-index-xss(18719) BID 12113 Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X allows remote attackers to inject arbitrary web script or HTML via the (1) return_module, (2) return_action, (3) name, (4) module, or (5) record parameter.

cpe:/a:flatnuke:flatnuke:2.5.1

CVE-2005-0268

2005-01-03T00:00:00.000-05:00

2008-09-05T16:45:48.713-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T13:44:00.000-04:00

XF flatnuke-indexphp-xss(18746) BID 12150 BUGTRAQ 20050102 Multiple Vulnerabilities in FlatNuke Direct code injection vulnerability in FlatNuke 2.5.1 allows remote attackers to execute arbitrary PHP code by placing the code into the url_avatar field.

cpe:/a:photopost:reviewpost_php_pro:2.5 cpe:/a:photopost:reviewpost_php_pro:2.5.1 cpe:/a:photopost:reviewpost_php_pro:1.0.2

CVE-2005-0271

2005-01-03T00:00:00.000-05:00

2008-09-05T16:45:49.277-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T13:54:00.000-04:00

ALLOWS_OTHER_ACCESS

XF reviewpost-php-sql-injection(18732) MISC http://www.gulftech.org/?node=research&article_id=00062-01022005 SECUNIA 13697 BUGTRAQ 20050103 Serious Vulnerabilities In PhotoPost ReviewPost Multiple SQL injection vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to showcat.php or (2) product parameter to addfav.php.

cpe:/a:photopost:photopost_php_pro:4.85

CVE-2005-0274

2005-01-03T00:00:00.000-05:00

2008-09-05T16:45:49.760-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T14:08:00.000-04:00

XF photopost-php-showgallery-xss(18744) BID 12156 MISC http://www.gulftech.org/?node=research&article_id=00063-01032005 BUGTRAQ 20050103 Multiple PhotoPost Pro Vulnerabilities SECUNIA 13680 Multiple cross-site scripting (XSS) vulnerabilities in showgallery.php in PhotoPost before 4.86 allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) si, (3) page, or (4) ppuser parameters.

cpe:/a:jowood_productions:soldner_secret_wars:30830

CVE-2005-0280

2005-01-04T00:00:00.000-05:00

2008-09-05T16:45:50.713-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T14:19:00.000-04:00

ALLOWS_USER_ACCESS

XF soldner-secret-wars-format-string(18752) BID 12162 SECUNIA 13716 BUGTRAQ 20050104 Socket termination, format string and XSS in Soldner Secret Wars Format string vulnerability in Soldner Secret Wars 30830 and earlier allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in a message.

cpe:/a:david_barrett:qwikiwiki:1.4.1

CVE-2005-0283

2005-01-04T00:00:00.000-05:00

2008-09-05T16:45:51.180-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T14:27:00.000-04:00

XF qwikiwiki-directory-traversal(18748) BID 12163 BUGTRAQ 20050104 QWikiwiki directory traversal vulnerability CONFIRM http://www.qwikiwiki.com/index.php?page=QwikiVulnerability SECUNIA 12044 Directory traversal vulnerability in index.php in QwikiWiki allows remote attackers to read arbitrary files via a .. (dot dot) and a %00 at the end of the filename in the page parameter.

cpe:/a:mod_dosevasive:mod_dosevasive:1.8 cpe:/a:mod_dosevasive:mod_dosevasive:1.9

CVE-2005-0182

2005-01-06T00:00:00.000-05:00

2008-09-05T16:45:31.963-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-03T14:32:00.000-04:00

XF moddosevasive-symlink(18765) BID 12181 MISC http://security.lss.hr/index.php?page=details&ID=LSS-2005-01-01 BUGTRAQ 20050111 Mod_dosevasive symlink and race vulnerability SECUNIA 13725 The mod_dosevasive module 1.9 and earlier for Apache creates temporary files with predictable filenames, which could allow remote attackers to overwrite arbitrary files via a symlink attack.

cpe:/a:woltlab:burning_book:1.0_gold cpe:/a:woltlab:burning_book:1.1.1e

CVE-2005-0284

2005-01-10T00:00:00.000-05:00

2008-09-05T16:45:51.337-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T14:39:00.000-04:00

ALLOWS_OTHER_ACCESS

XF woltlab-book-addentry-sql-injection(18859) BUGTRAQ 20050110 Woltlab Burning Book addentry.php SQL Injection SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent parameter.

cpe:/a:bottomline:webseries_payment_application:4.0

CVE-2005-0287

2005-01-10T00:00:00.000-05:00

2008-09-05T16:45:51.823-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T14:49:00.000-04:00

XF webseries-report-execution(18862) BUGTRAQ 20050110 Portcullis Security Advisory 05-009 SECTRACK 1012854 SECUNIA 13821 Bottomline Webseries Payment Application allows remote attackers to read arbitrary files on the network via a report template with modified ReportPath or ReportName values.

cpe:/a:squid:squid:2.1_patch2 cpe:/a:squid:squid:2.5_stable9 cpe:/a:squid:squid:2.5.stable3 cpe:/a:squid:squid:2.5.stable2 cpe:/a:squid:squid:2.4_.stable6 cpe:/a:squid:squid:2.5.stable5 cpe:/a:squid:squid:2.4_.stable7 cpe:/a:squid:squid:2.5.stable4 cpe:/a:squid:squid:2.5.stable1 cpe:/a:squid:squid:2.4_.stable2 cpe:/a:squid:squid:2.5_.stable6 cpe:/a:squid:squid:2.5_.stable5 cpe:/a:squid:squid:2.3_stable5 cpe:/a:squid:squid:2.5_.stable4 cpe:/a:squid:squid:2.5_.stable3 cpe:/a:squid:squid:2.5_stable4 cpe:/a:squid:squid:2.5_.stable1 cpe:/a:squid:squid:2.5_stable3 cpe:/a:squid:squid:2.4_stable7 cpe:/a:squid:squid:2.5.6 cpe:/a:squid:squid:2.3_.stable5 cpe:/a:squid:squid:2.3_.stable4 cpe:/a:squid:squid:2.6.stable1 cpe:/a:squid:squid:2.5.stable6 cpe:/a:squid:squid:2.5.stable7 cpe:/a:squid:squid:2.4 cpe:/a:squid:squid:2.0_patch2

CVE-2005-0097

2005-01-11T00:00:00.000-05:00

2008-09-05T16:45:18.607-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T01:17:00.000-04:00

TRUSTIX 2005-0003 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 SUSE SUSE-SA:2005:006 GENTOO GLSA-200501-25 SECUNIA 13789 BID 12220 SECTRACK 1012818 FEDORA FLSA-2006:152809 The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.

cpe:/a:apache:mod_auth_radius:1.5.4

CVE-2005-0108

2005-01-11T00:00:00.000-05:00

2008-09-05T16:45:20.480-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T03:41:00.000-04:00

XF modauthradius-dos(18841) DEBIAN DSA-659 MISC http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-01-02 BUGTRAQ 20050111 Apache mod_auth_radius remote integer overflow BID 12217 SECTRACK 1012829 SECUNIA 14046 SECUNIA 13773 Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument.

cpe:/a:xshisen:xshisen:1.36

CVE-2005-0117

2005-01-11T00:00:00.000-05:00

2008-09-05T16:45:22.213-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T05:56:00.000-04:00

CONFIRM http://www.vuxml.org/freebsd/56971fa6-641c-11d9-a097-000854d03344.html MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=289784 Buffer overflow in XShisen before 1.36 allows local users to execute arbitrary code via a long GECOS field.

cpe:/a:bottomline:webseries_payment_application:4.0

CVE-2005-0288

2005-01-11T00:00:00.000-05:00

2008-09-05T16:45:51.977-04:00

3.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T15:09:00.000-04:00

XF webseries-pa-password-gain-access(18860) BID 12231 BUGTRAQ 20050110 Portcullis Security Advisory 05-008 SECTRACK 1012854 SECUNIA 13821 The change password functionality in Bottomline Webseries Payment Application does not require the old password when users enter a new password, which could allow remote authenticated users to change other users' passwords.

cpe:/a:sergey_kiselev:sgallery:1.01

CVE-2005-0376

2005-01-12T00:00:00.000-05:00

2008-09-05T16:46:07.167-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T11:01:00.000-04:00

ALLOWS_OTHER_ACCESS

XF sgallery-file-include(18878) MISC http://www.waraxe.us/advisory-39.html SECTRACK 1012868 SECUNIA 13824 BUGTRAQ 20050112 [waraxe-2005-SA#039] - Critical Sql Injection in Sgallery module for PhpNuke FULLDISC 20050112 [waraxe-2005-SA#039] - Critical Sql Injection in Sgallery module for PhpNuke PHP remote file inclusion vulnerability in SGallery 1.01 allows local and possibly remote attackers to execute arbitrary PHP code by modifying the DOCUMENT_ROOT parameter to reference a URL on a remote web server that contains (1) config.php or (2) sql_layer.php.

cpe:/a:opera_software:opera_web_browser:6.0.1::linux cpe:/a:opera_software:opera_web_browser:5.0.2::win32 cpe:/a:opera_software:opera_web_browser:6.0 cpe:/a:opera_software:opera_web_browser:9.10 cpe:/a:opera_software:opera_web_browser:6.0.6 cpe:/a:opera_software:opera_web_browser:6.0.1 cpe:/a:opera_software:opera_web_browser:7.0.2::win32 cpe:/a:opera_software:opera_web_browser:5.0::mac cpe:/a:opera_software:opera_web_browser:5.12 cpe:/a:opera_software:opera_web_browser:5.0::linux cpe:/a:opera_software:opera_web_browser:6.0.6::win32 cpe:/a:opera_software:opera_web_browser:7.11b cpe:/a:opera_software:opera_web_browser:6.0::win32 cpe:/a:opera_software:opera_web_browser:6.0.5::win32 cpe:/a:opera_software:opera_web_browser:5.1.1::win32 cpe:/a:opera_software:opera_web_browser:7.23 cpe:/a:opera_software:opera_web_browser:7.22 cpe:/a:opera_software:opera_web_browser:7.21 cpe:/a:opera_software:opera_web_browser:7.20 cpe:/a:opera_software:opera_web_browser:7.0.3::win32 cpe:/a:opera_software:opera_web_browser:6.0.3::win32 cpe:/a:opera_software:opera_web_browser:6.0.4::win32 cpe:/a:opera_software:opera_web_browser:7.11j cpe:/a:opera_software:opera_web_browser:7.0_beta2::win32 cpe:/a:opera_software:opera_web_browser:7.0::win32 cpe:/a:opera_software:opera_web_browser:6.0.2::linux cpe:/a:opera_software:opera_web_browser:7.54 cpe:/a:opera_software:opera_web_browser:7.20_beta1_build2981 cpe:/a:opera_software:opera_web_browser:7.0.1::win32 cpe:/a:opera_software:opera_web_browser:7.50 cpe:/a:opera_software:opera_web_browser:5.12::win32 cpe:/a:opera_software:opera_web_browser:7.51 cpe:/a:opera_software:opera_web_browser:7.52 cpe:/a:opera_software:opera_web_browser:7.53 cpe:/a:opera_software:opera_web_browser:7.11 cpe:/a:opera_software:opera_web_browser:7.10 cpe:/a:opera_software:opera_web_browser:7.0_beta1::win32 cpe:/a:opera_software:opera_web_browser:6.0.1::win32 cpe:/a:opera_software:opera_web_browser:6.0.3::linux cpe:/a:opera_software:opera_web_browser:5.1.0::win32 cpe:/a:opera_software:opera_web_browser:6.0.2::win32 cpe:/a:opera_software:opera_web_browser:6.10::linux

