Weekly Vulnerabilities Reports > October 27 to November 2, 2003

Overview

19 new vulnerabilities reported during this period, including 2 critical vulnerabilities and 3 high severity vulnerabilities. This weekly summary report vulnerabilities in 20 products from 18 vendors including Musicqueue, Redhat, Oracle, Symantec, and Nokia. Vulnerabilities are notably categorized as and "Cross-site Scripting".

  • 18 reported vulnerabilities are remotely exploitables.
  • 1 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 19 reported vulnerabilities are exploitable by an anonymous user.
  • Musicqueue has the most reported vulnerabilities, with 2 reported vulnerabilities.
  • Seyeon has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

2 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2003-10-30 CVE-2003-1160 Seyeon Unspecified vulnerability in Seyeon Flexwatch Network Video Server 2.2/Model132

FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//).

10.0
2003-10-27 CVE-2003-1140 Musicqueue Buffer Overrun vulnerability in Musicqueue

Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language variable in the configuration file.

10.0

3 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2003-10-30 CVE-2003-1143 Croteam Remote Denial of Service vulnerability in Serious Sam Engine

Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter 1.05, and Serious Sam: the Second Encounter 1.05 allow remote attackers to cause a denial of service (crash or freeze) via a TCP packet with an invalid first parameter.

7.5
2003-10-29 CVE-2003-1186 Telcondex Remote Buffer Overflow vulnerability in Telcondex Simplewebserver 2.12.30210Build3285

Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header.

7.5
2003-10-27 CVE-2003-1150 Novell Buffer Overrun vulnerability in Novell PMAP.NLM

Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors.

7.5

14 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2003-11-02 CVE-2003-1187 Phpkit Cross-Site Scripting vulnerability in PHPkit 1.6.02/1.6.03

Cross-site scripting (XSS) vulnerability in include.php in PHPKIT 1.6.02 and 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the contact_email parameter.

6.8
2003-10-30 CVE-2003-1197 Ledscripts COM Fileds HTML Injection vulnerability in Ledscripts LedForums

Cross-site scripting (XSS) vulnerability in index.php for Ledscripts.com LedForums Beta 1 allows remote attackers to inject arbitrary web script or HTML via the (1) top_message parameter or (2) topic field of a new thread.

6.8
2003-10-30 CVE-2003-1194 Booby Cross-Site Scripting vulnerability in Booby Error Message

Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 allows remote attackers to inject arbitrary web script or HTML via the error message.

6.8
2003-11-02 CVE-2003-1188 Unichat Denial of Service vulnerability in Unichat 2.0

Unichat allows remote attackers to cause a denial of service (crash) by adding extra chat characters (avatars) and logging in to a chat room, as demonstrated using duplicate ACTOR entries in u2res000.rit.

5.0
2003-10-31 CVE-2003-1159 Plug AND Play Remote Denial of Service vulnerability in Plug and Play Plug and Play web Server Proxy 1.0002C

Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service (server crash) via an invalid URI in an HTTP GET request to TCP port 8080.

5.0
2003-10-29 CVE-2003-1191 E107 Denial of Service vulnerability in E107 0.545/0.603

chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a denial of service (pages fail to load) via HTML in the Name field, which prevents the main.php form from being loaded.

5.0
2003-10-29 CVE-2003-1189 Nokia Denial of Service vulnerability in Nokia Ipso 3.7

Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, allows remote attackers to cause a denial of service via unknown attack vectors.

5.0
2003-10-27 CVE-2003-1139 Musicqueue Unspecified vulnerability in Musicqueue 1.2

Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file.

5.0
2003-10-27 CVE-2003-1138 Redhat Unspecified vulnerability in Redhat Interchange 2.0.4021.5

The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).

5.0
2003-10-27 CVE-2003-1137 Charles Steinkuehler Remote Information Disclosure vulnerability in Charles Steinkuehler Sh-Httpd 0.3/0.4

Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to read files or execute arbitrary CGI scripts via a GET request that contains an asterisk (*) wildcard character.

5.0
2003-10-27 CVE-2003-1060 SUN Remote Denial Of Service vulnerability in Sun Solaris NFS Server

The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.

5.0
2003-10-28 CVE-2003-1183 Oracle Unspecified vulnerability in Oracle Files 9.0.3.1.0/9.0.3.2.0/9.0.3.3.0

The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3.3.0 of Oracle Collaboration Suite Release 1 caches files despite the cacheability rules imposed by Oracle Files, which allows local users to gain access.

4.6
2003-10-28 CVE-2003-1151 Fastream Cross-Site Scripting vulnerability in Fastream NetFile Error Message

Cross-site scripting (XSS) vulnerability in Fastream NETFile Server 6.0.3.588 allows remote attackers to inject arbitrary web script or HTML via the URL, which is displayed on a "404 Not Found" error page.

4.3
2003-10-27 CVE-2003-1149 Symantec Cross-Site Scripting vulnerability in Symantec Norton Internet Security 20036.0.4.34

Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page.

4.3

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS