Weekly Vulnerabilities Reports > December 27, 2004 to January 2, 2005
Overview
10 new vulnerabilities reported during this period, including 2 critical vulnerabilities and 4 high severity vulnerabilities. This weekly summary report vulnerabilities in 12 products from 11 vendors including Apple, Linux, Cisco, Canonical, and Broadcom. Vulnerabilities are notably categorized as "Improper Handling of Case Sensitivity", "Cross-Site Request Forgery (CSRF)", "Unsafe Reflection", "Integer Overflow or Wraparound", and "Inadequate Encryption Strength".
- 7 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 7 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 1 reported vulnerabilities.
- Apple has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
2 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2004-12-31 | CVE-2004-2214 | Mbedthis | Improper Handling of Case Sensitivity vulnerability in Mbedthis Appweb Http Server 1.0.4 Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case characters. | 9.8 |
| 2004-12-31 | CVE-2004-2154 | Apple Canonical | Improper Handling of Case Sensitivity vulnerability in multiple products CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. | 9.8 |
4 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2004-12-31 | CVE-2004-1842 | Phpnuke | Cross-Site Request Forgery (CSRF) vulnerability in PHPnuke PHP-Nuke Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php. | 8.8 |
| 2004-12-31 | CVE-2004-2013 | Linux | Integer Overflow or Wraparound vulnerability in Linux Kernel Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory. | 7.8 |
| 2004-12-31 | CVE-2004-2397 | Broadcom | Cleartext Storage of Sensitive Information vulnerability in Broadcom Bluecoat Security Gateway The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates. | 7.5 |
| 2004-12-31 | CVE-2004-2172 | Netsourcecommerce | Inadequate Encryption Strength vulnerability in Netsourcecommerce Productcart EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack. | 7.5 |
4 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2004-12-31 | CVE-2004-1995 | Fusetalk | Cross-Site Request Forgery (CSRF) vulnerability in Fusetalk 2.0 Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm. | 6.5 |
| 2004-12-31 | CVE-2004-1464 | Cisco | Unspecified vulnerability in Cisco IOS Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. | 5.9 |
| 2004-12-31 | CVE-2004-2331 | Macromedia | Unsafe Reflection vulnerability in Macromedia Coldfusion 6.1 ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag. | 5.5 |
| 2004-12-31 | CVE-2004-1901 | Gentoo | Link Following vulnerability in Gentoo Linux and Portage Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles. | 5.5 |
0 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|