CVE-2005-0456

2005-01-12T00:00:00.000-05:00

2008-09-05T16:46:20.773-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-07T14:44:00.000-04:00

CERT-VN VU#882926 CONFIRM http://www.opera.com/linux/changelogs/754u2/ GENTOO GLSA-200502-17 SECUNIA 13818 XF opera-data-dialog-spoofing(18867) SUSE SUSE-SA:2005:031 Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code.

cpe:/a:vim_development_group:vim:6.3.011 cpe:/a:vim_development_group:vim:6.3.044 cpe:/a:vim_development_group:vim:6.3.030 cpe:/a:vim_development_group:vim:6.3.025

CVE-2005-0069

2005-01-13T00:00:00.000-05:00

2008-09-05T16:45:13.573-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-02T15:01:00.000-04:00

XF vim-symlink(18870) REDHAT RHSA-2005:122 REDHAT RHSA-2005:036 SECUNIA 13841 BUGTRAQ 20050118 [USN-61-1] vim vulnerabilities FEDORA FLSA:2343 SECTRACK 1012938 The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files.

cpe:/a:mysql:maxdb:7.5.00

CVE-2005-0111

2005-01-13T00:00:00.000-05:00

2008-09-05T16:45:21.260-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T04:28:00.000-04:00

ALLOWS_USER_ACCESS

IDEFENSE 20050113 MySQL MaxDB WebAgent websql logon Buffer Overflow Vulnerability BID 12265 IDEFENSE 20050113 MySQL MaxDB WebAgent websql logon Buffer Overflow Vulnerability SECTRACK 1012893 Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter.

cpe:/a:forumkit:forumkit:1.0

CVE-2005-0381

2005-01-13T00:00:00.000-05:00

2008-09-10T15:35:28.023-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-07T11:10:00.000-04:00

XF forumkit-members-xss(18880) BID 12256 SECTRACK 1012895 BUGTRAQ 20050113 XSS Vulnerability in ForumKIT Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 allows remote attackers to inject arbitrary web script or HTML via the members parameter.

cpe:/o:openbsd:openbsd:2.6 cpe:/o:openbsd:openbsd:2.7 cpe:/o:openbsd:openbsd:2.8 cpe:/o:openbsd:openbsd:2.9 cpe:/o:openbsd:openbsd:2.2 cpe:/o:openbsd:openbsd:2.3 cpe:/o:openbsd:openbsd:2.4 cpe:/o:openbsd:openbsd:2.5 cpe:/o:openbsd:openbsd:2.0 cpe:/o:openbsd:openbsd:2.1 cpe:/o:openbsd:openbsd:3.0 cpe:/o:openbsd:openbsd:3.4 cpe:/o:openbsd:openbsd:3.3 cpe:/o:openbsd:openbsd:3.2 cpe:/o:openbsd:openbsd:3.1 cpe:/o:openbsd:openbsd:3.6 cpe:/o:openbsd:openbsd:3.5

CVE-2005-0740

2005-01-13T00:00:00.000-05:00

2008-09-05T16:47:10.350-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-10T10:37:00.000-04:00

BID 12250 OPENBSD 20050111 027: RELIABILITY FIX: January 11, 2005 SECTRACK 1012861 SECUNIA 13819 The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout.

cpe:/a:microsoft:ie:6.0:sp2

CVE-2005-0110

2005-01-14T00:00:00.000-05:00

2008-09-05T16:45:21.107-04:00

2.6

NETWORK

HIGH

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-03T04:22:00.000-04:00

FULLDISC 20050114 Internet Explorer (SP2) - Remote File Download Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning dialog and possibly trick an unknowledgeable user into executing arbitrary code via a web page with a body element containing an onclick tag, as demonstrated using the createElement function.

cpe:/o:sgi:irix:6.5

CVE-2005-0113

2005-01-14T00:00:00.000-05:00

2008-09-05T16:45:21.590-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2005-06-03T04:44:00.000-04:00

ALLOWS_ADMIN_ACCESS

XF irix-inpview-gain-privileges(18894) IDEFENSE 20050113 SGI IRIX inpview Design Error Vulnerability SECUNIA 13858 BID 12259 OSVDB 12915 SECTRACK 1012894 inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges.

CVE-2005-0094

2005-01-15T00:00:00.000-05:00

2008-09-10T15:34:55.413-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T00:28:00.000-04:00

REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 DEBIAN DSA-651 GENTOO GLSA-200501-25 SECUNIA 13825 TRUSTIX 2005-0003 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-gopher_html_parsing.patch CONFIRM http://www.squid-cache.org/Advisories/SQUID-2005_1.txt SUSE SUSE-SA:2005:006 CONECTIVA CLA-2005:923 BID 12276 MANDRAKE MDKSA-2005:014 FEDORA FLSA-2006:152809 Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.

CVE-2005-0095

2005-01-15T00:00:00.000-05:00

2008-09-10T15:34:55.493-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T00:42:00.000-04:00

TRUSTIX 2005-0003 CONFIRM http://www.squid-cache.org/Advisories/SQUID-2005_2.txt REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 SUSE SUSE-SA:2005:006 DEBIAN DSA-651 GENTOO GLSA-200501-25 SECUNIA 13825 CONECTIVA CLA-2005:923 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch BID 12275 OSVDB 12886 MANDRAKE MDKSA-2005:014 SECTRACK 1012882 FEDORA FLSA-2006:152809 The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.

cpe:/a:minis:minis:0.2.1

CVE-2005-0294

2005-01-16T00:00:00.000-05:00

2008-09-05T16:45:52.917-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T15:36:00.000-04:00

XF minis-month-dos(18929) BUGTRAQ 20050116 Minis directory traversal vulnerability FULLDISC 20050116 Minis directory traversal vulnerability SECTRACK 1012911 SECUNIA 13866 minis.php in Minis 0.2.1 allows remote attackers to cause a denial of service (infinite loop) via an HTTP request for a file that the web server does not have permission to read, as demonstrated using the month parameter.

cpe:/a:gallery_project:gallery:2.0_alpha

CVE-2005-0221

2005-01-17T00:00:00.000-05:00

2008-09-05T16:45:40.010-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T10:26:00.000-04:00

XF gallery-multiple-xss(18938) CONFIRM http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=147 MISC http://theinsider.deep-ice.com/texts/advisory69.txt BUGTRAQ 20050117 Gallery v1.3.4-pl1, v1.4.4-pl2, 2.0 Alpha Cross Site Scripting Vulnerability VULNWATCH 20050117 [VulnWatch] Gallery v1.3.4-pl1, v1.4.4-pl2, 2.0 Alpha Cross Site Scripting Vulnerability XF gallery-g2formsubject-xss(43472) Cross-site scripting (XSS) vulnerability in login.php in Gallery 2.0 Alpha allows remote attackers to inject arbitrary web script or HTML via the g2_form[subject] field.

cpe:/h:netgear:fvs318:2.4

CVE-2005-0290

2005-01-17T00:00:00.000-05:00

2008-09-05T16:45:52.290-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T15:20:00.000-04:00

XF netgear-fvs318-filter-bypass(18920) BID 12278 BUGTRAQ 20050117 Multiple Vulnerabilities in Netgear FVS318 Router FULLDISC 20050117 Multiple Vulnerabilities in Netgear FVS318 Router SECTRACK 1012913 SECUNIA 13787 NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension.

cpe:/h:netgear:fvs318:2.4

CVE-2005-0291

2005-01-17T00:00:00.000-05:00

2008-09-05T16:45:52.447-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T15:27:00.000-04:00

XF netgear-fvs318-log-xss(18921) BID 12278 BUGTRAQ 20050117 Multiple Vulnerabilities in Netgear FVS318 Router FULLDISC 20050117 Multiple Vulnerabilities in Netgear FVS318 Router OSVDB 13012 SECTRACK 1012913 SECUNIA 13787 Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase.

cpe:/a:php_gift_registry:phpgiftreg:1.4

CVE-2005-0292

2005-01-17T00:00:00.000-05:00

2008-09-05T16:45:52.603-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T15:32:00.000-04:00

ALLOWS_OTHER_ACCESS

BID 12289 BUGTRAQ 20050307 Re: phpGiftReq SQL Injection XF phpgiftregistry-sql-injection(18925) SECUNIA 13873 BUGTRAQ 20050116 phpGiftReq SQL Injection FULLDISC 20050116 phpGiftReq SQL Injection SECTRACK 1012910 Multiple SQL injection vulnerabilities in index.php in PHP Gift Registry (phpGiftReg) 1.4.0, and possibly other versions before 1.5.0b1, allow remote attackers to execute arbitrary SQL commands via the (1) messageid, (2) shopper, (3) shopfor, or (4) itemid parameters.

cpe:/a:inca:nprotect_gameguard

CVE-2005-0295

2005-01-17T00:00:00.000-05:00

2008-09-05T16:45:53.073-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T15:41:00.000-04:00

XF nprotect-npptnt2-gain-access(18952) BID 12280 BUGTRAQ 20050116 Unrestricted I/O access vulnerability in INCA Gameguard SECUNIA 13928 npptnt2.sys in nProtect Gameguard provides unrestricted I/O to any process that calls it, which allows local users to gain privileges.

cpe:/a:novell:groupwise_webaccess:6.5:sp2 cpe:/a:novell:groupwise:6.0:sp4 cpe:/a:novell:groupwise:6.5:sp1 cpe:/a:novell:groupwise:6.5:sp2 cpe:/a:novell:groupwise:6.0 cpe:/a:novell:groupwise:6.5 cpe:/a:novell:groupwise:6.0:sp2 cpe:/a:novell:groupwise_webaccess:6.5 cpe:/a:novell:groupwise:6.0:sp3 cpe:/a:novell:groupwise_webaccess:6.0:sp4 cpe:/a:novell:groupwise_webaccess:6.5:sp1 cpe:/a:novell:groupwise:6.0:sp1

CVE-2005-0296

2005-01-17T00:00:00.000-05:00

2008-09-05T16:45:53.227-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T15:51:00.000-04:00

XF groupwise-error-auth-bypass(18954) BID 12285 BUGTRAQ 20050127 NOVL-2005-10096251 GroupWise WebAccess error handling modules (report) FULLDISC 20050121 NOVL-2005-10096251 GroupWise WebAccess error handling modules (report) MISC http://support.novell.com/servlet/tidfinder/10096251 BUGTRAQ 20050117 Novell GroupWise WebAccess error modules loading OSVDB 13135 ** DISPUTED ** NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue.

