Security News -  Security Reviews -  Exploits -  Tools -  UNIX Focus -  Windows Focus

SecuriTeam  Beyond Security  SecuriTeam Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam in Your Inbox New vulnerability? New tool? Tell us

Security News Archive 2002 Select Year:  2008  2007  2006  2005  2004  2003 2002  2001  2000  1999  1998 December 2002 PHRACK #60 Has Been Released Cross Site Scripting Vulnerability Found in Apple Web Site Cisco Vulnerable to SSH Malformed Packet Vulnerabilities Multiple Buffer overruns RealNetworks Helix Universal Server Microsoft Hotmail Cross-Site Scripting (XSS) Flaws XSS Vulnerabilities in Oracle Website Arbitrary Price Manipulation in CartMan Shopping Software Vulnerabilities in SSH2 Implementations from Multiple Vendors XSS Vulnerability Found in Cisco Website Remote Console Applet Allows Remote File Retrieval Multiple Mambo Site Server Security Weaknesses MTPSR1-120 Firewall Proxy Configuration Software Insecurity OSM Line Card Header Corruption Vulnerability Directory Traversal Vulnerabilities in FTP Clients WebReflex Directory Traversal Vulnerability Proxy Vulnerability in TrendMicro InterScan VirusWall Lawson Financials RDBMS Insecurity ShopFactory Shopping Cart Price Manipulation Vulnerability Report for Linksys Devices 3com NBX IP Phone System Denial of Service Attack (CEL) Multiple pServ Remote Buffer Overflow Vulnerabilities November 2002 Potential H.323 Denial of Service in NetScreen Predictable TCP Initial Sequence Numbers in NetScreen 'Malicious-URL' Feature may be Circumvented Using IP Fragmentation in NetScreen Clipboard in QNX Photon Buffer Overflow in iSMTP Gateway Multiple phpNuke Modules Vulnerable to Cross-Site Scripting Linksys Router Bypass Vulnerability (XML) Zeroo Folder Traversal Vulnerability ClearCase Remote DoS Denial of Service Vulnerability in Linksys Cable/DSL Routers Cisco PIX Multiple Vulnerabilities Remote Buffer Overflow Vulnerability in Zeroo HTTP Server iPlanet WebServer Vulnerable to Remote Root Compromise Default SNMP Community in Surecom Broadband Router ZoneEdit Account Hijack Vulnerability Buffalo AP Denial of Service Well Known Flaw in Web Cart Software Remains Wide Open XSS Vulnerability in Major Websites (Hotmail, Yahoo and Excite) Remote Novell Netware Manager Security Issue Non-Explicit Path Vulnerability in QNX Neutrino RTOS Com21 Cable Modem Configuration File Feeding Vulnerability Accesspoints Disclose WEP Keys, Password and MAC Filters Lycos Mail and Lycos HTMLGear XSS/Cookie Problems Advisory Oracle iSQL*Plus Buffer Overflow (Long User ID) Denial of Service Vulnerability in Linksys BEFSR41 EtherFast Cable/DSL Router NetScreen SSH1 CRC32 Denial of Service ION-P Allows Remote File Retrieving Weak Password Encryption Scheme in Integrated Dialer Software for VSNL October 2002 XXE (Xml eXternal Entity) Attack MDaemon SMTP/POP/IMAP Server DoS (Invalid UIDL, DELE) Symantec Firewall/VPN Appliance Internal LAN Sniffing Issue TCP/IP Printer Configuration Utility for Apple LaserWriter Security Issue Linksys WET11 DoS (MAC address) IBM Infoprint Remote Management DoS Possible Illegal File Access in Acuma's Acusend Multiple IPSEC Implementations Do Not Adequately Validate Authentication Data (DoS) ISO 17799 News - Issue 4 Full Zone Information Disclosure on Top Level Domain Name Servers Ambiguities in TCP/IP May Allow Firewall Bypassing D-Link Access Point DWL-900AP+ TFTP Vulnerability Undocumented Account Vulnerability in Avaya P550/P550R/P580/P880/P882 Switches SkyStream EMR5000 DVB Router DoS Cisco CatOS Embedded HTTP Server Buffer Overflow Multiple Symantec Firewall Secure Webserver Timeout DoS Symantec