CERT Advisory CA-2003-22 - Microsoft Internet Explorer contains multiple vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code with the privileges of the user running IE. Versions affected are 5.01, 5.50, and 6.01.
d1c51f0ed560fc53ab28a84f686194993fb73c72aed18f2d752fd2c3faec416d
FreeBSD Security Advisory FreeBSD-SA-03:11.sendmail - Some versions of sendmail (8.12.0 through 8.12.8) contain a programming error in the code that implements DNS maps. A malformed DNS reply packet may cause sendmail to crash its child process and may lead to further possible exploitation.
7f9899383fadb7f77206e97c56d7e465f51be51c5a9e5de02316b0f5c5ded77e
SGI Security Advisory 20030803-01-P - A vulnerability has been reported by sendmail.org that the 8.12.8 and earlier releases shipped with a potential problem in DNS mapping that could lead to a remote denial or service or root compromise. Relatedd CVE Number: CVE-2003-0688.
f599f483c03b2a7dbaa048e9abd60ad17327c2a14fc6add6523e23542a45abb1
Helix Universal Server 9 and earlier versions (RealSystem Server 8, 7 and RealServer G2) are vulnerable to a root exploit when certain types of character strings appear in large numbers within URLs destined for the Server's protocol parsers.
2dbb8dceb018ef54a3e9f64fe191da489067b6b3aa66be81d8e731a9d1ec9d48
Secure Network Operations, Inc. Advisory SRT2003-08-22-104 - widz, the 802.11 wireless IDS system version 1.5 and below, makes use of untrusted input with a system call. If this utility were to be used in a production environment with any non-root users on the system, they would be able to easily escalate their privileges to root.
0a5bd8db53063144a11c8d343d4ad593cd07df746dc5dac63023d1b8f5b20b2b
eEye Advisory - There is a flaw in Microsoft's primary contribution to HTML, the Object tag, which is used to embed almost all ActiveX into HTML pages. The parameter that specifies the remote location of data for objects is not checked to validate the nature of the file being loaded, and therefore trojan executables may be run from within a web page as silently and as easily as Internet Explorer parses image files or any other safe HTML content. Version affected: Microsoft Internet Explorer 5.01, 5.5, 6.0, and 6.0 for Windows Server 2003.
dd79f9814eb5b13d2de07d11deb7d6f23493a7bf6e0bf540ffc5293f0568e45c
Secure Network Operations, Inc. Advisory SRT2003-08-11-072 - ViRobot 2.0, the Linux-based antivirus solution, has multitudes of suids that are vulnerable to abuse.
b0f7f0118ddf986cbff764a044a771d9d65a93d009a0b5c98382c9be43058a9b
A cross site scripting vulnerability was found in the 1.3.x and below versions of the NewBB PHP forum.
00d96f7169f7641a97347e52b62e2660900b9502f3e7ee0e9f0830b0edd7b6c5
Mapquest.com suffers from a cross site scripting vulnerability due to limited bounds checking.
ea94e58e0a0722208813acd950ff9cb083bb6fd92c16e590df7b75b0288efd5e
CERT Advisory CA-2003-21 - The systems housing the primary FTP servers for the GNU software project were compromised. Valid hostnames for this machine were gnuftp.gnu.org, ftp.gnu.org, and alpha.gnu.org. The compromise took place in March of 2003 and it is possible that malicious code may have been injected into various software distributed from this server.
d7df7a407fea77a7763785762a75814d0d1ba7380567a8719be1d0cb89bb54f2
SGI Security Advisory 20030801-01-P - It is possible to create a Denial of Service attack on the IRIX nfsd through the use of carefully crafted packets which cause XDR decoding errors. This can lead to kernel panicing the system. No local account or access to an NFS mount point is required, so this could be constructed as a remote exploit.
c8555a9a5b384e2c2b2c17225b0c097f292cea81bae358a367064a71388393f1
FreeBSD Security Advisory FreeBSD-SA-03:09.signal - Systems with the device driver spigot added into the kernel configuration are susceptible to a denial of service attack due to improper validation of signal numbers.
c87f33e96c8be65778ca953502578c8425ff00101734e66ee8d4c460da100569
The D-Link 704p router with firmware version 2.70 is susceptible to multiple denial of service attacks via excessively populated URLs.