cpe:/a:awstats:awstats:6.3

CVE-2005-0116

2005-01-18T00:00:00.000-05:00

2008-09-05T16:45:22.057-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T05:41:00.000-04:00

ALLOWS_USER_ACCESS

CERT-VN VU#272296 IDEFENSE 20050117 AWStats Remote Command Execution Vulnerability SECUNIA 13893 CONFIRM http://awstats.sourceforge.net/docs/awstats_changelog.txt BID 12298 OSVDB 13002 MISC http://packetstormsecurity.org/0501-exploits/AWStatsVulnAnalysis.pdf AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.

cpe:/a:oracle:database_server cpe:/a:oracle:database_server:10.2.1:r2

CVE-2005-0297

2005-01-18T00:00:00.000-05:00

2008-09-05T16:45:53.417-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T16:07:00.000-04:00

ALLOWS_OTHER_ACCESS

BUGTRAQ 20050118 Multiple high risk vulnerabilities in Oracle RDBMS 10g/9i SQL injection vulnerability in Oracle Database 9i and 10g allows remote attackers to execute arbitrary SQL commands and gain privileges.

cpe:/o:cisco:ios:12.3t cpe:/o:cisco:ios:12.3 cpe:/o:cisco:ios:12.1yd cpe:/o:cisco:ios:12.2t

CVE-2005-0186

2005-01-19T00:00:00.000-05:00

2009-03-04T00:29:26.593-05:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T14:42:00.000-04:00

XF cisco-ios-sccp-dos(18956) CISCO 20050119 Vulnerability in Cisco IOS Embedded Call Processing Solutions SECTRACK 1012945 SECUNIA 13913 Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port.

CVE-2005-0191

2005-01-19T00:00:00.000-05:00

2008-09-05T16:45:33.447-04:00

5.1

NETWORK

HIGH

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T15:46:00.000-04:00

ALLOWS_USER_ACCESS

XF realplayer-long-filename-offbyone-bo(18982) MISC http://www.ngssoftware.com/advisories/real-03full.txt CONFIRM http://service.real.com/help/faq/security/040928_player/EN/ BUGTRAQ 20050119 RealPlayer Miscellaneous Vulnerabilities (#NISR19012005g) BUGTRAQ 20041006 Patch available for multiple high risk vulnerabilities in RealPlayer BUGTRAQ 20050119 RealPlayer Miscellaneous Vulnerabilities (#NISR19012005g) BUGTRAQ 20041006 Patch available for multiple high risk vulnerabilities in RealPlayer Off-by-one buffer overflow in the processing of tags in Real Metadata Package (RMP) files in RealPlayer 10.5 (6.0.12.1040) and earlier could allow remote attackers to execute arbitrary code via a long tag.

cpe:/a:jsboard:jsboard:2.0.7 cpe:/a:jsboard:jsboard:2.0.8 cpe:/a:jsboard:jsboard:2.0.9

CVE-2005-0300

2005-01-20T00:00:00.000-05:00

2008-09-05T16:45:53.930-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T16:23:00.000-04:00

XF jsboard-session-file-include(18990) BID 12319 BUGTRAQ 20050120 STG Security Advisory: [SSA-20050120-22] JSBoard file disclosure SECTRACK 1012949 SECUNIA 13920 Directory traversal vulnerability in session.php in JSBoard 2.0.9 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the table parameter.

cpe:/a:yamt:yamt:0.5.2

CVE-2005-1846

2005-01-20T00:00:00.000-05:00

2008-09-05T16:50:14.887-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-03T15:14:00.000-04:00

CONFIRM http://www.vuxml.org/freebsd/99b5cfa5-d3d2-11d9-8ffb-00061bc2ad93.html CONFIRM http://rpmfind.net/linux/RPM/suse/updates/8.2/i386/rpm/i586/yamt-0.5-1277.i586.html Multiple directory traversal vulnerabilities in YaMT before 0.5_2 allow attackers to overwrite arbitrary files via the (1) rename or (2) sort options.

cpe:/a:yamt:yamt:0.5.1

CVE-2005-1847

2005-01-20T00:00:00.000-05:00

2008-09-05T16:50:15.027-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T15:20:00.000-04:00

ALLOWS_USER_ACCESS

CONFIRM http://www.vuxml.org/freebsd/99b5cfa5-d3d2-11d9-8ffb-00061bc2ad93.html CONFIRM http://rpmfind.net/linux/RPM/suse/updates/8.2/i386/rpm/i586/yamt-0.5-1277.i586.html Multiple buffer overflows in YaMT before 0.5_2 allow attackers to execute arbitrary code via the (1) rename or (2) sort options.

cpe:/a:isync:mrouter:1.5

CVE-2005-0193

2005-01-22T00:00:00.000-05:00

2008-09-05T16:45:33.807-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2005-06-03T15:52:00.000-04:00

ALLOWS_ADMIN_ACCESS

XF isync-mrouter-bo(19011) BUGTRAQ 20050122 Mac OS X 10.3 iSync Privilege Escalation APPLE APPLE-SA-2005-04-19 BID 12334 SECTRACK 1012974 SECUNIA 13965 Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and earlier allows local users to execute arbitrary code.

cpe:/a:kmint21_software:golden_ftp_server:1.31b cpe:/a:kmint21_software:golden_ftp_server:1.00b cpe:/a:kmint21_software:golden_ftp_server:1.30b cpe:/a:kmint21_software:golden_ftp_server:2.02b cpe:/a:kmint21_software:golden_ftp_server:1.20b

CVE-2005-0566

2005-01-22T00:00:00.000-05:00

2008-09-05T16:46:39.570-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-08T11:21:00.000-04:00

ALLOWS_USER_ACCESS

CERT-VN VU#620862 XF golden-ftp-rnto-bo(19015) BID 12333 MISC http://www.goldenftpserver.com SECUNIA 13966 SECTRACK 1012973 FULLDISC 20050122 several BO's in goldenftpd Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command.

cpe:/a:ejoy_and_hu_yong:zhcon:0.2

CVE-2005-0072

2005-01-24T00:00:00.000-05:00

2008-09-10T15:34:51.897-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-02T15:22:00.000-04:00

DEBIAN DSA-655 XF zhcon-information-disclosure(19045) BID 12343 MANDRAKE MDKSA-2005:012 SECTRACK 1012977 SECUNIA 13987 SECUNIA 13982 SECUNIA 13977 zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files.

cpe:/a:mozilla:firefox:1.0 cpe:/a:mozilla:firefox:0.9:rc cpe:/a:mozilla:firefox:0.10 cpe:/a:mozilla:firefox:0.9.3 cpe:/a:mozilla:firefox:0.9.2 cpe:/a:mozilla:firefox:0.9 cpe:/a:mozilla:firefox:0.9.1 cpe:/a:mozilla:firefox:0.8 cpe:/a:mozilla:firefox:0.10.1

CVE-2005-0145

2005-01-24T00:00:00.000-05:00

2008-09-10T15:35:02.290-04:00

2.6

NETWORK

HIGH

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-03T12:29:00.000-04:00

CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=265176 XF mozilla-script-click-event-bypass(19170) CONFIRM http://www.mozilla.org/security/announce/mfsa2005-07.html BID 12407 Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature.

cpe:/a:datarescue:ida:4.7

CVE-2005-0115

2005-01-24T00:00:00.000-05:00

2008-09-05T16:45:21.903-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T05:24:00.000-04:00

ALLOWS_USER_ACCESS

XF database-ida-portable-executable-bo(19042) CONFIRM http://www.datarescue.com/ubb/ultimatebb.php?/topic/2/146.html IDEFENSE 20050124 DataRescue Interactive Disassembler Pro Buffer Overflow Vulnerability BID 12353 SECTRACK 1012975 SECUNIA 13980 Stack-based buffer overflow in DataRescue Interactive Disassembler (IDA) Pro 4.7 allows attackers to execute arbitrary code via a PE file with an Import Address Table containing a long import library name.

cpe:/a:ximian:evolution:1.3.2_beta cpe:/a:ximian:evolution:1.2.4 cpe:/a:ximian:evolution:1.2.3 cpe:/a:ximian:evolution:1.2.2

CVE-2005-0102

2005-01-24T00:00:00.000-05:00

2008-09-10T15:34:57.570-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2005-06-03T02:09:00.000-04:00

ALLOWS_ADMIN_ACCESS

XF evolution-camellockhelper-bo(19031) BID 12354 REDHAT RHSA-2005:397 DEBIAN DSA-673 GENTOO GLSA-200501-35 CONECTIVA CLA-2005:925 REDHAT RHSA-2005:238 UBUNTU USN-69-1 MANDRAKE MDKSA-2005:024 SECTRACK 1012981 SECUNIA 13830 Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.

cpe:/a:squirrelmail:squirrelmail:1.4.0 cpe:/a:squirrelmail:squirrelmail:1.0.5 cpe:/a:squirrelmail:squirrelmail:1.0.4 cpe:/a:squirrelmail:squirrelmail:1.4.1 cpe:/a:squirrelmail:squirrelmail:1.4.2 cpe:/a:squirrelmail:squirrelmail:1.4.3_rc1 cpe:/a:squirrelmail:squirrelmail:1.4.3 cpe:/a:squirrelmail:squirrelmail:1.2.8 cpe:/a:squirrelmail:squirrelmail:1.2.7 cpe:/a:squirrelmail:squirrelmail:1.2.9 cpe:/a:squirrelmail:squirrelmail:1.2.4 cpe:/a:squirrelmail:squirrelmail:1.2.3 cpe:/a:squirrelmail:squirrelmail:1.2.10 cpe:/a:squirrelmail:squirrelmail:1.2.6 cpe:/a:squirrelmail:squirrelmail:1.4.3a cpe:/a:squirrelmail:squirrelmail:1.2.11 cpe:/a:squirrelmail:squirrelmail:1.2.5 cpe:/a:squirrelmail:squirrelmail:1.2.0 cpe:/a:squirrelmail:squirrelmail:1.2.2 cpe:/a:squirrelmail:squirrelmail:1.4 cpe:/a:squirrelmail:squirrelmail:1.2.1

CVE-2005-0103

2005-01-24T00:00:00.000-05:00

2008-09-05T16:45:19.607-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T02:31:00.000-04:00

ALLOWS_OTHER_ACCESS

CONFIRM http://www.squirrelmail.org/security/issue/2005-01-19?PHPSESSID=8af117822fb1ca3aa966a64248b5d223 REDHAT RHSA-2005:135 REDHAT RHSA-2005:099 SECUNIA 13962 APPLE APPLE-SA-2005-03-21 GENTOO GLSA-200501-39 BUGTRAQ 20050129 SquirrelMail Security Advisory XF squirrelmail-frame-file-include(19037) PHP remote file inclusion vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that contains the code.

