Xerver Crafted Request Forced Directory Listing

Network Security News – Friday, October 21, 2005 Events

Xerver Crafted Request Forced Directory Listing

Xerver contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a specially-crafted HTTP request ending with a null character (%00) at the end is sent, which will disclose directory listings resulting in a loss of confidentiality.. Read more at osvdb.org/20076

Xerver Server XSS

Xerver contains a flaw that allows a remote cross site scripting attack. This could allow a user to create a specially crafted URL containing a null character (%00) followed by malicious code that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20077

ManageEngine NetFlow Analyzer index.jsp grDisp Variable XSS

ManageEngine NetFlow Analyzer contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the grDisp variable upon submission to the index.jsp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20073

Microsoft Windows Registry Editor (Regedt32.exe) Long String Obfuscation

Microsoft Windows contains a flaw that may allow a malicious user to to hide specific registry information. The issue is triggered by a vulnerability in the Registry Editor Utility (regedt32.exe) when handling long string names. It is possible that the flaw may allow a local attacker to create a string containing a long name (i.e., under the "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" key) to cause the string and any other strings in the key to become hidden, resulting in a loss of integrity.. Read more at osvdb.org/18956

YIFF Sound Systems Arbitrary File Access

YIFF Sound Systems contains a flaw that may lead to an unauthorized information disclosure. The Yiff server runs as root and does not attempt to check file permissions, which allows a local attacker to play back arbitrary files, resulting in a loss of confidentiality.. Read more at osvdb.org/20074

WinRAR UNACEV2.DLL ACE Filename Overflow

A remote overflow exists in WinRAR. The 'UNACEV2.DLL' library fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted ACE archive containing a compressed file with an overly long filename, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/19915

OpenWBEM Multiple Unspecified Remote Overflows

OpenWBEM contains multiple buffer overflows that may allow a remote attacker to execute arbitrary code. No further details have been provided.. Read more at osvdb.org/20062

CheckMark Payroll DUNZIP32.dll Filename Overflow

A remote overflow exists in CheckMark Payroll. The 'DUNZIP32.DLL' library fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted '.zip' backup file containing a file with an overly long filename, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/19906

Microsoft Windows 2000 SECEDIT Long Folder ACL Set Issue

Microsoft Windows 2000 SECEDIT utility contains a flaw that may not apply Access Control Lists (ACLs) on folders when using a security template to set ACLs. The issue is triggered when one of the folders that is listed in the security template has a long name (that includes the folder's path). It is possible that the flaw may allow the ACL to be set correctly on the folder with the long name, but does not apply ACLs on folders that are listed after the long folder entry, resulting in a loss of integrity.. Read more at osvdb.org/19995

Microsoft Windows Client Service for NetWare (CSNW) Remote Overflow

A remote overflow exists in Microsoft Windows. The 'Client Service for NetWare (CSNW)' fails to perform proper bounds checking resulting in a buffer overflow. With specially crafted network messages, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/19922

Vuln: XLoadImage Multiple Remote Buffer Overflow Vulnerabilities

XLoadImage Multiple Remote Buffer Overflow Vulnerabilities. Read more at securityfocus.com/bid/15051

Vuln: Yukihiro Matsumoto Ruby SAFE Level Restriction Bypass Vulnerability

Yukihiro Matsumoto Ruby SAFE Level Restriction Bypass Vulnerability. Read more at securityfocus.com/bid/14909

Vuln: PADL Software PAM_LDAP Authentication Bypass Vulnerability

PADL Software PAM_LDAP Authentication Bypass Vulnerability

. Read more at securityfocus.com/bid/14649

Vuln: Graphviz Insecure Temporary File Creation Vulnerability

Graphviz Insecure Temporary File Creation Vulnerability. Read more at securityfocus.com/bid/15050

[SECURITY] [DSA 868-1] New Mozilla Thunderbird packages fix several vulnerabilities

[SECURITY] [DSA 868-1] New Mozilla Thunderbird packages fix several vulnerabilities. Read more at securityfocus.com/archive/1/413953

[USN-211-1] Enigmail vulnerability

[USN-211-1] Enigmail vulnerability. Read more at securityfocus.com/archive/1/413985

XSS & Path Disclosure in Chipmunk’s products

XSS & Path Disclosure in Chipmunk’s products

. Read more at securityfocus.com/archive/1/413955

[ GLSA 200510-18 ] Netpbm: Buffer overflow in pnmtopng

[ GLSA 200510-18 ] Netpbm: Buffer overflow in pnmtopng. Read more at securityfocus.com/archive/1/413984