Enterprise Firewall Secure Webserver Information Leak Oracle 8i/9i Listener SERVICE_CURLOAD Denial of Service Ingenium Admin Password Vulnerability Plain Text DDNS Password in NETGEAR FM114P Backups TCP Flood and Authentication Cracking Causes NETGEAR FM114P to Hang Multiple Vendor PC Firewall Remote Denial of Services Vulnerability Multiple Firewalls Ruleset Bypass through FTP Revisited Predefined Restriction Tables Allow Calls to International Operator Cisco Secure Content Accelerator Vulnerable to SSL Worm Multiple Vendor Long ZIP Entry Filename Processing Issues Xerox DocuShare Internal IP Address Disclosure September 2002 Software Update Available for Legacy RapidStream Appliances and WatchGuard Firebox Vclass appliances NETGEAR FVS318 Firewall Router Username/Password Disclosure Multiple Vulnerabilities in WASD HTTP Server for OpenVMS Multiple Security Flaws Lead to Netenforcer Privilege Escalation (TAR Issue Details) OpenVMS UCX$P_SERVER.EXE Vulnerability HP Procurve 4000M Stacked Switch HTTP Reset Vulnerability Flaws Found Within the Dynamic Host Configuration Protocol Firewall-1 HTTP Security Server - Proxy Vulnerability DB4Web (R) TCP Connects to Arbitrary IP and Port The Trivial Cisco IP Phones Compromise The Art of Unspoofing DB4Web (R) File Disclosure Microsoft Windows SMB Denial of Service Vulnerabilities in Cisco Products Cisco VPN 5000 Client Multiple Vulnerabilities Altavista BabelFish XSS Hole Lycos HTMLGear Guestbook Script Injection Vulnerability W3C HTML Validator XSS Hole W3C CSS Validator - Proxying Attack Scan against Enterasys SSR8000 Causes System Crash Slashdot / Slashcode Disclosing Passwords Cisco VPN Client Multiple Vulnerabilities - Second Set Bypassing SMTP Content Protection with a Flick of a Button Multiple Wordtrans-Web Vulnerabilities Multiple Vulnerabilities at Canada.com NETGEAR FM114P URL Filter Bypassing Vulnerability Granite Software ZMerge Administration Database Insecure Default ACLs Cross-Site Scripting in Aestiva's HTML/OS Cisco VPN 3000 Concentrator Multiple Vulnerabilities Multiple Remote Vulnerabilities in Polycom Videoconferencing Products Blue Coat Systems (formerly CacheFlow) Cross Site Scripting Vulnerability Checkpoint FW-1 VPN Security Flaw (updated) Radmin Default Installation Security Vulnerabilities SWServer Directory Traversal Bug XSS in Null HTTPd August 2002 iName/Mail.com Security Holes Opens Door to Millions of E-mail Accounts Novell SNMPv1 Trap and Request Handling Vulnerabilities Light Vulnerable to Remotely Exploitable Arbitrary Code Execution Abyss Web Server Directory Traversal and Administration Bugs LG Electronics LG3100p Router Multiple Security Issues (DoS) SAP R/3 Default Password Vulnerability Belkin F5D6130 Denial of Service Vulnerability (SNMP Request) Blazix Java Server Multiple Security Vulnerabilities (Source View, Security Bypass) UTStarcom B-NAS 1000 and B-RAS 1000 Security Flaw Weak MySQL Default Configuration More Vulnerabilities with Pingtel Xpressa SIP-based IP Phones LG Electronics LG3001f Router Buffer Overflow C_Verify Validates Incorrect Symmetric Signatures Oracle Listener Control Format Strings L-Forum SQL Injection Vulnerability Multiple Vulnerabilities in CafeLog Weblog Package Trivial Root Compromise in Gateway GS-400 NAS Servers Remote Denial of Service Vulnerability in Oracle9i SQL*NET GoAhead Buffer Overflows (Multiple Slashes, Exploit) Novell iManager DoS Attack (eMFrame) SNMP Vulnerability in Avaya Cajun Cisco VPN Client Multiple Vulnerabilities MidiCart Shopping Cart Software Database Vulnerability Macromedia Shockwave Flash Malformed Header Overflow Information Leakage in Orinoco and