cpe:/a:ejoy_and_hu_yong:zhcon:0.2

CVE-2005-0072

2005-01-24T00:00:00.000-05:00

2008-09-10T15:34:51.897-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-02T15:22:00.000-04:00

CVE-2005-0096

2005-01-25T00:00:00.000-05:00

2008-09-05T16:45:18.370-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T00:50:00.000-04:00

CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 GENTOO GLSA-200501-25 CONECTIVA CLA-2005:923 TRUSTIX 2005-0003 SUSE SUSE-SA:2005:006 BID 12324 SECTRACK 1012818 FEDORA FLSA-2006:152809 Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption).

cpe:/a:exponent:exponent:0.95

CVE-2005-0309

2005-01-25T00:00:00.000-05:00

2008-09-05T16:45:55.370-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T17:03:00.000-04:00

XF exponent-module-xss(19061) BID 12358 BUGTRAQ 20050125 Vulnerabilities in eXponent 0.95 OSVDB 13190 OSVDB 13188 Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php or (2) mod.php in Exponent 0.95 allow remote attackers to inject arbitrary web script or HTML via the module parameter.

cpe:/a:mercuryboard:mercuryboard:1.1 cpe:/a:mercuryboard:mercuryboard:1.1.1

CVE-2005-0306

2005-01-25T00:00:00.000-05:00

2008-09-05T16:45:54.883-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T16:28:00.000-04:00

XF mercuryboard-multiple-script-path-disclosure(19048) BID 12359 BUGTRAQ 20050124 Multiple vulnerabilities in MercuryBoard 1.1.1 MercuryBoard 1.1.1 allows remote attackers to gain sensitive information via an HTTP request with the n parameter set to 0, which causes a divide-by-zero error and reveals the path in the resulting error message.

cpe:/a:mercuryboard:mercuryboard:1.1 cpe:/a:mercuryboard:mercuryboard:1.1.1

CVE-2005-0307

2005-01-25T00:00:00.000-05:00

2008-09-05T16:45:55.057-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T16:43:00.000-04:00

XF mercuryboard-multiple-scripts-xss(19050) BID 12359 BUGTRAQ 20050124 Multiple vulnerabilities in MercuryBoard 1.1.1 Multiple cross-site scripting (XSS) vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) s, (2) l, (3) a, (4) t, (5) to, or (6) re parameters.

cpe:/a:openswan:openswan:1.0.9 cpe:/a:openswan:openswan:2.3.0

CVE-2005-0162

2005-01-26T00:00:00.000-05:00

2008-09-05T16:45:29.260-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2005-06-03T13:21:00.000-04:00

ALLOWS_ADMIN_ACCESS

XF openswan-xauth-pam-bo(19078) CONFIRM http://www.openswan.org/support/vuln/IDEF0785/ IDEFENSE 20050126 Openswan XAUTH/PAM Buffer Overflow Vulnerability BID 12377 FEDORA FEDORA-2005-082 OSVDB 13195 SECTRACK 1013014 SECUNIA 14062 SECUNIA 14038 Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code.

cpe:/a:war_ftp_daemon:war_ftp_daemon:1.8 cpe:/a:war_ftp_daemon:war_ftp_daemon:1.82_rc9

CVE-2005-0312

2005-01-27T00:00:00.000-05:00

2008-09-05T16:45:55.853-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T17:09:00.000-04:00

BID 12384 BUGTRAQ 20050127 WarFTPD 1.82 RC9 DoS XF warftpd-cwd-dos(19129) CONFIRM http://support.jgaa.com/index.php?cmd=ShowReport&ID=02643 WarFTPD 1.82 RC9, when running as an NT service, allows remote authenticated users to cause a denial of service (access violation) via a CWD command with a crafted pathname, as demonstrated using a large string of "%s" sequences, possibly indicating a format string vulnerability.

cpe:/a:amax_information_technologies:magic_winmail_server:4.0

CVE-2005-0313

2005-01-27T00:00:00.000-05:00

2008-09-05T16:45:56.010-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T17:16:00.000-04:00

XF magic-winmail-command-directory-traversal(19114) XF magicwinmail-uploadphp-file-upload(19108) BID 12388 SECTRACK 1013017 SECUNIA 14053 BUGTRAQ 20050127 [SIG^2 G-TEC] Magic Winmail Server v4.0 Multiple Vulnerabilities Multiple directory traversal vulnerabilities in Magic Winmail Server 4.0 Build 1112 allow remote attackers to (1) upload arbitrary files via certain parameters to upload.php or (2) read arbitrary files via certain parameters to download.php, and remote authenticated users to read, create, or delete arbitrary directories and files via the IMAP commands (3) CREATE, (4) EXAMINE, (5) SELECT, or (6) DELETE.

CVE-2005-0314

2005-01-27T00:00:00.000-05:00

2008-09-05T16:45:56.167-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T17:17:00.000-04:00

XF magic-winmail-userphp-xss(19113) BID 12388 BUGTRAQ 20050127 [SIG^2 G-TEC] Magic Winmail Server v4.0 Multiple Vulnerabilities SECTRACK 1013017 SECUNIA 14053 Cross-site scripting (XSS) vulnerability in user.php in Magic Winmail Server 4.0 Build 1112 allows remote attackers to inject arbitrary web script or HTML via the personal information fields.

cpe:/a:amax_information_technologies:magic_winmail_server:4.0

CVE-2005-0315

2005-01-27T00:00:00.000-05:00

2008-09-05T16:45:56.323-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T17:19:00.000-04:00

ALLOWS_OTHER_ACCESS

XF magicwinmail-ftp-obtain-information(19115) BID 12388 BUGTRAQ 20050127 [SIG^2 G-TEC] Magic Winmail Server v4.0 Multiple Vulnerabilities SECTRACK 1013017 SECUNIA 14053 The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT command is the same as the IP address of the user of the FTP session, which allows remote authenticated users to use the server as an intermediary for port scanning.

cpe:/a:webwasher:webwasher_classic:3.3 cpe:/a:webwasher:webwasher_classic:2.2.1

CVE-2005-0316

2005-01-28T00:00:00.000-05:00

2008-09-05T16:45:56.477-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T17:39:00.000-04:00

ALLOWS_OTHER_ACCESS

BID 12394 SECUNIA 14058 XF webwasher-classic-connect-gain-access(19144) MISC http://www.oliverkarow.de/research/WebWasherCONNECT.txt BUGTRAQ 20050128 WebWasher Classic - HTTP CONNECT weakness SECTRACK 1013036 WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote attackers to bypass intended access restrictions.

cpe:/a:alt-n:webadmin:3.0.2

CVE-2005-0317

2005-01-28T00:00:00.000-05:00

2008-09-05T16:45:56.633-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T17:43:00.000-04:00

XF webadmin-usereditaccountwdm-xss(19161) BID 12395 BUGTRAQ 20050128 Multiple vulnerabilities in Alt-N WebAdmin <= 3.0.2 SECTRACK 1013038 SECUNIA 14079 Cross-site scripting (XSS) vulnerability in useredit_account.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the user parameter.

cpe:/a:alt-n:webadmin:3.0.2

CVE-2005-0318

2005-01-28T00:00:00.000-05:00

2008-09-05T16:45:56.790-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T17:44:00.000-04:00

BID 12395 SECTRACK 1013038 BUGTRAQ 20050128 Multiple vulnerabilities in Alt-N WebAdmin <= 3.0.2 useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users' account information via a modified user parameter.

cpe:/a:alt-n:webadmin:3.0.3

CVE-2005-0319

2005-01-28T00:00:00.000-05:00

2008-09-05T16:45:56.963-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T17:57:00.000-04:00

BID 12395 XF webadmin-html-injection(19162) BUGTRAQ 20050128 Multiple vulnerabilities in Alt-N WebAdmin <= 3.0.2 Direct remote injection vulnerability in modalfram.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to load external webpages that appear to come from the WebAdmin server, which allows remote attackers to inject arbitrary HTML or web script to facilitate cross-site scripting (XSS) and phishing attacks.

cpe:/a:icewarp:web_mail:5.3

CVE-2005-0320

2005-01-28T00:00:00.000-05:00

2008-09-05T16:45:57.117-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T18:10:00.000-04:00

BID 12396 XF merak-icewarp-multiple-xss(19147) BUGTRAQ 20050128 Multiple vulnerabilities in Icewarp Web Mail 5.3.0: New holes Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to login.html, (2) accountid parameter to accountsettings_add.html, or the (3) note, (4) title, and (5) location fields to calendar.html.

cpe:/a:squirrelmail:squirrelmail:1.4.0 cpe:/a:squirrelmail:squirrelmail:1.0.5 cpe:/a:squirrelmail:squirrelmail:1.0.4 cpe:/a:squirrelmail:squirrelmail:1.4.1 cpe:/a:squirrelmail:squirrelmail:1.4.2 cpe:/a:squirrelmail:squirrelmail:1.4.3_rc1 cpe:/a:squirrelmail:squirrelmail:1.4.3 cpe:/a:squirrelmail:squirrelmail:1.2.8 cpe:/a:squirrelmail:squirrelmail:1.2.7 cpe:/a:squirrelmail:squirrelmail:1.2.9 cpe:/a:squirrelmail:squirrelmail:1.2.4 cpe:/a:squirrelmail:squirrelmail:1.2.3 cpe:/a:squirrelmail:squirrelmail:1.2.10 cpe:/a:squirrelmail:squirrelmail:1.2.6 cpe:/a:squirrelmail:squirrelmail:1.4.3a cpe:/a:squirrelmail:squirrelmail:1.2.11 cpe:/a:squirrelmail:squirrelmail:1.2.5 cpe:/a:squirrelmail:squirrelmail:1.44 cpe:/a:squirrelmail:squirrelmail:1.2.0 cpe:/a:squirrelmail:squirrelmail:1.2.2 cpe:/a:squirrelmail:squirrelmail:1.4 cpe:/a:squirrelmail:squirrelmail:1.2.1

CVE-2005-0104

2005-01-29T00:00:00.000-05:00

2008-09-05T16:45:19.807-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-03T02:41:00.000-04:00

CONFIRM http://www.squirrelmail.org/security/issue/2005-01-20 REDHAT RHSA-2005:135 REDHAT RHSA-2005:099 DEBIAN DSA-662 SECUNIA 14096 SECUNIA 13962 BUGTRAQ 20050129 SquirrelMail Security Advisory APPLE APPLE-SA-2005-03-21 XF squirrelmail-webmailphp-xss(19036) GENTOO GLSA-200501-39 Cross-site scripting (XSS) vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to inject arbitrary web script or HTML via certain integer variables.