259dfe21c118eba6461f050b76150dcde4b4c110bda548460ad171c05429eaea
CERT Advisory CA-2003-20 - CERT announces that the exploitation of the RPC/DCOM vulnerability on Windows has now taken the form of a worm known as the W32/Blaster worm. This worm retrieves a binary that is then used to launch further attacks and is poised to launch a denial of service against windowsupdate.com.
d0e25a4a85c54bd50ad5e142ccb2f76e9828730a435bc2804f3ba2ff79e33d2a
VBulletin version 3.0 Beta 2 is susceptible to a cross site scripting vulnerability in its new member page (register.php).
82b507f123b10ff88ea31cb0f462ee386a7460f3528905be6623a60bcc1ae7b8
Information regarding one variant of the Microsoft Windows DCOM worm that is circulating around the Internet.
59735ded0ae61947b297bce4cc8893aacbe08a99ba65ee013fdc60b7b6f1617c
FreeBSD Security Advisory FreeBSD-SA-03:10.ibcs2 - The iBCS2 system call translator for statfs(2) erroneously used the user-supplied length parameter when copying a kernel data structure into userland. If the length parameter were larger than required, then instead of copying only the statfs-related data structure, additional kernel memory would also be made available to the user. If iBCS2 support were enabled, a malicious user could call the iBCS2 version of statfs(2) with an arbitrarily large length parameter, causing the kernel to return a large portion of kernel memory.
2c9b5bbe17a8ffdc72ab9be9c1de622434f5b2edb34fe8252dc32db8f6d8db6d
Atstake Security Advisory A080703-2 - tcpflow, the network monitoring tool that records TCP sessions in an easy to use and view manner, contains a format string vulnerability that is typically unexploitable.
b4f0c4f5a717ad038f3eb39e9c687e11d5766b61d2e3b9b83c77992f43bb0bcf
Atstake Security Advisory A080703-1 - Both IPNetSentryX and IPNetMonitorX come with three helper tools that each have security issues associated with them. The first two tools: RunTCPDump and RunTCPFlow allow arbitrary users to monitor the network without requiring any form of authentication or privilege. The third tool, tcpflow (executed by RunTCPFlow), contains a format string vulnerability, allowing arbitrary commands to be run as the user calling the program. Since RunTCPFlow is setuid root and will pass arguments to tcpflow, we can execute arbitrary commands as root.
e9e60f02bd40ae6f22a3de8966d31b5d80e4df271203a7ad9f1e8286a57adf29
Normal Lotus SameTime login credential encryption with 1.5 and 3.0 Windows clients use RC2 to encrypt the password, and even sends the key along with the login packet allowing an attacker to decrypt the credentials and steal a user's IM identity.
ad64a9fe4bbbde50b0d5f0cba5697b9b0bcecf4a3a60751b3d67d01c9cd0fa10
The Cisco CSS 11000 Series is vulnerable to a denial of service when there is a heavy storm of TCP SYN packets directed to the circuit address. It may also cause a high CPU load or sudden reboots.
f428cbfd82405bf502ceb2aa293ef7892c0d9d5b82c9b6b3f2bc160a5ec34590
Response from Corey Bridges of ZoneAlarm in regards to the vulnerability originally discovered by Lord YuP in their device driver VSDATANT and the exploit that is circulating for it.
4512058aba60fcf0849c6965870ff987198adc999b4c1041329bc6c2fa605f69
Meteor FTP server version 1.5 is vulnerable to a remote denial of service when large amounts of data are fed to the USER directive.
b4cfe181724c3b90ba0d60d8c3bf0e202529e26d7c55a47cade63e2e544e570c
Novacoast Security Advisory - Novacoast has discovered that Novell GroupWise 6.5 Wireless Webaccess logs all usernames and passwords in clear text.
73f94dfc0e4284cc8cbaf2c9688ddbad14ddec6437238d61c2b58e0ae32235bd
EF Commander versions 3.54 and below are vulnerable to various buffer overflows that can allow for remote arbitrary code execution.
4b6a103daedde0838356670bb130997652d09b35383a7ead54a7b31c2bb79a60