MidnightBSD

Advisories for phrozensmoke

CVE-2004-2706 MEDIUM

Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
phrozensmoke gyach_enhanced *
CVE-2004-2707 HIGH

Multiple unspecified vulnerabilities in Gyach Enhanced (Gyach-E) before 1.0.5 have unknown impact and attack vectors related to "several security flaws," probably related to buffer overflows in HTTP server responses.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
phrozensmoke gyach_enhanced *
CVE-2004-2708 MEDIUM

Gyach Enhanced (Gyach-E) before 1.0.0 stores passwords in plaintext, which allows attackers to obtain user passwords by reading the configuration file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-255,

Products Affected

Vendor Product Version
phrozensmoke gyach_enhanced *
CVE-2004-2709 HIGH

Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors involving HTML tags.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
phrozensmoke gyach_enhanced *
CVE-2004-2710 HIGH

Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to (1) sending certain typing statuses or (2) setting the chat room status bar to the current chat room name.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
phrozensmoke gyach_enhanced *
CVE-2004-2711 HIGH

Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "avatar retrieval."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
phrozensmoke gyach_enhanced *
CVE-2004-2712 MEDIUM

Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
phrozensmoke gyach_enhanced *