Microsoft has issued Service Pack 2 for ISA Server 2000. This includes patches for all previously reported vulnerabilities as well as older hot fixes, where some address potential security issues.
cde0a6316c61f476997a2b12d1eb5ba5efc7734e090b2a60a4e961c5b135579d
A vulnerability has been discovered in ignitionServer versions 0.1.2 through 0.3.1, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to missing password verification when linking servers.
a2424139487a4dea84b44192623c5978ce663be7e2f00ee01d02e198048e68cf
A vulnerability has been discovered in MoinMoin that can be exploited by malicious users to gain escalated privileges. The problem is that a user can gain the same privileges as an administrative group by creating a user with the same name. The vulnerability has been reported in versions 1.1, 1.2, and 1.2.1.
45a321ae4b91a6a821b0a72632c38aabc18c47b6a701c04a78584d8a3468d948
VP-ASP Shopping Cart 5.x has a vulnerability which can potentially be exploited by malicious people to conduct cross-site scripting attacks.
39e70e14d5aaca15d049fefd2cf2605dd17105c01c09ccaa33fcafe0ff6552e5
An integer handling error within the swapctl() system call of NetBSD 1.x can allow a local user the ability to cause a denial of service attack.
0b04f2d0bae3375ec84b5c4112c85c28ed5adf7a137c5cae027ebc0d6c7b7189
A vulnerability in the Billion BIPAC-640 AE Broadband Firewall Gateway can be exploited by malicious people to bypass user authentication on the administrative web interface.
8f7a686d9df9d69ea856244b34bb4a7ae567e7e1692f015c199a0b92a90df698
The version of mod_proxy shipped with Apache 1.3.31 and possibly earlier versions are susceptible to a buffer overflow via the Content-Length: header. This can lead to a denial of service and possible compromise of a vulnerable system.
4fd4a3dc2ff2887823678f53b78e0b6b9f804c4881d7f2160ca9ed11a8f808d5
Technical Cyber Security Alert TA04-163A - There is a cross-domain vulnerability in the way Microsoft Internet Explorer determines the security zone of a browser frame that is opened in one domain then redirected by a web server to a different domain.
e5fe41adfe15146f3fc5105718e0bfa3890d7a0fee8aa704345909e52c657e10
NGSSoftware Insight Security Research Advisory #NISR11062004 - By crafting a malformed .RA, .RM, .RV or .RMJ file it possible to cause heap corruption that can lead to execution of arbitrary code. By forcing a browser or enticing a user to a website containing such a file, arbitrary attacker supplied code could be executed on the target machine. This code will run in the security context of the logged on user. Another attacker vector is via an e-mail attachment. NGSResearchers have created reliable exploits to take advantage of these issues. Versions affected are: RealOne Player (English), RealOne Player v2 (all languages), RealPlayer 10 (English, German and Japanese), RealPlayer 8 (all languages), RealPlayer Enterprise (all versions, standalone and as-configured by the RealPlayer Enterprise Manager).
9386d33a1646cab5f7eba3a0866f4a1fc55d21938426f75fe5d480922d5d3f5b
Webmin version 1.140, a web-based system administration tool for Unix, has a vulnerability that allow users to gain read access to the configuration of a module without authentication.
832e4e216b40d2258786e8d36c494b2dff9a4983cb87e9a3c826f970fdbdccea
eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in RealPlayer. The vulnerability allows a remote attacker to reliably overwrite heap memory with arbitrary data and execute arbitrary code in the context of the user who executed the player or application hosting the RealMedia plug-in. This specific flaw exists within the embd3260.dll file used by RealPlayer. By specially crafting a malformed movie file along with an HTML file, a direct heap overwrite is triggered, and reliable code execution is then possible. Systems Affected: RealOne Player, RealOne Player v2, RealPlayer 10, RealPlayer 8, RealPlayer Enterprise.
