Weekly Vulnerabilities Reports > September 6 to 12, 2004
Overview
12 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 5 high severity vulnerabilities. This weekly summary report vulnerabilities in 16 products from 12 vendors including Apple, Icewarp, Merak, Solarwinds, and F Secure. Vulnerabilities are notably categorized as and "Improper Input Validation".
- 10 reported vulnerabilities are remotely exploitables.
- 12 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|
5 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2004-09-12 | CVE-2004-1676 | Gadu Gadu | Remote Heap Overflow vulnerability in Gadu-Gadu Instant Messenger 6.0/6.0Build149 Heap-based buffer overflow in the image sending feature in Gadu-Gadu 6.0 build 149 allows remote attackers to execute arbitrary code via a crafted GG_MSG_IMAGE_REPLY message. | 7.5 |
| 2004-09-10 | CVE-2004-1670 | Icewarp Merak | Remote Input Validation vulnerability in IceWarp Web Mail Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote attackers to (1) create arbitrary directories via a .. | 7.5 |
| 2004-09-10 | CVE-2004-1668 | Easyweb | SQL Injection vulnerability in Easyweb Factory Subjects Module 2.0 Multiple SQL injection vulnerabilities in index.php in Subjects 2.0 Postnuke module allow remote attackers to execute arbitrary SQL commands via the (1) pageid, (2) subid, or (3) catid parameters. | 7.5 |
| 2004-09-07 | CVE-2004-0823 | Openldap Apple | OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them. | 7.5 |
| 2004-09-07 | CVE-2004-0822 | Apple | Environment Variable Buffer Overflow vulnerability in Apple CoreFoundation Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. | 7.2 |
6 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2004-09-12 | CVE-2004-1677 | Logicnow | Information Disclosure vulnerability in PerlDesk pdesk.cgi in PerlDesk allows remote attackers to gain sensitive information via an invalid lang parameter, which includes pathname information in an error message. | 5.0 |
| 2004-09-11 | CVE-2004-1675 | Solarwinds | Improper Input Validation vulnerability in Solarwinds Serv-U File Server Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1, (3) PRN, or (4) AUX. | 5.0 |
| 2004-09-09 | CVE-2004-1667 | Gearbox Software | Remote Denial Of Service vulnerability in Gearbox Software Halo Combat Evolved Game Server Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial of service (server crash) via a long client response. | 5.0 |
| 2004-09-09 | CVE-2004-0830 | F Secure | Remote Denial of Service vulnerability in F-Secure products The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet. | 5.0 |
| 2004-09-06 | CVE-2004-1348 | SUN | Remote Denial of Service vulnerability in Sun Solaris in.named Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash). | 5.0 |
| 2004-09-10 | CVE-2004-1669 | Icewarp Merak | Remote Input Validation vulnerability in IceWarp Web Mail Cross-site scripting (XSS) vulnerability in MERAK Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to execute arbitrary web script or HTML via the (1) User name parameter to accountsettings.html or (2) Search string parameter to search.html. | 4.3 |
1 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2004-09-08 | CVE-2004-0851 | Ulrich Callmeier | Symbolic Link vulnerability in Ulrich Callmeier Net-Acct 0.6/0.7/0.71 The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 2.1 |