cpe:/a:squirrelmail:squirrelmail:1.4.0 cpe:/a:squirrelmail:squirrelmail:1.0.5 cpe:/a:squirrelmail:squirrelmail:1.0.4 cpe:/a:squirrelmail:squirrelmail:1.4.1 cpe:/a:squirrelmail:squirrelmail:1.4.2 cpe:/a:squirrelmail:squirrelmail:1.4.3 cpe:/a:squirrelmail:squirrelmail:1.2.8 cpe:/a:squirrelmail:squirrelmail:1.2.7 cpe:/a:squirrelmail:squirrelmail:1.2.9 cpe:/a:squirrelmail:squirrelmail:1.2.4 cpe:/a:squirrelmail:squirrelmail:1.2.3 cpe:/a:squirrelmail:squirrelmail:1.2.10 cpe:/a:squirrelmail:squirrelmail:1.2.6 cpe:/a:squirrelmail:squirrelmail:1.4.3a cpe:/a:squirrelmail:squirrelmail:1.2.11 cpe:/a:squirrelmail:squirrelmail:1.2.5 cpe:/a:squirrelmail:squirrelmail:1.2.0 cpe:/a:squirrelmail:squirrelmail:1.2.2 cpe:/a:squirrelmail:squirrelmail:1.4 cpe:/a:squirrelmail:squirrelmail:1.2.1

CVE-2005-0075

2005-01-29T00:00:00.000-05:00

2008-09-05T16:45:14.557-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T10:16:00.000-04:00

CONFIRM http://www.squirrelmail.org/security/issue/2005-01-14 REDHAT RHSA-2005:135 REDHAT RHSA-2005:099 SECUNIA 13962 APPLE APPLE-SA-2005-03-21 BUGTRAQ 20050129 SquirrelMail Security Advisory GENTOO GLSA-200501-39 prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, allows remote attackers to inject local code into the SquirrelMail code via custom preference handlers.

cpe:/a:hp:virtualvault:4.6 cpe:/a:hp:virtualvault:4.5 cpe:/a:hp:virtualvault:4.7

CVE-2005-0224

2005-01-31T00:00:00.000-05:00

2008-09-05T16:45:40.493-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T10:46:00.000-04:00

SECUNIA 14082 HP SSRT5900 Unknown vulnerability in HP-UX B.11.04 running Virtualvault 4.5 through 4.7, when running the TGA daemon, allows remote attackers to cause a denial of service via certain network traffic.

cpe:/a:postgresql:postgresql:7.2.7 cpe:/a:postgresql:postgresql:7.2.6 cpe:/a:postgresql:postgresql:7.2.5 cpe:/a:postgresql:postgresql:7.4.1 cpe:/a:postgresql:postgresql:7.4.2 cpe:/a:postgresql:postgresql:7.4.3 cpe:/a:postgresql:postgresql:7.4.4 cpe:/a:postgresql:postgresql:7.4.5 cpe:/a:postgresql:postgresql:7.4.6 cpe:/a:postgresql:postgresql:7.4.7 cpe:/a:postgresql:postgresql:7.2.4 cpe:/a:postgresql:postgresql:7.4 cpe:/a:postgresql:postgresql:7.3 cpe:/a:postgresql:postgresql:7.2.3 cpe:/a:postgresql:postgresql:7.2.2 cpe:/a:postgresql:postgresql:7.2 cpe:/a:postgresql:postgresql:7.2.1 cpe:/a:postgresql:postgresql:7.3.3 cpe:/a:postgresql:postgresql:7.3.2 cpe:/a:postgresql:postgresql:7.3.1 cpe:/a:postgresql:postgresql:8.0 cpe:/a:postgresql:postgresql:7.3.9 cpe:/a:postgresql:postgresql:7.3.8 cpe:/a:postgresql:postgresql:7.3.7 cpe:/a:postgresql:postgresql:7.3.6 cpe:/a:postgresql:postgresql:7.3.5 cpe:/a:postgresql:postgresql:7.3.4

CVE-2005-0245

2005-02-01T00:00:00.000-05:00

2008-09-10T15:35:11.523-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T12:41:00.000-04:00

ALLOWS_OTHER_ACCESS

XF postgresql-cursor-bo(19188) REDHAT RHSA-2005:150 REDHAT RHSA-2005:138 SECUNIA 12948 DEBIAN DSA-683 BUGTRAQ 20050210 [USN-79-1] PostgreSQL vulnerabilities MLIST [pgsql-patches] 20050120 Re: WIP: pl/pgsql cleanup MLIST [pgsql-committers] 20050207 pgsql: Prevent 4 more buffer overruns in the PL/PgSQL parser. MLIST [pgsql-committers] 20050121 pgsql: Prevent overrunning a heap-allocated buffer is more than 1024 BID 12417 SUSE SUSE-SA:2005:036 MANDRAKE MDKSA-2005:040 Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247.

cpe:/a:newspost:newspost:2.1.1

CVE-2005-0101

2005-02-01T00:00:00.000-05:00

2008-09-05T16:45:19.277-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T02:00:00.000-04:00

ALLOWS_USER_ACCESS

GENTOO GLSA-200502-05 XF newspost-socketgetline-bo(19178) CONFIRM http://www.vuxml.org/freebsd/7f13607b-6948-11d9-8937-00065be4b5b6.html SECUNIA 14092 MISC http://people.freebsd.org/~niels/issues/newspost-20050114.txt BUGTRAQ 20050202 RE: SECURITEY.NNOV.RU NewsPost buffer overflow [EXPLOIT] BID 12418 SECTRACK 1013056 SECUNIA 14098 Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long string without a newline character.

cpe:/a:squirrelmail:squirrelmail:1.2.6

CVE-2005-0152

2005-02-02T00:00:00.000-05:00

2008-09-05T16:45:27.760-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T12:50:00.000-04:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#203214 DEBIAN DSA-662 SECUNIA 14096 PHP remote file inclusion vulnerability in Squirrelmail 1.2.6 allows remote attackers to execute arbitrary code via "URL manipulation."

cpe:/a:ngircd:ngircd:0.8.2

CVE-2005-0226

2005-02-03T00:00:00.000-05:00

2008-09-05T16:45:41.400-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T11:00:00.000-04:00

MISC http://www.nosystem.com.ar/advisories/advisory-11.txt SECUNIA 14114 BUGTRAQ 20050203 ngIRCd <= v0.8.2 Format String Vulnerability BID 12434 Format string vulnerability in the Log_Resolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with DEBUG enabled, allows remote attackers to execute arbitrary code.

cpe:/a:mozilla:firefox:1.0

CVE-2005-0231

2005-02-07T00:00:00.000-05:00

2008-09-10T15:35:10.117-04:00

2.6

NETWORK

HIGH

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T11:09:00.000-04:00

CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=280056 XF mozilla-firefox-tab-gain-access(19264) SUSE SUSE-SA:2005:016 CONFIRM http://www.mozilla.org/security/announce/mfsa2005-26.html GENTOO GLSA-200503-30 GENTOO GLSA-200503-10 MISC http://www.mikx.de/firetabbing/ BUGTRAQ 20050207 Firetabbing [Firefox 1.0] REDHAT RHSA-2005:384 REDHAT RHSA-2005:176 Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."

cpe:/o:suse:suse_linux:8.2 cpe:/o:suse:suse_linux:8.1 cpe:/a:larry_wall:perl:5.8.4.3 cpe:/a:larry_wall:perl:5.8.4.4 cpe:/o:trustix:secure_linux:2.0 cpe:/a:larry_wall:perl:5.8.4.5 cpe:/o:trustix:secure_linux:2.2 cpe:/o:trustix:secure_linux:2.1 cpe:/o:trustix:secure_linux:1.5 cpe:/a:larry_wall:perl:5.8.4.2.3 cpe:/a:larry_wall:perl:5.8.4.2 cpe:/a:larry_wall:perl:5.8.4.1 cpe:/o:suse:suse_linux:8.0 cpe:/o:redhat:enterprise_linux:3.0::advanced_server cpe:/o:ubuntu:ubuntu_linux:4.1::ppc cpe:/o:ubuntu:ubuntu_linux:4.1::ia64 cpe:/o:ibm:aix:5.2 cpe:/o:ibm:aix:5.3 cpe:/o:suse:suse_linux:8.0::i386 cpe:/a:sgi:propack:3.0 cpe:/o:redhat:fedora_core:core_3.0 cpe:/o:redhat:enterprise_linux:3.0::enterprise_server cpe:/o:redhat:enterprise_linux:3.0::workstation_server cpe:/a:larry_wall:perl:5.8.4 cpe:/a:larry_wall:perl:5.8.3 cpe:/a:larry_wall:perl:5.8.1 cpe:/a:larry_wall:perl:5.8.0 cpe:/o:redhat:enterprise_linux_desktop:3.0 cpe:/o:suse:suse_linux:9.0 cpe:/o:suse:suse_linux:9.0::x86_64 cpe:/o:suse:suse_linux:9.1 cpe:/o:suse:suse_linux:9.2

CVE-2005-0156

2005-02-07T00:00:00.000-05:00

2008-09-10T15:35:03.383-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-03T13:02:00.000-04:00

XF perl-perliodebug-bo(19208) TRUSTIX 2005-0003 BID 12426 REDHAT RHSA-2005:105 REDHAT RHSA-2005:103 GENTOO GLSA-200502-13 MISC http://www.digitalmunition.com/DMA[2005-0131b].txt FULLDISC 20050207 DMA[2005-0131b] - 'Setuid Perl PERLIO_DEBUG BUGTRAQ 20050202 [USN-72-1] Perl vulnerabilities MANDRAKE MDKSA-2005:031 SECUNIA 14120 FEDORA FLSA-2006:152845 CONECTIVA CLSA-2006:1056 Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.

cpe:/a:squid:squid:2.5.6 cpe:/a:squid:squid:2.5_stable9 cpe:/a:squid:squid:2.5.stable3 cpe:/a:squid:squid:2.5.stable2 cpe:/a:squid:squid:2.5.stable5 cpe:/a:squid:squid:2.5.stable4 cpe:/a:squid:squid:2.5.stable1 cpe:/a:squid:squid:2.5.stable6 cpe:/a:squid:squid:2.5_.stable6 cpe:/a:squid:squid:2.5.stable7 cpe:/a:squid:squid:2.5_.stable5 cpe:/a:squid:squid:2.5_.stable4 cpe:/a:squid:squid:2.5_.stable3 cpe:/a:squid:squid:2.5_stable4 cpe:/a:squid:squid:2.5_stable3 cpe:/a:squid:squid:2.5_.stable1

CVE-2005-0174

2005-02-07T00:00:00.000-05:00

2008-09-10T15:35:04.087-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-03T13:30:00.000-04:00

CERT-VN VU#768702 REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-header_parsing FEDORA FEDORA-2005-373 SUSE SUSE-SA:2005:006 BUGTRAQ 20050207 [USN-77-1] Squid vulnerabilities CONECTIVA CLA-2005:931 BID 12412 MANDRAKE MDKSA-2005:034 FEDORA FLSA-2006:152809 Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters.