Compaq Access Points Apache 2.0 Vulnerability Affects non-UNIX Platforms Web Shop Manager Security Vulnerability Opera FTP View Cross-Site Scripting Vulnerability Macromedia Flash Plugin Can Read Local Files Exploiting the Google Toolbar Cisco VPN 5000 Series Concentrator RADIUS PAP Authentication Vulnerability Multiple Cyan Chat Vulnerabilites Raptor Firewall Weak ISN Vulnerability Multiple 602Pro LAN SUITE 2002 Denial of Service Attacks July 2002 Directory Traversal vulnerability in sendform.cgi W3Mail MIME Attachment Vulnerability Protected Adobe eBooks can be copied between Computers TFTP Long Filename Vulnerability Firewall Circumvention Possible with All Browsers Brother NC-3100h Buffer Overflow Vulnerability Lucent Brick VPN Firewall Multiple Vulnerabilities Ascend's Undocumented Protocol Allows Unauthorized Modifications HP Network-Enable Printers (JetDirect) Password Exposure ChaiVM Multiple Security Vulnerabilities HP ProCurve Switch Denial of Service Attack Heap Overflow in Solaris cachefs Daemon Novell GroupWise 6.0.1 Support Pack 1 Buffer Overflow SSH Protocol Weakness Vulnerability (MITM) Phrack #59 Is Out InterNIC Vulnerable to Cross Site Scripting SoulSeek File Sharing Bug May Cause 'Unshared' Subdirectories to Be Shared In Certain Situations Pyramid BenHur Firewall Active FTP Portfilter Ruleset Results in a Firewall Leak PHP Security Vulnerability in Multipart FORM Data Handling Additional Details Released on PHP Security Vulnerability in Multipart FORM Data Handling Oracle Reports Server Information Disclosure ClickCartPro Security Vulnerability (Misconfiguration) Multiple Buffer Overflow Found in Novell Netmail IMAP Service Multiple Buffer Overflow Found in Novell Netmail MacOS X SoftwareUpdate Vulnerability The Adobe eBook Library's Multiple Vulnerabilities Brinkster Web Hosting Protected File Retrieval Britcoun.org Cross Site Scripting via Wops.cgi Multiple Vulnerabilities with Pingtel xpressa SIP Phones Multiple Security Vulnerabilities in Sharp Zaurus Cisco VPN3000 Gateway MTU Overflow XSS Hole in Fluid Dynamics Search Engine WatchGuard Firebox Dynamic VPN Configuration Protocol DoS iPlanet Search Buffer Overflow Apache Tomcat Cross-Site Scripting GoAhead Web Server Directory Traversal and Cross Site Scripting Cisco Secure ACS UNIX Acme.server Information Disclosure Vulnerability The Apache "APC" worm OpenSSH Challenge-Response Buffer Overflow (Update) Lotus Domino Web Server File Retreival Vulnerability CommuniGate Pro Directory Listings Macromedia JRun Admin Server Authentication Bypass WatchGuard SOHO FTP Authentication Flaw TrendMicro's VirusWall Space Gap (Virus Protection Bypassing) Cross Site Scripting in Blackboard June 2002 Multiple Vendors' Domain Name System (DNS) Stub Resolvers Vulnerable to Buffer Overflow Scanning for Cisco Provided SSH Can Cause a Crash Sendmail DNS Map TXT Record Buffer Overflow Vulnerability OpenSSH Vulnerabilities in Challenge Response Handling Netware DHCP Server Contains a DoS Vulnerability Netware FTP Server Contains a DoS Vulnerability RLAJ On-line Whois Service Security Vulnerability Upcoming OpenSSH Vulnerability (Privileges Separation) Resin Path Disclosure (HelloServlet) Falsifying a VeriSign Seal (Japan) SalesCart Database Storage Insecurity XSS in Audiogalaxy.com Weak Cisco PIX Enable Password Encryption Algorithm Cisco ONS15454 IP TOS Bit Vulnerability Buffer Overflow in UNIX VPN Client Vulnerabilities Found in Telindus 11xx Router Series Cable Modem Termination System Authentication Bypass Directory Traversal in Wolfram Research's webMathematica <BODY>Builder SQL modification IGMP Denial of Service Vulnerability