NGSSoftware Insight Security Research Advisory #NISR19042004b - Symantec's Norton Internet Security 2004 Professional makes use of an ActiveX component that is marked safe for scripting, particularly WrapUM.dll. Using the LaunchURL method an attacker has the ability to force the browser to run arbitrary executables on the target.
Novell has identified an issue with the default configuration of GroupWise 6 and 6.5 WebAccess that could allow unauthorized access to the WebAccess server. This issue affects only systems running GroupWise 6 or 6.5 WebAccess on NetWare using the Apache 1.3x web server and where Apache is loaded using the GWAPACHE.CONF file.
CIAC INFORMATION BULLETIN O-088: On both Solaris 8 and 9 (SPARC and x86 Platforms) a local unprivileged user may be able to gain unauthorized root privileges due to a security issue involving the passwd command.
Microsoft Outlook contains a vulnerability which allows execution of arbitrary code when a victim user views a web page or an e-mail message created by an attacker. According to Microsoft the affected supported versions are Microsoft Office XP SP2 and Microsoft Outlook 2002 SP 2. Some earlier versions are vulnerable too, but not supported by the vendor.
Rapid7 Security Advisory - tcpdump versions 3.8.1 and below contain multiple flaws in the packet display functions for the ISAKMP protocol. Upon receiving specially crafted ISAKMP packets, tcpdump will try to read beyond the end of the packet capture buffer and crash.
Rapid7 Security Advisory - OpenBSD isakmpd payload handling is subject to multiple denial of service vulnerabilities. Known vulnerable: OpenBSD 3.4 and earlier, OpenBSD-current as of March 17, 2004.
Pentest Limited Security Advisory - The RealNetworks Helix 9 Server allows for an authenticated attacker to submit malformed HTTP POST requests against the Administration server to trigger a buffer overflow and execute arbitrary code. Affected versions: Helix Universal Mobile Server and Gateway 10, version 10.1.1.120 and prior; Helix Universal Server and Gateway 9, version 9.0.2.881 and prior.
Red Hat Security Advisory RHSA-2004:093-01 - Alan Cox discovered a vulnerability in the systat package where the post and trigger scripts insecurely created temporary filenames, allowing for a symlink attack using /tmp.
Red Hat Security Advisory RHSA-2004:134-01 - A bug was found in the processing of %-encoded characters in a URL in versions of Squid 2.5.STABLE4 and earlier. If a Squid configuration uses Access Control Lists (ACLs), a remote attacker could create URLs that would not be correctly tested against Squid's ACLs, potentially allowing clients to access prohibited URLs.
RogerWilco versions 1.4.1.6 and below and RogerWilco Base Station versions 0.30a suffer from multiple bugs. From being crashed with a malformed UDP packet to spoofing 'voice' traffic when not even being connected to a channel, quite a few amusing problems are listed.
OpenSSL Security Advisory - A Null-pointer assignment during an SSL handshake can result in a denial of service. Versions 0.9.6c to 0.9.6k and 0.9.7a to 0.9.7c are affected by this issue. Versions 0.9.7a, 0.9.7b, and 0.9.7c are affected by another vulnerability in the handling of Kerberos ciphersuites that can cause OpenSSL to crash. Patches are attached to the advisory.
NGSSoftware Insight Security Research Advisory #NISR05022004a - SLMail Pro Supervisor Report Center versions 2.0.9 and below are vulnerable to a buffer overflow attack when supplied with an overly long HTTP sub-version.
NGSSoftware Insight Security Research Advisory #NISR05022004b - SLWebMail has multiple buffer overflow vulnerabilities that are related to ISAPI appliactions.
Multiple vendors suffer from a denial of service vulnerability in their SOAP servers. Products affected: Macromedia ColdFusion/MX 6.0 and 6.1, ColdFusion/MX 6.0 and 6.1 J2EE, all editions of Macromedia JRun 4.0, and Sun Java System Application Server 7 Update 2 Upgrade and prior releases.