CVE-2005-0175

2005-02-07T00:00:00.000-05:00

2008-09-10T15:35:04.147-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-03T13:42:00.000-04:00

CERT-VN VU#625878 REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 SUSE SUSE-SA:2005:006 DEBIAN DSA-667 BUGTRAQ 20050207 [USN-77-1] Squid vulnerabilities CONECTIVA CLA-2005:931 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting CONFIRM http://www.squid-cache.org/Advisories/SQUID-2005_5.txt FEDORA FEDORA-2005-373 BID 12433 MANDRAKE MDKSA-2005:034 FEDORA FLSA-2006:152809 Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.

cpe:/a:gnu:xemacs:21.4 cpe:/a:gnu:emacs:21.3 cpe:/a:gnu:emacs:20.0

CVE-2005-0100

2005-02-07T00:00:00.000-05:00

2008-09-10T15:34:57.040-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T01:40:00.000-04:00

ALLOWS_USER_ACCESS

XF xemacs-movemail-format-string(19246) REDHAT RHSA-2005:133 REDHAT RHSA-2005:112 REDHAT RHSA-2005:110 DEBIAN DSA-685 DEBIAN DSA-671 DEBIAN DSA-670 BUGTRAQ 20050207 [USN-76-1] Emacs vulnerability BID 12462 FEDORA FLSA-2006:152898 MANDRAKE MDKSA-2005:038 Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.

cpe:/a:symantec:web_security:3.01.63 cpe:/a:symantec:web_security:3.01.62 cpe:/a:symantec:web_security:3.01.61 cpe:/a:symantec:web_security:3.01.68 cpe:/a:symantec:client_security:1.1.1_mr5_build_8.1.1.336 cpe:/a:symantec:web_security:3.01.67 cpe:/a:symantec:norton_antivirus:8.01.460::corporate cpe:/a:symantec:mail_security:4.1:build_461:exchange cpe:/a:symantec:antivirus_scan_engine:4.3 cpe:/a:symantec:client_security:1.0.1_build_8.01.457:mr5 cpe:/a:symantec:antivirus_scan_engine:4.3.3::filers cpe:/a:symantec:antivirus_scan_engine:4.0 cpe:/a:symantec:client_security:1.1.1_mr4_build_8.1.1.329 cpe:/a:symantec:norton_antivirus:8.1.1.319::corporate cpe:/a:symantec:brightmail_antispam:4.0 cpe:/a:symantec:norton_antivirus:8.01.434::corporate cpe:/a:symantec:web_security:3.01.60 cpe:/a:symantec:norton_antivirus:9.0::macintosh_corporate cpe:/a:symantec:client_security:1.0.1_build_8.01.471:mr8 cpe:/a:symantec:norton_antivirus:8.1.1.323::corporate cpe:/a:symantec:norton_antivirus:9.0::macintosh_osx cpe:/a:symantec:mail_security:4.5_build_719::exchange cpe:/a:symantec:brightmail_antispam:5.5 cpe:/a:symantec:norton_antivirus:8.01.446::corporate cpe:/a:symantec:antivirus_scan_engine:4.3.3::caching cpe:/a:symantec:client_security:1.0.1_build_8.01.437 cpe:/a:symantec:norton_system_works:2004::windows cpe:/a:symantec:sav_filter_for_domino_nt:3.1.1 cpe:/a:symantec:sav_filter_domino_nt_ports:build3.0.5::os_400 cpe:/a:symantec:client_security:1.1.1_mr2_build_8.1.1.319 cpe:/a:symantec:client_security:1.0.1_build_8.01.446:mr4 cpe:/a:symantec:mail_security:4.0.2::smtp cpe:/a:symantec:norton_antivirus:8.1.1_build8.1.1.314a::corporate cpe:/a:symantec:antivirus_scan_engine:4.0::netapp_netcache cpe:/a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a cpe:/a:symantec:norton_antivirus:8.01.457::corporate cpe:/a:symantec:mail_security:4.1:build_459:exchange cpe:/a:symantec:norton_antivirus:2004::windows cpe:/a:symantec:norton_internet_security:3.0::macintosh cpe:/a:symantec:antivirus_scan_engine:4.3.3::netapp_filer cpe:/a:symantec:antivirus_scan_engine:4.3.3::netapp_netcache cpe:/a:symantec:client_security:1.0.1_build_8.01.464:mr7 cpe:/a:symantec:norton_antivirus:8.1.1.329::corporate cpe:/a:symantec:norton_antivirus:8.01.471::corporate cpe:/a:symantec:web_security:3.01.59 cpe:/a:symantec:mail_security:4.0::domino cpe:/a:symantec:client_security:1.0.1_build_8.01.434:mr3 cpe:/a:symantec:gateway_security:2.0 cpe:/a:symantec:client_security:1.1.1_mr3_build_8.1.1.323 cpe:/a:symantec:sav_filter_domino_nt_ports:build3.0.5::aix cpe:/a:symantec:norton_internet_security:2004::professional cpe:/a:symantec:antivirus_scan_engine:4.0::bluecoat cpe:/a:symantec:gateway_security:2.0.1 cpe:/a:symantec:gateway_security:1.0 cpe:/a:symantec:client_security:1.0.1_build_8.01.460:mr6 cpe:/a:symantec:antivirus_scan_engine:4.0::netapp_filer cpe:/a:symantec:norton_antivirus:8.01.437::corporate cpe:/a:symantec:norton_antivirus:8.01.464::corporate cpe:/a:symantec:antivirus_scan_engine:4.3.3::bluecoat cpe:/a:symantec:mail_security:4.1:build_458:exchange cpe:/a:symantec:antivirus_scan_engine:3.1.1 cpe:/a:symantec:antivirus_scan_engine:3.1.2 cpe:/a:symantec:antivirus_scan_engine:3.1.3 cpe:/a:symantec:norton_system_works:3.0::macintosh cpe:/a:symantec:norton_antivirus:2.18_build_83::exchange cpe:/a:symantec:antivirus_scan_engine:3.1.4 cpe:/a:symantec:antivirus_scan_engine:3.1.5 cpe:/a:symantec:antivirus_scan_engine:3.1.6

CVE-2005-0249

2005-02-08T00:00:00.000-05:00

2008-09-05T16:45:45.493-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T13:20:00.000-04:00

ALLOWS_USER_ACCESS

CERT-VN VU#107822 XF upx-engine-gain-control(18869) ISS 20050208 Symantec AntiVirus Library Heap Overflow CONFIRM http://www.symantec.com/avcenter/security/Content/2005.02.08.html SECTRACK 1013133 Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.

cpe:/a:mozilla:mozilla:0.9.8 cpe:/a:mozilla:mozilla:0.9.7 cpe:/a:mozilla:mozilla:0.9.6 cpe:/a:mozilla:mozilla:0.9.5 cpe:/a:mozilla:mozilla:0.9.9 cpe:/a:mozilla:mozilla:1.0:rc2 cpe:/a:mozilla:mozilla:1.1:alpha cpe:/a:mozilla:mozilla:1.0:rc1 cpe:/a:mozilla:mozilla:1.4:beta cpe:/a:mozilla:firefox:1.0 cpe:/a:mozilla:mozilla:1.0.2 cpe:/a:omnigroup:omniweb:5 cpe:/a:mozilla:mozilla:1.0.1 cpe:/a:mozilla:mozilla:0.9.48 cpe:/a:mozilla:mozilla:1.5 cpe:/a:mozilla:mozilla:1.6 cpe:/a:mozilla:mozilla:1.3 cpe:/a:mozilla:mozilla:0.8 cpe:/a:mozilla:mozilla:1.4 cpe:/a:mozilla:mozilla:1.1 cpe:/a:mozilla:mozilla:1.4:alpha cpe:/a:mozilla:mozilla:1.2:beta cpe:/a:mozilla:mozilla:1.2 cpe:/a:mozilla:mozilla:1.0 cpe:/a:mozilla:mozilla:1.2:alpha cpe:/a:mozilla:mozilla:1.3.1 cpe:/a:mozilla:mozilla:0.9.4.1 cpe:/a:opera_software:opera_web_browser:7.54 cpe:/a:mozilla:mozilla:1.2.1 cpe:/a:mozilla:mozilla:1.5.1 cpe:/a:mozilla:mozilla:0.9.35 cpe:/a:mozilla:mozilla:0.9.2.1 cpe:/a:mozilla:mozilla:1.4.2 cpe:/a:mozilla:mozilla:1.4.1 cpe:/a:mozilla:camino:0.8.5 cpe:/a:mozilla:mozilla:1.4.4 cpe:/a:mozilla:mozilla:1.1:beta cpe:/a:mozilla:mozilla:0.9.2 cpe:/a:mozilla:mozilla:0.9.3 cpe:/a:mozilla:mozilla:0.9.4

CVE-2005-0233

2005-02-08T00:00:00.000-05:00

2008-09-10T15:35:10.493-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T11:35:00.000-04:00

XF multiple-browsers-idn-spoof(19236) SUSE SUSE-SA:2005:016 CONFIRM http://www.mozilla.org/security/announce/mfsa2005-29.html GENTOO GLSA-200503-30 GENTOO GLSA-200503-10 MISC http://www.shmoo.com/idn/homograph.txt MISC http://www.shmoo.com/idn BID 12461 REDHAT RHSA-2005:384 REDHAT RHSA-2005:176 BUGTRAQ 20050208 International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. FULLDISC 20050206 state of homograph attacks The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

cpe:/a:argosoft:argosoft_mail_server:1.8.7.3

CVE-2005-0367

2005-02-09T00:00:00.000-05:00

2008-09-05T16:46:05.477-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T10:38:00.000-04:00

BUGTRAQ 20050209 [SIG^2 G-TEC] ArGoSoft Mail Server Webmail Multiple Directory Traversal Vulnerabilities MISC http://www.security.org.sg/vuln/argosoftmail1873.html Multiple directory traversal vulnerabilities in ArGoSoft Mail Server 1.8.7.3 allow remote authenticated users to read, delete, or upload arbitrary files via a .. (dot dot) in (1) the filename of an e-mail attachment, (2) the _msgatt.rec file, (3) and the /msg, /delete, /folderadd, and /folderdelete operations for the Folder parameter.

cpe:/a:awstats:awstats:4.0 cpe:/a:awstats:awstats:5.5 cpe:/a:awstats:awstats:5.8 cpe:/a:awstats:awstats:5.7 cpe:/a:awstats:awstats:5.9 cpe:/a:awstats:awstats:6.0 cpe:/a:awstats:awstats:6.1 cpe:/a:awstats:awstats:5.0 cpe:/a:awstats:awstats:6.2 cpe:/a:awstats:awstats:6.3 cpe:/a:awstats:awstats:5.2 cpe:/a:awstats:awstats:5.1 cpe:/a:awstats:awstats:5.4 cpe:/a:awstats:awstats:5.3

CVE-2005-0362

2005-02-09T00:00:00.000-05:00

2008-09-05T16:46:04.617-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T18:15:00.000-04:00

ALLOWS_USER_ACCESS

CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=294488 OSVDB 16089 awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or (3) "noloadplugin" parameters.

cpe:/o:hp:hp-ux:11.23::ia64_64-bit cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.00

CVE-2005-0364

2005-02-10T00:00:00.000-05:00

2009-03-04T00:29:52.750-05:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T10:28:00.000-04:00

XF hpux-bind-dos(19276) SECUNIA 14220 HP HPSBUX01117 Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.

