Internet Security Systems
1. Date Reported: 06/14/2004
Brief Description: Multiple vendor antivirus scanners archive file scan denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: F-Prot for Linux 4.4.2, McAfee VirusScan 6, McAfee VirusScan Enterprise 7.1, Norton AntiVirus 2002, Norton AntiVirus 2003, RAV AntiVirus Online Virus Scan Any version, Windows Any version
Vulnerability: antivirus-archive-file-dos
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16399
2. Date Reported: 06/13/2004
Brief Description: Chora diff utility command execution
Risk Factor: High
Attack Type: Network Based
Platforms: Chora prior to 1.2.2, Gentoo Linux Any version, Unix Any version
Vulnerability: chora-diff-command-execution
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16401
3. Date Reported: 06/14/2004
Brief Description: VICE memory dump command format string attack
Risk Factor: High
Attack Type: Host Based
Platforms: Any operating system Any version, VICE 1.6 through 1.14
Vulnerability: vice-memory-dump-format-string
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16404
4. Date Reported: 06/11/2004
Brief Description: PHP-Nuke Faq and Encyclopedia modules allow cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, PHP-Nuke 6.x through 7.3
Vulnerability: phpnuke-faq-encyclopedia-xss
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16406
5. Date Reported: 06/11/2004
Brief Description: PHP-Nuke Reviews allows SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, PHP-Nuke 6.x through 7.3
Vulnerability: phpnuke-reviews-sql-injection
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16407
6. Date Reported: 06/11/2004
Brief Description: PHP-Nuke Reviews path disclosure
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, PHP-Nuke 6.x through 7.3
Vulnerability: phpnuke-reviews-path-disclosure
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16408
7. Date Reported: 06/11/2004
Brief Description: PHP-Nuke Reviews denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, PHP-Nuke 6.x through 7.3
Vulnerability: phpnuke-reviews-dos
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16409
8. Date Reported: 06/14/2004
Brief Description: cPanel passwd allows password modification
Risk Factor: Medium
Attack Type: Network Based
Platforms: cPanel any version, Linux Any version, Unix Any version
Vulnerability: cpanel-passwd-password-modify
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16410
9. Date Reported: 06/14/2004
Brief Description: Linux Kernel fsave and frstor denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Linux kernel 2.4.2x, Linux kernel 2.6.x, Red Hat Enterprise Linux 3AS, Red Hat Enterprise Linux 3ES, Red Hat Enterprise Linux 3WS, Red Hat Linux 3.0, Slackware Linux 8.1, Slackware Linux 9.0, Slackware Linux 9.1, Slackware Linux current, SuSE Linux 8.0, SuSE Linux 8.1, SuSE Linux 8.2, SuSE Linux 9.0, SuSE Linux 9.1, Turbolinux 10 Desktop, Turbolinux 7 Server, Turbolinux 7 Workstation, Turbolinux 8 Server, Turbolinux 8 Workstation, Turbolinux Appliance Server 1.0
Vulnerability: linux-fsave-frstor-dos
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16412
10. Date Reported: 06/14/2004
Brief Description: Racoon and IPsec-Tools eay_check_x509cert
authentication bypass
Risk Factor: Medium
Attack Type: Network Based
Platforms: IPsec-Tools prior to 0.3.3, Linux Any version, Racoon Any version
Vulnerability: racoon-eaycheckx509cert-auth-bypass
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16414
11. Date Reported: 06/14/2004
Brief Description: Pivot module_db.php PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, Pivot Any version
Vulnerability: pivot-moduledbphp-file-include
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16418
12. Date Reported: 06/14/2004
Brief Description: BEA WebLogic Server and Express SSL denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, WebLogic Server and Express 8.1 through 8.1 SP2, Windows 2000 Any version, Windows NT Any version
Vulnerability: weblogic-ssl-dos
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16419
13. Date Reported: 06/14/2004
Brief Description: BEA WebLogic Server and Express allows unexpected user identity
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, WebLogic Server and Express 6.1, WebLogic Server and Express 7.0, WebLogic Server and Express 8.1
Vulnerability: weblogic-unexpected-user-identity
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16421
14. Date Reported: 06/15/2004
Brief Description: Thy NULL pointer denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, Thy prior to 0.9.2, Unix Any version
Vulnerability: thy-daemon-null-pointer-dos
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16425
15. Date Reported: 06/16/2004
Brief Description: Linux Kernel i2c integer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Linux kernel 2.4.x
Vulnerability: linux-i2c-integer-bo
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16435
16. Date Reported: 06/17/2004
Brief Description: singapore adminusers.csv file disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, singapore Any version
Vulnerability: singapore-adminusers-file-disclosure
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16438
17. Date Reported: 06/17/2004
Brief Description: webAuction allows deletion of items
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, webAuction 2.1, Windows Any version
Vulnerability: webauction-item-deletion
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16439
18. Date Reported: 06/16/2004
Brief Description: phpMyChat bypass authentication
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, phpMyChat 0.14.5
Vulnerability: phpmychat-auth-bypass
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16440
19. Date Reported: 06/16/2004
Brief Description: phpMyChat message cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, phpMyChat 0.14.5
Vulnerability: phpmychat-message-xss
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16441
20. Date Reported: 06/16/2004
Brief Description: phpMyChat SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, phpMyChat 0.14.5
Vulnerability: phpmychat-sql-injection
X-Force URL:
http://xforce.iss.net/xforce/xfdb/16442