Fore/Marconi ATM Switch 'land' Vulnerability Cross-Site Scripting in Cisco Secure ACS Active! mail Script Execution Vulnerability Oracle TNS Listener Buffer Overflow Oracle Reports Server Buffer Overflow Datalex BookIt! Consumer Password Vulnerabilities ZenTrack System Information Path Disclosure Vulnerability eDonkey 2000 URL Buffer Overflow Linksys Cable/DSL 4port Exposure Issue Multiple Red-M 1050 Blue Tooth Access Point Vulnerabilities SHOUTcast Remote Buffer Overflow (icy-name) Multiple Vulnerabilities in Novell Netware Remote Quake Server CVAR Leak Security Vulnerability in ECS-K7S5A(L) Boards Quantum SNAP Server DoS and Sequence Number Vulnerability Multiple Security Vulnerabilities in QNX (dumper, monitor, crttrap) AIM+ Found to Contain a SpyWare May 2002 Vulnerability in 3Com OfficeConnect Remote 812 ADSL Router (PAT) VP-ASP Multiple Security Vulnerabilities Yahoo Messenger - Multiple Vulnerabilities NetScreen 25 Unauthorized User Reboot (DoS) CBOS - Improving Resilience to Denial-of-Service Attacks ATA-186 Password Disclosure Vulnerability Multiple Vulnerabilities in Cisco IP Telephones Cisco IOS ICMP Redirect DoS Xitami CGI Processing Failure Vulnerability Transparent Cache Engine and Content Engine TCP Relay Vulnerability Content Service Switch Web Management HTTP Processing Vulnerabilities SonicWALL SOHO Content Blocking Script Injection and Logfile DoS WolfMail Allows Relaying of SPAM NOCC Cross-Site Scripting Bug Cibleclick.com Stores Passwords in Clear Text inside Cookies MSCAPI CSP Install Wizard Incorrect Behavior Pose a Security Threat mnoGoSearch Found To Be Vulnerable to a Heap Overflow Cisco ATA-186 Admin Password Can be Trivially Circumvented Cisco Found To Contain a NTP Related Vulnerability Novell Border Manager Multiple Vulnerabilities The Netware FTP Server Contains a DoS vulnerability Novell Netware Client Unchecked Buffers Novell SDMR DoS Pointsec for PalmOS PIN Disclosure Increased Hacking Activity Associated with Underground File-Sharing Networks Macromedia Flash ActiveX Buffer Overflow Classic Cross-Site Scripting: Gibson Research Corporation How to Remotely and Automatically Exploit a Format Bug SAP R/3 with Oracle Default Installation Vulnerability Reading Local Files in Netscape 6 and Mozilla April 2002 Lotus Domino Bindsock Notes_ExecDirectory Buffer Overflow Vulnerability Lotus Domino Bindsock Arbitrary File Creation Vulnerability Lotus Domino Bindsock PATH Buffer Overflow Vulnerability CIDER SHADOW CGI Arbitrary Command Execution Vulnerabilities IndiaTimes.com - Email - Session hijacking and Inbox Blocking Intel D845HV/WN/PT Series Motherboard Vulnerability csMailto.cgi - Remote Command Execution LabVIEW Web Server DoS Vulnerability InterScan Reveals The List of BCC When It Strips Attachments (Via Alert) De-Anonymizer (SCRIPT Bypassing) Multiple Vulnerabilities in Stack Smashing Protection Technologies AIM Remote File Transfer/Direct Connection Vulnerability vqServer Demo File Cross-Site Scripting User Privileges Vulnerability in Oracle9i Database Server Tomcat Real Path Disclosure Vulnerability Xpede Found to Contain Multiple Vulnerabilities Symantec Enterprise Firewall FTP Bounce Vulnerability (Patch Available) IBM Informix Web DataBlade Local Root by Design Unchecked Buffer in Internet Explorer and Office for Mac Can Cause Code to Execute Demarc PureSecure Allows Users to Bypass Login Restrictions Raptor Firewall FTP Bounce Vulnerability Remote Buffer Overflow in Webalizer (DNS Resolve) IBM Informix Web DataBlade Vulnerable to Auto-decoding of HTML Entities IBM Informix Web DataBlade Vulnerability Allows SQL Injection GMX.net Contains a Cross