Network Security News – Friday, October 14, 2005 Events
Microsoft Windows UMPNPMGR wsprintfW Local overflow
A remote overflow exists in Microsoft Windows NT, 2000 & XP. The Microsoft Windows MSRPC Plug and Play service fails to validate user supplied data to the wsprintfW call within the code for UMPNPMGR, resulting in a stack buffer overflow. With a specially crafted request, a remote authenticated attacker can execute arbitrary code with SYSTEM privileges on a remote Windows 2000 or XP SP1 system. On Windows XP SP2, this vulnerability could also be exploited by an unprivileged user to gain full privileges on a system to which he is logged in interactively. Both resulting in a loss of integrity to the system.. Read more at osvdb.org/18830
Oracle9i Database Server Multiple Unspecified SQL Related Issues
Oracled9i Database Server contains multiple vulnerabilities that could lead to SQL injection, buffer overflows, denial of service, trigger abuse, or character set conversion bugs. This could result in a loss of integrity.. Read more at osvdb.org/19853
versatileBulletinBoard (vBB) getversions.php Information Disclosure
versatileBulletinBoard (vBB) contains a flaw that may lead to an unauthorized information disclosure. Өe issue is triggered when a remote attacker calls the getversions.php script, which will disclose detailed file and version information resulting in a loss of confidentiality.. Read more at osvdb.org/19973
versatileBulletinBoard (vBB) userlistpre.php list Variable XSS
versatileBulletinBoard (vBB) contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'list' variable upon submission to the userlistpre.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19972
versatileBulletinBoard (vBB) imagewin.php file Variable XSS
versatileBulletinBoard (vBB) contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'file' variable upon submission to the imagewin.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19971
versatileBulletinBoard (vBB) dereferrer.php url Variable XSS
versatileBulletinBoard (vBB) contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'url' variable upon submission to the dereferrer.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19970
versatileBulletinBoard (vBB) dereferrer.php Arbitrary External Site Redirection
versatileBulletinBoard (vBB) contains a flaw that may allow a malicious user to adversely affect a user's browsing. The issue is triggered when an attacker uses the dereferrer.php script to redirect a person to an arbitrary site. It is possible that the flaw may allow the attacker to trick a user into executing arbitrary scripts on a malicious site.. Read more at osvdb.org/19969
versatileBulletinBoard (vBB) Forgot Password Feature email Field SQL Injection
versatileBulletinBoard (vBB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'Forgot Password' feature not properly sanitizing user-supplied input to the 'email' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/19968
versatileBulletinBoard (vBB) userlistpre.php list Variable SQL Injection
versatileBulletinBoard (vBB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the userlistpre.php script not properly sanitizing user-supplied input to the 'list' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/19967
versatileBulletinBoard (vBB) Search For Posts Feature SQL Injection
versatileBulletinBoard (vBB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'Search for Posts' feature not properly sanitizing user-supplied input to the search query. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/19966
Vuln: Microsoft Windows Network Connections Manager Library Local Denial of Service Vulnerability
Microsoft Windows Network Connections Manager Library Local Denial of Service Vulnerability. Read more at securityfocus.com/bid/14260
Vuln: Microsoft Windows FTP Client Directory Traversal Vulnerability
Microsoft Windows FTP Client Directory Traversal Vulnerability. Read more at securityfocus.com/bid/12160
Vuln: TYPSoft FTP Server RETR Denial Of Service Vulnerability
TYPSoft FTP Server RETR Denial Of Service Vulnerability
. Read more at securityfocus.com/bid/15104
Vuln: XMail Local Buffer Overflow Vulnerability
XMail Local Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/15103
[security bulletin] SSRT051041 rev.1 – HP-UX Mozilla Remote Unauthorized Execution of Privileged Code or Denial of Service (DoS)
[security bulletin] SSRT051041 rev.1 – HP-UX Mozilla Remote Unauthorized Execution of Privileged Code or Denial of Service (DoS). Read more at securityfocus.com/archive/1/413288
[security bulletin] SSRT5975 HP-UX Running on Itanium Platforms Local Denial of Service (DoS)
[security bulletin] SSRT5975 HP-UX Running on Itanium Platforms Local Denial of Service (DoS). Read more at securityfocus.com/archive/1/413298
iDEFENSE Security Advisory 10.13.05: Multiple Vendor wget/curl NTLM Username Buffer Overflow Vulnerability
iDEFENSE Security Advisory 10.13.05: Multiple Vendor wget/curl NTLM Username Buffer Overflow Vulnerability
. Read more at securityfocus.com/archive/1/413305
iDEFENSE Security Advisory 10.13.05: Multiple Vendor XMail ‘sendmail’ Recipient Buffer Overflow Vulnerability
iDEFENSE Security Advisory 10.13.05: Multiple Vendor XMail ‘sendmail’ Recipient Buffer Overflow Vulnerability. Read more at securityfocus.com/archive/1/413301
Leave a Reply