Debian CVS cvs-repouids File Mapping Issue DoS

Network Security News – Monday, May 02, 2005 Events

Debian CVS cvs-repouids File Mapping Issue DoS

Debian CVS contains a flaw that may allow a remote denial of service. The issue is triggered when a cvs-repouids file is created without creating a mapping to a repository, causing the CVS server to crash and resulting in loss of availability.. Read more at osvdb.org/15888

FilePocket Plaintext Registry Proxy Password Disclosure

FilePocket contains a flaw that may lead to an unauthorized password exposure. The issue is due to plaintext storage of passwords in the registry, which may be disclosed to local users resulting in a loss of confidentiality.. Read more at osvdb.org/14685

GoText GoText.bin User Information Local Disclosure

GoText contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a local user accesses the "ProgramFiles\GoText\GoText.bin" plain text file, which will disclose username and password information about application users, resulting in a loss of confidentiality.. Read more at osvdb.org/14686

NotJustBrowsing notjustbrowsing.prf Plaintext Local Password Disclosure

NotJustBrowsing contains a flaw that may lead to an unauthorized password exposure. It is possible for a malicious user to gain access to plain text passwords by using a hex editor to view the '\Program Files\NetLeaf Limited\NotJustBrowsing\notjustbrowsing.prf' file, which may lead to a loss of confidentiality.. Read more at osvdb.org/14687

Apple Safari HTTPS Remote DoS

Safari contains a flaw that may allow a remote denial of service. Debugging indicates no buffers have overflowed, and that a NULL pointer may be the cause of the DoS. The issue is triggered when issuing a specially crafted HTTPS request containing an overly long string, which causes the browser to crash resulting in a loss of availability.. Read more at osvdb.org/16006

BulletProof FTP Server System Tray Icon Privilege Escalation

BulletProof FTP Server contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the BPFTPServer service is installed and running as SYSTEM, it is possible for a local attacker to manipulate the administrative interface and escalate privileges to that of the SYSTEM account. This flaw may lead to a loss of integrity.. Read more at osvdb.org/15898

Golden FTP Server Username Remote Overflow

A remote overflow exists in Golden FTP Server. The Golden FTP Server fails to properly perform bounds checking on user-supplied input, resulting in a buffer overflow. With a specially crafted login request containing more than 284 characters in the Username field, a remote attacker can cause execution of arbitrary code on the system resulting in a loss of integrity.. Read more at osvdb.org/14369