Weekly Vulnerabilities Reports > September 13 to 19, 2004
Overview
26 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 7 high severity vulnerabilities. This weekly summary report vulnerabilities in 45 products from 32 vendors including Suse, Conectiva, Microsoft, Mozilla, and Redhat. Vulnerabilities are notably categorized as and "Incorrect Resource Transfer Between Spheres".
- 21 reported vulnerabilities are remotely exploitables.
- 26 reported vulnerabilities are exploitable by an anonymous user.
- Suse has the most reported vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|
7 High Vulnerabilities
16 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2004-09-18 | CVE-2004-1691 | Rhinosoft | Denial Of Service And Cross-Site Scripting vulnerability in Rhinosoft Dns4Me 3.0.0.4 The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data. | 5.0 |
2004-09-16 | CVE-2004-1688 | Tech Noel | Remote Denial Of Service vulnerability in Tech-Noel Pigeon Server 3.02.0143 Pigeon Server 3.02.0143 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a long login name sent to port 3103. | 5.0 |
2004-09-16 | CVE-2004-1687 | Snitz Communications | Unspecified vulnerability in Snitz Communications Snitz Forums 2000 CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the location parameter. | 5.0 |
2004-09-16 | CVE-2004-0872 | Opera | Incorrect Resource Transfer Between Spheres vulnerability in Opera Browser 7.51 Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | 5.0 |
2004-09-16 | CVE-2004-0871 | Mozilla | Remote Security vulnerability in Mozilla 0.9.2 Mozilla does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | 5.0 |
2004-09-16 | CVE-2004-0870 | KDE | Remote Security vulnerability in Konqueror KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | 5.0 |
2004-09-16 | CVE-2004-0869 | Microsoft | Remote Security vulnerability in Microsoft IE 6 Internet Explorer does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | 5.0 |
2004-09-15 | CVE-2004-1686 | Microsoft | Unspecified vulnerability in Microsoft IE 6.0 Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to bypass the Information Bar prompt for ActiveX and Javascript via an XHTML page that contains an Internet Explorer formatted comment between the DOCTYPE tag and the HTML tag, as demonstrated using the DesignScience MathPlayer ActiveX plugin. | 5.0 |
2004-09-13 | CVE-2004-1684 | Zyxel | Information Disclosure vulnerability in Zyxel Prestige and Zynos Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an ARP request, which allows remote attackers to obtain sensitive information by sniffing the network. | 5.0 |
2004-09-13 | CVE-2004-1680 | Pingtel | Remote Denial Of Service vulnerability in Pingtel Xpressa Handset application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service (VxWorks OS crash) via a long HTTP GET request, possibly triggering a buffer overflow. | 5.0 |
2004-09-13 | CVE-2004-1678 | Logicnow | Unspecified vulnerability in Logicnow Perldesk Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 (null) character in the lang parameter, which can leak portions of the requested files if a compilation error message occurs. | 5.0 |
2004-09-13 | CVE-2004-0807 | Samba SGI Conectiva Mandrakesoft Suse | Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. | 5.0 |
2004-09-14 | CVE-2004-0905 | Mozilla Netscape Conectiva Redhat Suse | Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | 4.6 |
2004-09-18 | CVE-2004-1692 | Mambo | Input Validation vulnerability in Mambo Open Source 4.51.0.9 Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 (1.0.9) allows remote attackers to inject arbitrary web script or HTML via the (1) Itemid, (2) mosmsg, or (3) limit parameters. | 4.3 |
2004-09-18 | CVE-2004-1690 | Rhinosoft | Denial Of Service And Cross-Site Scripting vulnerability in Rhinosoft Dns4Me 3.0.0.4 Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL. | 4.3 |
2004-09-17 | CVE-2004-0534 | Businessobjects | Remote File Name HTML Injection vulnerability in Businessobjects Infoview and Webintelligence Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document. | 4.3 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2004-09-13 | CVE-2004-1683 | QNX | Local Command Execution vulnerability in QNX CRTTrap Path Environment Variable A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before is executed by crrtrap. | 3.7 |
2004-09-16 | CVE-2004-1689 | Todd Miller | Information Disclosure vulnerability in Todd Miller Sudo 1.6.8 sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit. | 2.1 |
2004-09-13 | CVE-2004-0838 | Lexar | Unspecified vulnerability in Lexar Jumpdrive Secure Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password protected part of the drive. | 2.1 |