Weekly Vulnerabilities Reports > November 11 to 17, 2002
Overview
23 new vulnerabilities reported during this period, including 1 critical vulnerabilities and 15 high severity vulnerabilities. This weekly summary report vulnerabilities in 24 products from 20 vendors including Microsoft, Abuse, Apple, Linksys, and HP. Vulnerabilities are notably categorized as .
- 18 reported vulnerabilities are remotely exploitables.
- 23 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 5 reported vulnerabilities.
- Log2Mail has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
1 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2002-11-12 | CVE-2002-1251 | Log2Mail | Remote Buffer Overflow vulnerability in Michael Krax log2mail Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message. | 10.0 |
15 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2002-11-12 | CVE-2002-1278 | Jacques Gelinas | Unspecified vulnerability in Jacques Gelinas Linuxconf 1.2.4R2/1.2.5R3 The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Spam email. | 7.5 |
2002-11-12 | CVE-2002-1277 | Windowmaker | Buffer Overflow vulnerability in WindowMaker Image Handling Buffer overflow in Window Maker (wmaker) 0.80.0 and earlier may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and height information to allocate a buffer. | 7.5 |
2002-11-12 | CVE-2002-1275 | Html2Ps Project | Remote Command Execution vulnerability in Html2Ps Project Html2Ps 1.0 Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when used within LPRng, allows remote attackers to execute arbitrary code via "unsanitized input." | 7.5 |
2002-11-12 | CVE-2002-1271 | Perl Mailtools | Remote Command Execution vulnerability in PERL-MailTools The Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the default mailer, which allows remote attackers to execute arbitrary commands by inserting them into the mail body, which is then processed by mailx. | 7.5 |
2002-11-12 | CVE-2002-1264 | Oracle | Buffer Overflow vulnerability in Oracle 9i Database Server iSQL Plus Malformed USERID Buffer overflow in Oracle iSQL*Plus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL. | 7.5 |
2002-11-12 | CVE-2002-1244 | Pablo Software Solutions | Unspecified vulnerability in Pablo Software Solutions Pablo FTP Server Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format strings in the USER command. | 7.5 |
2002-11-12 | CVE-2002-1242 | Francisco Burzi | SQL Injection vulnerability in Francisco Burzi PHP-Nuke 5.6 SQL injection vulnerability in PHP-Nuke before 6.0 allows remote authenticated users to modify the database and gain privileges via the "bio" argument to modules.php. | 7.5 |
2002-11-12 | CVE-2002-1238 | Peter Sandvik | Unspecified vulnerability in Peter Sandvik Simple web Server Peter Sandvik's Simple Web Server 0.5.1 and earlier allows remote attackers to bypass access restrictions for files via an HTTP request with a sequence of multiple / (slash) characters such as http://www.example.com///file/. | 7.5 |
2002-11-12 | CVE-2002-1211 | Jason Orcutt | Remote File Include vulnerability in Jason Orcutt Prometheus 3.0Beta/4.0Beta/6.0 Prometheus 6.0 and earlier allows remote attackers to execute arbitrary PHP code via a modified PROMETHEUS_LIBRARY_BASE that points to code stored on a remote server, which is then used in (1) index.php, (2) install.php, or (3) various test_*.php scripts. | 7.5 |
2002-11-12 | CVE-2002-1180 | Microsoft | Unspecified vulnerability in Microsoft Internet Information Services 5.0 A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability." | 7.5 |
2002-11-12 | CVE-2002-0869 | Microsoft | Unspecified vulnerability in Microsoft products Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation." | 7.5 |
2002-11-12 | CVE-2002-1253 | Abuse | Local Security vulnerability in Abuse Abuse 2.00 and earlier allows local users to gain privileges via command line arguments that specify alternate Lisp scripts that run at escalated privileges, which can contain functions that execute commands or modify files. | 7.2 |
2002-11-12 | CVE-2002-1250 | Abuse | Local Buffer Overflow vulnerability in Abuse Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument. | 7.2 |
2002-11-12 | CVE-2002-1245 | Frank Mcingvale | Unspecified vulnerability in Frank Mcingvale Luxman 0.41 Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points to a Trojan horse gzip program. | 7.2 |
2002-11-12 | CVE-2002-1239 | QNX | Unspecified vulnerability in QNX Rtos 6.2.0 QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point to a malicious cp program. | 7.2 |
7 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2002-11-12 | CVE-2002-1181 | Microsoft | Unspecified vulnerability in Microsoft products Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors. | 6.8 |
2002-11-12 | CVE-2002-1265 | GNU SGI Apple | Denial Of Service vulnerability in Multiple Vendor Sun RPC LibC TCP Time-Out The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang). | 5.0 |
2002-11-12 | CVE-2002-1248 | Northern Solutions | Denial Of Service vulnerability in Northern Solutions Xeneo Web Server 2.0.759.6/2.1.0.0 Northern Solutions Xeneo Web Server 2.1.0.0, 2.0.759.6, and other versions before 2.1.5 allows remote attackers to cause a denial of service (crash) via a GET request for a "%" URI. | 5.0 |
2002-11-12 | CVE-2002-1236 | Linksys | Denial Of Service vulnerability in Linksys BEFSR41 Gozila.CGI The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments. | 5.0 |
2002-11-12 | CVE-2002-1182 | Microsoft | Unspecified vulnerability in Microsoft Internet Information Services 5.0 IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned. | 5.0 |
2002-11-12 | CVE-2002-0711 | HP | Denial of Service vulnerability in HP Trucluster Server 5.0A/5.1/5.1A Unknown vulnerability in Cluster Interconnect for HP TruCluster Server 5.0A, 5.1, and 5.1A may allow local and remote attackers to cause a denial of service. | 5.0 |
2002-11-12 | CVE-2002-1184 | Microsoft | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs. | 4.6 |
0 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|