cpe:/o:ibm:aix:5.2 cpe:/o:ibm:aix:5.3

CVE-2005-0261

2005-02-10T00:00:00.000-05:00

2008-09-05T16:45:47.540-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T13:29:00.000-04:00

AIXAPAR IY67655 AIXAPAR IY67457 XF ibm-aix-ispath-information-disclosure(19281) IDEFENSE 20050210 IBM AIX lspath Local File Access Vulnerability BID 12513 SECUNIA 14232 lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files.

cpe:/a:xpcd:xpcd:2.08

CVE-2005-0074

2005-02-11T00:00:00.000-05:00

2008-09-05T16:45:14.403-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2005-06-02T16:50:00.000-04:00

ALLOWS_ADMIN_ACCESS

DEBIAN DSA-676 BID 12523 SECTRACK 1013162 SECUNIA 14250 SECUNIA 14248 Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to execute arbitrary code.

cpe:/a:checkpoint:check_point_integrity_client:4.5.122.000 cpe:/a:zonelabs:zonealarm_wireless_security:5.5.080.000 cpe:/a:checkpoint:check_point_integrity_client:5.1.556.166 cpe:/a:zonelabs:zonealarm:5.5.062.011

CVE-2005-0114

2005-02-11T00:00:00.000-05:00

2008-09-05T16:45:21.747-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T05:03:00.000-04:00

IDEFENSE 20050211 ZoneAlarm 5.1 Invalid Pointer Dereference Vulnerability CONFIRM http://download.zonelabs.com/bin/free/securityAlert/19.html BID 12531 SECUNIA 14256 vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer.

cpe:/a:id_software:quake_3_engine

CVE-2005-0430

2005-02-12T00:00:00.000-05:00

2008-09-05T16:46:16.040-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T12:50:00.000-04:00

MISC http://aluigi.altervista.org/adv/q3infoboom-adv.txt BID 12534 BUGTRAQ 20050212 Infostring crash and shutdown in the Quake 3 engine The Quake 3 engine, as used in multiple game packages, allows remote attackers to cause a denial of service (shutdown game server) and possibly crash the server via a long infostring, possibly triggering a buffer overflow.

cpe:/a:image_processing_software:image_processing_software

CVE-2005-0406

2005-02-14T00:00:00.000-05:00

2008-09-10T15:35:31.007-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-07T11:59:00.000-04:00

MISC http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt FULLDISC 20050214 Advisory: JPEG EXIF information disclosure A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.

cpe:/a:citrusdb:citrusdb:0.3.6

CVE-2005-0408

2005-02-14T00:00:00.000-05:00

2008-09-10T15:35:31.147-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T12:09:00.000-04:00

ALLOWS_OTHER_ACCESS

MISC http://www.redteam-pentesting.de/advisories/rt-sa-2005-002.txt FULLDISC 20050214 Advisory: Authentication bypass in CitrusDB CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the id_hash cookie, which allows remote attackers to bypass authentication and gain privileges by calculating the MD5 checksum of the user name combined with the "boogaadeeboo" string, which is hard-coded in the $hidden_hash variable.

cpe:/a:citrusdb:citrusdb:0.3.6

CVE-2005-0409

2005-02-14T00:00:00.000-05:00

2008-09-10T15:35:31.227-04:00

6.4

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-07T12:16:00.000-04:00

MISC http://www.redteam-pentesting.de/advisories/rt-sa-2005-003.txt FULLDISC 20050214 Advisory: Upload Authorization bypass in CitrusDB CitrusDB 0.3.6 and earlier does not verify authorization for the (1) importcc.php and (2) uploadcc.php, which allows remote attackers to upload credit card data and obtain sensitive information such as the pathnames for temporary files that store credit card data, and facilitates the exploitation of other vulnerabilities.

cpe:/a:citrusdb:citrusdb:0.3.6

CVE-2005-0410

2005-02-14T00:00:00.000-05:00

2008-09-10T15:35:31.290-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-07T12:26:00.000-04:00

MISC http://www.redteam-pentesting.de/advisories/rt-sa-2005-004.txt FULLDISC 20050214 Advisory: SQL-Injection in CitrusDB SQL injection vulnerability in importcc.php for CitrusDB 0.3.6 and earlier allows remote attackers to inject data via the fields of a CSV file.

cpe:/a:citrusdb:citrusdb:0.3.6

CVE-2005-0411

2005-02-14T00:00:00.000-05:00

2008-09-10T15:35:31.353-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T12:37:00.000-04:00

MISC http://www.redteam-pentesting.de/advisories/rt-sa-2005-005.txt FULLDISC 20050214 Advisory: Directory traversal in CitrusDB Directory traversal vulnerability in index.php for CitrusDB 0.3.6 and earlier allows remote attackers and local users to include arbitrary PHP files via .. (dot dot) sequences in the load parameter.

cpe:/a:vmware:workstation:4.5.2_build_8848:r4

CVE-2005-0444

2005-02-14T00:00:00.000-05:00

2008-09-05T16:46:18.557-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T13:46:00.000-04:00

ALLOWS_USER_ACCESS

GENTOO GLSA-200502-18 VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the rrdharan world-writable temporary directory, which allows local users to execute arbitrary code.

cpe:/o:sun:solaris:7.0 cpe:/o:sun:solaris:8.0 cpe:/o:sun:solaris:9.0::sparc

CVE-2005-0447

2005-02-15T00:00:00.000-05:00

2008-09-05T16:46:19.210-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T13:56:00.000-04:00

SECUNIA 14286 XF solaris-arp-dos(19331) BID 12553 SUNALERT 57673 SECTRACK 1013179 Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets.

cpe:/a:francisco_burzi:php-nuke:6.9 cpe:/a:francisco_burzi:php-nuke:7.6 cpe:/a:francisco_burzi:php-nuke:6.6 cpe:/a:francisco_burzi:php-nuke:6.5 cpe:/a:francisco_burzi:php-nuke:6.7 cpe:/a:francisco_burzi:php-nuke:6.5_final cpe:/a:francisco_burzi:php-nuke:7.3 cpe:/a:francisco_burzi:php-nuke:6.5_rc2 cpe:/a:francisco_burzi:php-nuke:7.2 cpe:/a:francisco_burzi:php-nuke:6.0 cpe:/a:francisco_burzi:php-nuke:6.5_rc3 cpe:/a:francisco_burzi:php-nuke:7.1 cpe:/a:francisco_burzi:php-nuke:6.5_rc1 cpe:/a:francisco_burzi:php-nuke:7.0 cpe:/a:francisco_burzi:php-nuke:7.0_final cpe:/a:francisco_burzi:php-nuke:6.5_beta1

CVE-2005-0433

2005-02-15T00:00:00.000-05:00

2008-09-05T16:46:16.523-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-07T13:02:00.000-04:00

XF phpnuke-multiple-scripts-path-disclosure(19344) MISC http://www.waraxe.us/advisory-40.html BID 12561 Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or missing arguments to (1) db.php, (2) mainfile.php, (3) Downloads/index.php, or (4) Web_Links/index.php, which lists the path in a PHP error message.

CVE-2005-0434

2005-02-15T00:00:00.000-05:00

2008-09-05T16:46:16.727-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-07T13:18:00.000-04:00

XF phpnuke-downloads-weblinks-xss(19346) MISC http://www.waraxe.us/advisory-40.html BID 12561 Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via (1) the newdownloadshowdays parameter in a NewDownloads operation or (2) the newlinkshowdays parameter in a NewLinks operation.

cpe:/o:linux:linux_kernel:2.6.9:2.6.20

CVE-2005-0176

2005-02-15T00:00:00.000-05:00

2008-09-10T15:35:04.227-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-03T13:52:00.000-04:00

REDHAT RHSA-2005:092 BUGTRAQ 20050215 [USN-82-1] Linux kernel vulnerabilities CONECTIVA CLA-2005:930 BID 12598 REDHAT RHSA-2005:472 SECUNIA 19607 SGI 20060402-01-U The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released.

cpe:/a:mozilla:thunderbird:0.6 cpe:/a:mozilla:thunderbird:0.7 cpe:/a:mozilla:thunderbird:0.9 cpe:/a:mozilla:mozilla:1.7:rc1 cpe:/a:mozilla:mozilla:1.7:rc2 cpe:/a:mozilla:mozilla:1.7.2 cpe:/a:mozilla:mozilla:1.7:rc3 cpe:/a:mozilla:mozilla:1.7.3 cpe:/a:mozilla:mozilla:1.7:alpha cpe:/a:mozilla:mozilla:1.7.1 cpe:/a:mozilla:mozilla:1.7 cpe:/a:mozilla:mozilla:1.7:beta cpe:/a:mozilla:thunderbird:0.7.2 cpe:/a:mozilla:thunderbird:0.7.3 cpe:/a:mozilla:thunderbird:0.7.1

CVE-2005-0149

2005-02-15T00:00:00.000-05:00

2008-09-10T15:35:02.947-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-03T12:36:00.000-04:00

CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=268107 XF mozilla-cookie-policy-bypass(19172) REDHAT RHSA-2005:335 REDHAT RHSA-2005:323 REDHAT RHSA-2005:094 CONFIRM http://www.mozilla.org/security/announce/mfsa2005-11.html BID 12407 SUSE SUSE-SA:2006:022 SECUNIA 19823 Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers bypass the user's intended privacy and security policy by using cookies in e-mail messages.

cpe:/a:typespeed:typespeed:0.4.1

CVE-2005-0105

2005-02-16T00:00:00.000-05:00

2008-09-05T16:45:20.010-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T03:11:00.000-04:00

ALLOWS_OTHER_ACCESS

DEBIAN DSA-684 Unknown vulnerability in typespeed 0.4.1 and earlier allows local users to gain privileges.

cpe:/a:microsoft:asp.net:1.1:sp1 cpe:/a:microsoft:asp.net:1.0 cpe:/a:microsoft:asp.net:1.1 cpe:/a:microsoft:asp.net:1.0:sp1 cpe:/a:microsoft:asp.net:1.0:sp2

CVE-2005-0452

2005-02-16T00:00:00.000-05:00

2008-09-05T16:46:20.100-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-07T14:17:00.000-04:00

BID 12574 SECUNIA 14214 BUGTRAQ 20050217 XSS vulnerabilty in ASP.Net [with details] MISC http://it-project.ru/andir/docs/aspxvuln/aspxvuln.en.xml Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<".

cpe:/a:lighttpd:lighttpd:1.3.7

CVE-2005-0453

2005-02-16T00:00:00.000-05:00

2008-09-05T16:46:20.257-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-07T14:22:00.000-04:00

GENTOO GLSA-200502-21 SECUNIA 14297 CONFIRM http://article.gmane.org/gmane.comp.web.lighttpd/1171 The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the source code for CGI and FastCGI scripts via a URL with a %00 (null) character after the file extension.

cpe:/a:mercuryboard:mercuryboard:1.0 cpe:/a:mercuryboard:mercuryboard:1.1 cpe:/a:mercuryboard:mercuryboard:1.1.1

