Weekly Vulnerabilities Reports > December 13 to 19, 2004

Overview

15 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 4 high severity vulnerabilities. This weekly summary report vulnerabilities in 26 products from 14 vendors including Redhat, Debian, Microsoft, Linux, and Suse. Vulnerabilities are notably categorized as .

  • 10 reported vulnerabilities are remotely exploitables.
  • 15 reported vulnerabilities are exploitable by an anonymous user.
  • Redhat has the most reported vulnerabilities, with 6 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

0 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS

4 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2004-12-15 CVE-2004-1322 Cisco Unspecified vulnerability in Cisco Unity Server

Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages.

7.5
2004-12-15 CVE-2004-1321 Asante Remote Security vulnerability in Asante Fm2008 Managed Ethernet Switch 1.6

The configuration backup in Asante FM2008 running firmware 1.06 stores the username and password in cleartext, which could allow remote attackers to gain unauthorized access.

7.5
2004-12-15 CVE-2004-1320 Asante Unspecified vulnerability in Asante Fm2008 Managed Ethernet Switch 1.6

Asante FM2008 running firmware 1.06 is shipped with a default username and password, which could allow remote attackers to gain unauthorized access.

7.5
2004-12-18 CVE-2004-1374 Netbsd Local Security vulnerability in Netbsd 2.0.4

Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges.

7.2

6 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2004-12-18 CVE-2004-1325 Microsoft Unspecified vulnerability in Microsoft Windows Media Player 9

The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system.

5.0
2004-12-17 CVE-2004-1768 Symantec Unspecified vulnerability in Symantec Brightmail Antispam 6.0.1

The character converters in the Spamhunter and Language ID modules for Symantec Brightmail AntiSpam 6.0.1 before patch 132 allow remote attackers to cause a denial of service (crash) via messages with the ISO-8859-10 character set, which is not recognized by the converters.

5.0
2004-12-15 CVE-2004-1319 Nortel
Microsoft
The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180.
5.0
2004-12-15 CVE-2004-1145 Ethereal Group
SGI
Conectiva
Altlinux
Debian
Redhat
Suse
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
5.0
2004-12-15 CVE-2004-1142 Ethereal Group
SGI
Conectiva
Altlinux
Debian
Redhat
Suse
Denial of Service and Potential Code Execution vulnerability in Ethereal

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

5.0
2004-12-15 CVE-2004-1139 Ethereal Group
SGI
Conectiva
Altlinux
Debian
Redhat
Suse
Denial of Service and Potential Code Execution vulnerability in Ethereal

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

5.0

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2004-12-18 CVE-2004-1324 Microsoft Unspecified vulnerability in Microsoft Windows Media Player 9

The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer.

2.6
2004-12-16 CVE-2004-1323 Netbsd Denial-Of-Service vulnerability in NetBSD

Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions.

2.1
2004-12-15 CVE-2004-1335 Linux
Redhat
Local vulnerability in Linux Kernel

Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.

2.1
2004-12-15 CVE-2004-1334 Linux
Redhat
Denial-Of-Service vulnerability in Linux kernel

Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow.

2.1
2004-12-15 CVE-2004-1333 Linux
Redhat
Local vulnerability in Linux Kernel

Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.

2.1