Weekly Vulnerabilities Reports > May 26 to June 1, 2003
Overview
25 new vulnerabilities reported during this period, including 2 critical vulnerabilities and 13 high severity vulnerabilities. This weekly summary report vulnerabilities in 23 products from 17 vendors including Mirabilis, Cisco, Bvrp Software, Microsoft, and Linux. Vulnerabilities are notably categorized as .
- 21 reported vulnerabilities are remotely exploitables.
- 25 reported vulnerabilities are exploitable by an anonymous user.
- Mirabilis has the most reported vulnerabilities, with 5 reported vulnerabilities.
- GNU has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
2 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2003-05-27 | CVE-2003-0274 | Cren | Remote Security vulnerability in Cren Listproc 8.2.9 Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value. | 10.0 |
| 2003-05-27 | CVE-2003-0255 | GNU | Unspecified vulnerability in GNU Privacy Guard The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path. | 10.0 |
13 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2003-05-27 | CVE-2003-0271 | Cooolsoft | Remote Security vulnerability in Personal Ftp Server Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long USER argument. | 7.5 |
| 2003-05-27 | CVE-2003-0266 | Bvrp Software | Denial-Of-Service vulnerability in Bvrp Software Slwebmail 3.0 Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long Language parameter to showlogin.dll, (2) a long CompanyID parameter to recman.dll, (3) a long CompanyID parameter to admin.dll, or (4) a long CompanyID parameter to globallogin.dll. | 7.5 |
| 2003-05-27 | CVE-2003-0264 | Seattle LAB Software | Unspecified vulnerability in Seattle LAB Software Slmail 5.1.0.4420 Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server. | 7.5 |
| 2003-05-27 | CVE-2003-0263 | Floosietek | Buffer Overflow vulnerability in Floosietek Ftgatepro 1.221328 Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands. | 7.5 |
| 2003-05-27 | CVE-2003-0258 | Cisco | Remote Security vulnerability in VPN 3000 Concentrator Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication. | 7.5 |
| 2003-05-27 | CVE-2003-0256 | KDE | Unspecified vulnerability in KDE Kopete 0.6.1 The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands. | 7.5 |
| 2003-05-27 | CVE-2003-0243 | Happycgi | Unspecified vulnerability in Happycgi Happymall 4.3/4.4 Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts. | 7.5 |
| 2003-05-27 | CVE-2003-0237 | Mirabilis | Remote Command Execution vulnerability in Mirabilis ICQ Features On Demand The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack. | 7.5 |
| 2003-05-27 | CVE-2003-0236 | Mirabilis | Integer Overflow vulnerability in Mirabilis ICQ POP3 Client Subject Field Signed Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to execute arbitrary code via the (1) Subject or (2) Date headers. | 7.5 |
| 2003-05-27 | CVE-2003-0235 | Mirabilis | Unspecified vulnerability in Mirabilis ICQ Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command. | 7.5 |
| 2003-05-27 | CVE-2003-0228 | Microsoft | Unspecified vulnerability in Microsoft Windows Media Player 7.1 Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location. | 7.5 |
| 2003-05-27 | CVE-2003-0269 | Youbin | Buffer Overflow vulnerability in Youbin HOME Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable. | 7.2 |
| 2003-05-27 | CVE-2003-0262 | Leksbot | Multiple Unspecified vulnerability in Leksbot 1.2 leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have. | 7.2 |
10 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2003-05-27 | CVE-2003-0273 | Best Practical Solutions | Cross-Site Scripting vulnerability in Request Tracker Cross-site scripting (XSS) vulnerability in the web interface for Request Tracker (RT) 1.0 through 1.0.7 allows remote attackers to execute script via message bodies. | 6.8 |
| 2003-05-27 | CVE-2003-0265 | SAP | Unspecified vulnerability in SAP DB 7.3.29/7.4.3.7Beta Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed. | 6.2 |
| 2003-05-27 | CVE-2003-0268 | Bvrp Software | Remote Security vulnerability in Bvrp Software Slwebmail 3.0 SLWebMail 3 on Windows systems allows remote attackers to identify the full path of the server via invalid requests to DLLs such as WebMailReq.dll, which reveals the path in an error message. | 5.0 |
| 2003-05-27 | CVE-2003-0267 | Bvrp Software | Remote Security vulnerability in Bvrp Software Slwebmail 3.0 ShowGodLog.dll in SLWebMail 3 on Windows systems allows remote attackers to read arbitrary files by directly calling ShowGodLog.dll with an argument specifying the full path of the target file. | 5.0 |
| 2003-05-27 | CVE-2003-0260 | Cisco | Denial-Of-Service vulnerability in VPN 3000 Concentrator Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets. | 5.0 |
| 2003-05-27 | CVE-2003-0259 | Cisco | Denial-Of-Service vulnerability in VPN 3000 Concentrator Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet. | 5.0 |
| 2003-05-27 | CVE-2003-0244 | Linux | Remote Denial Of Service vulnerability in Linux Kernel 2.4.0 The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions. | 5.0 |
| 2003-05-27 | CVE-2003-0239 | Mirabilis | Denial Of Service vulnerability in Mirabilis ICQ GIF Parsing icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service via malformed GIF89a headers that do not contain a GCT (Global Color Table) or an LCT (Local Color Table) after an Image Descriptor. | 5.0 |
| 2003-05-27 | CVE-2003-0238 | Mirabilis | Denial Of Service vulnerability in Mirabilis ICQ Message Session Window The Message Session window in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service (CPU consumption) by spoofing the address of an ADS server and sending HTML with a -1 width in a table tag. | 5.0 |
| 2003-05-27 | CVE-2003-0261 | Fuzz | Local Security vulnerability in Fuzz fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges. | 4.6 |
0 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|