Site Scripting Vulnerability (overture) Cisco Security Vulnerability in Aironet Telnet WatchGuard SOHO IP Restrictions Flaw Netware Web Search Engine and Microsoft IIS Help File Search Facility Cross-Site Scripting Holes Cisco Solaris /bin/log Vulnerability WatchGuard SOHO Denial of Service (Packet Parsing) Unauthorized Remote Control Access to Systems Running Funk Software's Proxy VNC Vulnerable to Zlib Double Free Security Issue Cisco Secure ACS Web Server has a Directory Traversal Issue (Additional details) Huge Privacy Threats in Webmails and How Big Companies Handle Them Netware Remote Manager Found to Contain a Buffer Overflow Cisco Products found to Contain zlib Compression Library Vulnerability Boursorama.com Cookie Exploit March 2002 Anonymizer and MSIE Make Up a Bad Combination (Netscape too) Citrix NFuse Directory Traversal with boilerplate.asp Privacy Issues found in metor.com (A Search Engine) RCA Cable Modem Contains Multiple Vulnerabilities LDAP Connection Leak in CTI when User Authentication Fails Keyservers Cross Site Scripting (When CSS Gets Dangerous) www.myownemail.com Vulnerable to Cross Site Scripting KeyManager Issue in ISS RealSecure on Nokia Appliances Default SNMP Configuration Issue with Foundry Networks EdgeIron 4802F Excite Email Disclosure Vulnerability CERT advisory: Multiple vulnerabilities in Oracle Servers PhpBB2 Remote Command Execution CaupoShop Cross Site Scripting Bug PHP FirstPost System Information Path Disclosure Vulnerability Another Buffer Overflow in Talentsoft's Web+ Black Tie Project System Information and Path Disclosure Vulnerability Vulnerability in URI parsing code of Foundry Networks ServerIron Allows to Bypass Rules Trend Micro InterScan VirusWall HTTP Proxy Content Scanning Circumvention Cross Site Scripting in the Translation and Infoplease Services of lycos.com Directory Traversal Vulnerability in Phpimglist Foundry Networks ServerIron Does Not Decode URIs Checkpoint FW1 SecuRemote/SecureClient "re-authentication" (client side hacks of users.C) Double Free Bug in zlib Compression Library mIRC DCC Server Security Flaw Denial of Service in ZyXEL ZyWALL10 (ARP) Xerver 2.10 Directory Traversal and DoS PureTLS Gets a Security Upgrade AIM Remote Buffer Overflow Java HTTP Proxy Vulnerability (Additional Details) Vulnerabilities in Multiple RADIUS Clients and Servers mod_ssl Buffer Overflow Condition (Patch Available) AeroMail Multiple Vulnerabilities Denial of Service in SphereServer Novell GroupWise Web Access Path Disclosure Vulnerability (HTMLVER) Hotline Client Plaintext Password Vulnerability February 2002 Weak Password Storage in Demarc (Commercial Snort Front-end) AOL/AIM Vulnerability Novell GroupWise Web Access Path Disclosure Vulnerability Cisco Express Forwarding Leaks Packet Information Antivirus Mail Scanners DoS Zero One Tech (ZOT) P100s PrintServer and SNMP Security Issue with GroupWise and LDAP Authentication in PostOffice (Anonymous bind) Tripod Account Hijack RealSystem Server and Proxy Buffer Overflow Vulnerability Bypassing Content Filtering Software Privacy Exposure by Bypassing the HTTP Proxy Web Browsers Ignore Content-Type Headers Allowing Cross-site Scripting Malformed Network Request can cause Office X for Mac to Fail PROTOS Remote SNMP Attack Tool Deanonymizing SafeWeb Users Some IRC Servers Auto-DeOP Users Too Slowly Sybex E-Trainer Directory Traversal Vulnerability Texis CGI Path Disclosure Vulnerability MSN Contact List Disclosure Hewlett Packard AdvanceStack Switch Management Authentication Bypass Vulnerability Arescom NetDSL 800 Authentication Flaw Arescom NetDSL-1000 TelnetD DoS JSP Translation File