Date Reported: 07/03/2002
Brief Description: Share360 cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: FreeBSD All versions, Linux All versions, Share360
1.1, Windows All versions
Vulnerability: share360-xss
X-Force URL:
http://www.iss.net/security_center/static/9510.php
Date Reported: 07/07/2002
Brief Description: Linux kernel NR_RESERVED_FILES limit exceeded
denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Linux kernel 2.4.x
Vulnerability: linux-file-limit-dos
X-Force URL:
http://www.iss.net/security_center/static/9515.php
Date Reported: 07/09/2002
Brief Description: iPlanet Web Server search engine NS-query-pat
command can be used to view any file
Risk Factor: Medium
Attack Type: Network Based
Platforms: iPlanet Web Server 4.1, iPlanet Web Server 6.0,
Windows 2000, Windows NT
Vulnerability: iplanet-search-view-files
X-Force URL:
http://www.iss.net/security_center/static/9517.php
Date Reported: 07/10/2002
Brief Description: GoAhead WebServer 404 message cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: GoAhead WebServer 2.1, Linux All versions, Novell
NetWare All versions, Windows 95, Windows 98,
Windows CE, Windows NT
Vulnerability: goahead-error-msg-xss
X-Force URL:
http://www.iss.net/security_center/static/9518.php
Date Reported: 07/10/2002
Brief Description: GoAhead WebServer hexadecimal URL encoded "dot dot"
directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: GoAhead WebServer 2.1, Linux All versions, Novell
NetWare All versions, Windows 95, Windows 98,
Windows CE, Windows NT
Vulnerability: goahead-encoded-directory-traversal
X-Force URL:
http://www.iss.net/security_center/static/9519.php
Date Reported: 07/10/2002
Brief Description: Apache Tomcat /servlet/ mapping cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux All versions, Tomcat 4.0.3, Windows All
versions
Vulnerability: tomcat-servlet-xss
X-Force URL:
http://www.iss.net/security_center/static/9520.php
Date Reported: 07/09/2002
Brief Description: Icecast "dot dot" sequences could be used to
determine sensitive information
Risk Factor: Low
Attack Type: Network Based
Platforms: Icecast 1.3.12, Linux All versions, Windows All
versions
Vulnerability: icecast-dotdot-information-disclosure
X-Force URL:
http://www.iss.net/security_center/static/9530.php
Date Reported: 07/07/2002
Brief Description: Double Choco Latte allows HTML injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: BSD All versions, Double Choco Latte prior to
20020706, Linux All versions, Unix All versions,
Windows All versions
Vulnerability: dcl-html-injection
X-Force URL:
http://www.iss.net/security_center/static/9532.php
Date Reported: 07/10/2002
Brief Description: Fluid Dynamics Search Engine "Rank" and "Match"
cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Fluid Dynamics Search Engine 2.0.0.0054 and prior,
Linux All versions, Unix All versions, Windows All
versions
Vulnerability: fd-search-xss
X-Force URL:
http://www.iss.net/security_center/static/9533.php