CVE-2005-0462

2005-02-17T00:00:00.000-05:00

2008-09-05T16:46:21.960-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-07T14:57:00.000-04:00

SECUNIA 13937 MISC http://lostmon.blogspot.com/2005/02/mercuryboard-forumphp-f-variable-xss.html Cross-site scripting (XSS) vulnerability in MercuryBoard 1.0.x and 1.1.x allows remote attackers to inject arbitrary HTML and web script via the f parameter.

cpe:/a:yahoo:messenger:5.6.0.1351 cpe:/a:yahoo:messenger:6.0.0.1750 cpe:/a:yahoo:messenger:5.6 cpe:/a:yahoo:messenger:6.0 cpe:/a:yahoo:messenger:5.5

CVE-2005-0243

2005-02-17T00:00:00.000-05:00

2008-09-05T16:45:44.277-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-06T12:22:00.000-04:00

MISC http://secunia.com/secunia_research/2005-2/advisory/ SECUNIA 13712 Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly display long filenames in file dialog boxes, which could allow remote attackers to trick users into downloading and executing programs via file names containing a large number of spaces and multiple file extensions.

cpe:/a:yahoo:messenger:5.6.0.1351 cpe:/a:yahoo:messenger:6.0.0.1750 cpe:/a:yahoo:messenger:5.6 cpe:/a:yahoo:messenger:6.0 cpe:/a:yahoo:messenger:5.5

CVE-2005-0242

2005-02-18T00:00:00.000-05:00

2008-09-05T16:45:44.103-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-06T12:09:00.000-04:00

ALLOWS_USER_ACCESS

MISC http://secunia.com/secunia_research/2004-6/advisory/ SECUNIA 11815 The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code by placing a malicious ping.exe program into the Messenger program directory, which is installed with weak default permissions.

cpe:/a:xinkaa_web_station:xinkaa_web_station:1.0.3

CVE-2005-0502

2005-02-18T00:00:00.000-05:00

2008-09-05T16:46:28.883-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-07T16:16:00.000-04:00

XF xinkaa-web-directory-traversal(19404) BID 12606 VUPEN ADV-2005-0189 SECUNIA 14349 MISC http://aluigi.altervista.org/adv/xinkaa-adv.txt Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows remote attackers to read arbitrary files via (1) ../ and (2) ..\ characters in an HTTP request.

cpe:/a:argosoft:ftp_server:1.4.1.7 cpe:/a:argosoft:ftp_server:1.4.1.8 cpe:/a:argosoft:ftp_server:1.4.1.9 cpe:/a:argosoft:ftp_server:1.4.1.3 cpe:/a:argosoft:ftp_server:1.4.1.4 cpe:/a:argosoft:ftp_server:1.4.1.5 cpe:/a:argosoft:ftp_server:1.4.2.2 cpe:/a:argosoft:ftp_server:1.4.1.6 cpe:/a:argosoft:ftp_server:1.4.2.1 cpe:/a:argosoft:ftp_server:1.4.2 cpe:/a:argosoft:ftp_server:1.4.1.1 cpe:/a:argosoft:ftp_server:1.4.1.2

CVE-2005-0519

2005-02-18T00:00:00.000-05:00

2008-09-10T15:36:06.557-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2005-06-07T17:52:00.000-04:00

CONFIRM http://www.argosoft.com/ftpserver/changelist.aspx SECUNIA 14172 XF argosoft-ink-file-upload(17939) BID 12487 OSVDB 13614 ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arbitrary files by uploading a ZIP file containing a shortcut (.LNK) file, using SITE UNZIP to extract the .LNK file onto the server, then accessing the file, a different vulnerability than CVE-2005-0520.

cpe:/a:pmachine:pmachine_pro:2.4

CVE-2005-0513

2005-02-19T00:00:00.000-05:00

2008-09-05T16:46:31.320-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T17:16:00.000-04:00

ALLOWS_OTHER_ACCESS

BID 12597 BID 15473 FULLDISC 20050219 pMachine Pro / pMachine Free Remote Code Execution PHP remote file inclusion vulnerability in mail_autocheck.php in the Email This Entry add-on for pMachine Pro 2.4, and possibly other versions including pMachine Free, allows remote attackers to execute arbitrary PHP code by directly requesting mail_autocheck.php and modifying the pm_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2003-1086.

cpe:/a:zeroboard:zeroboard:4.1_pl4 cpe:/a:zeroboard:zeroboard:4.1_pl5 cpe:/a:zeroboard:zeroboard:4.1_pl2 cpe:/a:zeroboard:zeroboard:4.1_pl3 cpe:/a:zeroboard:zeroboard:4.1_pl6

CVE-2005-0495

2005-02-19T00:00:00.000-05:00

2008-09-05T16:46:27.743-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2005-06-07T15:40:00.000-04:00

XF zeroboard-xss(19420) SECTRACK 1013243 BUGTRAQ 20050219 Multiples vulnerability in ZeroBoard, Cross-site scripting (XSS) vulnerability in ZeroBoard allows remote attackers to inject arbitrary web script or HTML via the (1) sn1, (2) year, or (3) page parameter to zboard.php or (4) filename to view_image.php.

cpe:/o:redhat:enterprise_linux:4.0::enterprise_server cpe:/o:redhat:enterprise_linux:4.0::workstation cpe:/o:redhat:enterprise_linux:4.0::advanced_server cpe:/o:redhat:enterprise_linux_desktop:4.0

CVE-2005-0092

2005-02-19T00:00:00.000-05:00

2008-09-05T16:45:17.637-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-03T00:17:00.000-04:00

BID 12599 REDHAT RHSA-2005:092 XF red-hat-patch-dos(20620) Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash).

cpe:/h:gigafast_ethernet:gigafast_router:ee410-r cpe:/h:gigafast_ethernet:gigafast_router:ee400-r

CVE-2005-0499

2005-02-20T00:00:00.000-05:00

2008-09-05T16:46:28.397-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T16:04:00.000-04:00

XF gigafast-dns-queries-dos(19426) BUGTRAQ 20050220 Gigafast/CompUSA router (model EE400-R) vulnerabilities Gigafast router (aka CompUSA router) with the DNS proxy option enabled allows remote attackers to cause a denial of service via malformed DNS queries.

cpe:/a:jelsoft:vbulletin:2.0_beta_3 cpe:/a:jelsoft:vbulletin:2.2.9_can cpe:/a:jelsoft:vbulletin:2.0_beta_2 cpe:/a:jelsoft:vbulletin:2.0 cpe:/a:jelsoft:vbulletin:2.2.6 cpe:/a:jelsoft:vbulletin:2.2.7 cpe:/a:jelsoft:vbulletin:2.2.8 cpe:/a:jelsoft:vbulletin:2.2.1 cpe:/a:jelsoft:vbulletin:3.0.0_beta_2 cpe:/a:jelsoft:vbulletin:2.2.0 cpe:/a:jelsoft:vbulletin:2.2.3 cpe:/a:jelsoft:vbulletin:3.0.0_rc4 cpe:/a:jelsoft:vbulletin:2.2.2 cpe:/a:jelsoft:vbulletin:2.2.5 cpe:/a:jelsoft:vbulletin:2.2.4 cpe:/a:jelsoft:vbulletin:3.0_beta_2 cpe:/a:jelsoft:vbulletin:3.0.2 cpe:/a:jelsoft:vbulletin:2.3.0 cpe:/a:jelsoft:vbulletin:3.0.1 cpe:/a:jelsoft:vbulletin:3.0.0 cpe:/a:jelsoft:vbulletin:3.0.6 cpe:/a:jelsoft:vbulletin:2.3.3 cpe:/a:jelsoft:vbulletin:3.0.5 cpe:/a:jelsoft:vbulletin:2.0.2 cpe:/a:jelsoft:vbulletin:2.3.4 cpe:/a:jelsoft:vbulletin:3.0.4 cpe:/a:jelsoft:vbulletin:2.0.1 cpe:/a:jelsoft:vbulletin:3.0.3 cpe:/a:jelsoft:vbulletin:3.0.0_can4

CVE-2005-0511

2005-02-21T00:00:00.000-05:00

2008-09-05T16:46:30.947-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T16:25:00.000-04:00

ALLOWS_OTHER_ACCESS

SECUNIA 14326 CONFIRM http://www.vbulletin.com/forum/showthread.php?postid=819562 BID 12622 BUGTRAQ 20050222 [SCAN Associates Security Advisory] vbulletin 3.0.6 and below php code injection misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in HTML Comments" is enabled, allows remote attackers to execute arbitrary PHP code via nested variables in the template parameter.

cpe:/a:mambo:mambo:4.5.2

CVE-2005-0512

2005-02-21T00:00:00.000-05:00

2008-09-05T16:46:31.163-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T17:13:00.000-04:00

ALLOWS_OTHER_ACCESS

SECUNIA 14337 CONFIRM http://mamboforge.net/frs/download.php/4043/Patch_4.5.2_to_4.5.2.1.zip PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2004-1693.

cpe:/a:uim:uim:0.4.5 cpe:/o:mandrakesoft:mandrake_linux:10.1 cpe:/o:mandrakesoft:mandrake_linux:10.1::x86_64

CVE-2005-0503

2005-02-21T00:00:00.000-05:00

2008-09-10T15:36:04.197-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T16:43:00.000-04:00

ALLOWS_USER_ACCESS

BID 12604 SECUNIA 13981 MLIST [uim] 20050220 uim 0.4.5.1 released MANDRAKE MDKSA-2005:046 uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges.

cpe:/a:knox_software:arkeia:5.3 cpe:/a:knox_software:arkeia:5.2 cpe:/a:knox_software:arkeia:4.0 cpe:/a:knox_software:arkeia:4.2 cpe:/a:knox_software:arkeia:4.1

CVE-2005-0496

2005-02-21T00:00:00.000-05:00

2008-09-05T16:46:27.913-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T15:54:00.000-04:00

ALLOWS_USER_ACCESS

XF arkeia-backup-client-gain-access(20667) SECTRACK 1013256 MISC http://metasploit.com/research/arkeia_agent/ BUGTRAQ 20050220 Arkeia Network Backup Client Remote Access Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands.

cpe:/a:putty:putty:0.56

CVE-2005-0467

2005-02-21T00:00:00.000-05:00

2008-09-05T16:46:22.850-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-06-07T15:11:00.000-04:00

ALLOWS_USER_ACCESS

IDEFENSE 20050221 Multiple PuTTY SFTP Client Packet Parsing Integer Overflow Vulnerabilities GENTOO GLSA-200502-28 SECUNIA 14333 XF putty-sftppktgetstring-bo(19403) CONFIRM http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html CONFIRM http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html CONFIRM http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414 SECUNIA 17214 Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated.

cpe:/h:thomson:thomson_cable_modem:tcw690

CVE-2005-0494

2005-02-21T00:00:00.000-05:00

2008-09-05T16:46:27.587-04:00

7.5

NETWORK

LOW

NONE

PARTIAL