Access under Oracle 9iAS Multiple Buffer Overflows in Oracle 9iAS Vulnerability in Oracle 9i Database Server Leads to Remote Compromise Cisco Secure Access Control Server NDS Disabled User Authentication Vulnerability in Lucent VitalSuite Software NetScreen Response to ScreenOS Port Scan DoS Vulnerability NETGEAR RT311/RT314 Cross-Site Issue Castelle FaxPress's Plain Text Password Disclosed Lotus Domino Password Protected URL Bypass Free Online Personal Security Advisor NetScreen ScreenOS Vulnerable to Trust Interface DoS Attack Privilege Escalation with NDS for NT January 2002 Security Hole in Upload System of UBBThreads and WWWThreads PhpSmsSend Remote Command Execution Bug Cisco CatOS Telnet Buffer Vulnerability Bug in AHG Search Engines Leads to Code Execution Intel WLAN Driver Stores 128bit WEP-Key in Plain Text RealPlayer Buffer Overflow Malicious Data Injection into Perl Modules BadBlue Contains Multiple Security Vulnerabilities eNom Domain Registration Services Domain Hijacking Vulnerability Mozilla Cookie Stealing CwpApi's GetRelativePath() Returns Invalid Paths Macintosh Internet Explorer File Execution Vulnerability Sltrib.com Submits Web Forms Insecurely USPS Online Bill Pay - Cleartext Password Leakage Hardening Solaris for MGC www.address.com Account Hijacking Vulnerability AutoResponder Allows Spamming Security Bug in Alcatel Speed Touch Home ADSL Modem (DoS) Authorize.Net Plain Text Login Transmission Shockwave Flash Player Security Issue Siemens Mobile SMS Exceptional Character Vulnerability Legato NetWorker Log File Vulnerability Palm Desktop for Mac OS X Security Vulnerability Myvoicestream.com Security Vulnerability New Virus Infects Macromedia Flash Files Multiple Vulnerabilities in Cisco SN 5420 Storage Routers VeriSign "PayFlow Link" Payment Service Security Vulnerability Netscape Publishing wp-force-auth Command Netscape ?wp-html-rend Denial of Service Attack Mail.com Cross Site Scripting Vulnerability User Posting Vulnerability in Nick.com Forums (Nickelodeon) Multiple Cross-Site Vulnerabilities Found in Leading Web Sites (IMDB, PlanetQuake, Merriam-Webster) C2IT.com Security Holes AIM Filter Contains Spyware and Backdoors Linksys Routers Found to be Vulnerable to SNMP Issues Cross Site Scripting Vulnerability in Microsoft.com Vulnerabilities in Oracle9iAS Web Cache Security Problem Found with Cisco UBR900 Series Routers ActivePerl Leaks True Path USENIX, Security 2002 Select Year:  2008  2007  2006  2005  2004  2003 2002  2001  2000  1999  1998 Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews Re-introduction of Cross-site Scripting/Cookie Theft Vulnerability Apache Server HTML Injection and UTF-7 XSS Vulnerability Multiple Vendor rdesktop Vulnerabilities Wonderware SuiteLink Denial of Service Vulnerability PHP GENERATE_SEED() Weak Random Number Seed Vulnerability PHP Multibyte Shell Command Escaping Bypass Vulnerability Akamai Download Manager Arbitrary Program Execution Vulnerability WebMod Multiple Vulnerabilities SNMPc TRAP Community Name Overflow SugarCRM Community Edition Local File Disclosure Vulnerability More ››› Featured Articles Multiple Vendor rdesktop Vulnerabilities Wonderware SuiteLink Denial of Service Vulnerability PHP Multibyte Shell Command Escaping Bypass Vulnerability Akamai Download Manager Arbitrary Program Execution Vulnerability SugarCRM Community Edition Local File Disclosure Vulnerability Insufficient Argument Validation of Hooked SSDT Functions on Multiple Antivirus and Firewalls Wordpress Cookie Integrity Protection Vulnerability

Copyright © 1998-2007 Beyond Security All rights reserved.
Terms of Use Site Privacy Statement.