7947dd5f305ea9cdbbffb6a947c20d36de581d05306a574cdfa1fe8b8b697c67
A potential security vulnerability has been identified with HP-UX running ftp where the vulnerability could be exploited remotely to allow unauthorized access. Impacted versions: HP-UX B.11.00, B.11.11, B.11.22.
ab12a0e7ff3eb0a9bb5ed915071dfbd16a49a23454a83568e6ff1ae48eb57ce7
A remotely exploitable format string vulnerability exists in smtp.proxy up to and including version 1.1.3. The bug is present and exploitable regardless of any compile time and runtime configuration options and can be exploited by sending a message with an embedded format string in either the client hostname or the message-id.
650e059f4660964948bab6dd542c9c7d67dea329505d29c355d351dea912ff5d
A vulnerability has been discovered in Horde IMP, which can be exploited by malicious people to conduct script insertion attacks.
b1d1629dfac41480e467a2bb663539dec54c6c326e255476f523f6fac4713933
A security issue has been discovered in jCIFS, which allows a malicious person to authenticate with an invalid username. The problem is that it is possible to authenticate with any username if the guest account is enabled on a CIFS server.
675fb88dd7cc8e44fbcc44ff7bf475680140d3ac8ec29f1e2297e835d7820b74
iDEFENSE Security Advisory 06.08.04: A remote attacker can compromise a target system if Squid Proxy is configured to use the NTLM authentication helper. The attacker can send an overly long password to overflow the buffer and execute arbitrary code.
5eeaa170fb736208161866b9b915659dd2b08d182ea719bbcd682afa10efcdcb
Cisco CatOS is susceptible to a TCP-ACK Denial of Service (DoS) attack on the Telnet, HTTP and SSH service. If exploited, the vulnerability causes the Cisco CatOS running device to stop functioning and reload. Releases affected: 8.xGLX earlier than 8.3(2)GLX, 8.x earlier than 8.2(2), 7.x earlier than 7.6(6), 6.x earlier than 6.4(9). and 5.x earlier than 5.5(20).
15cda5b82d4ade1ac1a856cf5bd507f182724333ff561e6782f209b6365e3edc
AspDotNetStorefront version 3.3 has a flaw that allows a remote attacker the ability to delete images off of a server due to a lack of input validation.
0244a82608fea01217f84f916119ab814c93d08eb9a2d684b836dac5023d41f5
AspDotNetStorefront 3.3 is susceptible to cross site scripting attacks.
1eb56fae16eaac67ad293e449ed3a276d2fc44db852094fe8eb332bc05476974
A team audit of the CVS codebase has revealed more security related problems. The vulnerabilities discovered include exploitable, potentially exploitable and simple crash bugs. Vulnerable versions are CVS feature releases up to 1.12.8 and stable release up to 1.11.16.
155d8c19e5073cd3b1c60af1ba16f4d76266640aeb9a5c4f91e717dbed6b651a
Trend OfficeScan version 5.5 has a flaw that allows a malicious user to escalate a program's privileges to that of the virus scanner.
36121a2829a6a5c033114693249b37fcc5fbc956938dcdd00ac0cc73d1f9d913
The Symantec Gateway Security 360R fails to prohibit non-VPNed wireless connections when the directive to enforce tunnels is set.
179a41248346521d57a670433db1db150c5b195e6cc51ed7be19c5c0cedcc1bd
Aspell is susceptible to a stack overflow when it makes use of a wordlist file that has an entry exceeding 256 bytes.
7b148643f8b27cc0b5251d418834bd40e6879c6455093a920ae35722acfa711d
Unauthorized deletion of IPsec SAs is still possible using a delete payload piggybacked on an initiation of main mode with the latest version of isakmpd.
c5d443ed4065bde5c240457b08dcb81606ea790ee65250147c49eddf9744dc54
Invision Power Board version 1.3.1 Final is susceptible to cross site scripting and SQL injection attacks.
e90c89df5d41852f1edbd13d3d36ccc97f9e5d568ba29464fa79b01c4effe12a