Network Security News – Saturday, November 12, 2005 Events
Linux Kernel sysctl Interface Unregistration Local DoS
The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered due to an error in sysctl's handling of interface unregistrations, and will result in loss of availability for the service.. Read more at osvdb.org/20676
Sylpheed Address Book LDIF Import Overflow
A flaw exists in the handling of importing LDIF files into the address book portion of Sylpheed. The flaw is triggered when a single line exceeds 2048 characters, and a stack-based overflow occurs. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/20675
HP-UX Trusted Mode remshd Unspecified Remote Access
HP-UX contains a flaw related to the remote shell server ("remshd") that may allow an attacker to gain remote unauthorized access, when running in Trusted Mode. No further details have been provided.. Read more at osvdb.org/20679
NetBSD imake file.0 Target Insecure /tmp File Creation
NetBSD contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the imake program creating Makefiles in the /tmp directory insecurely. It is possible for a user to use a symlink style attack to overwrite arbitrary files, resulting in a loss of integrity.. Read more at osvdb.org/20731
SAP Web Application Server sap-exiturl Header HTTP Response Splitting
SAP Web Application Server contains a flaw that allows a remote HTTP response splitting attack. This flaw exists because the application does not validate the 'sap-exiturl' variable upon submission to the BSP applications. This could allow an attacker to create a specially crafted URL that would present a fake web page to a user, steal session cookies, or execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20714
ASP-Programmers ASPKnowledgebase adminlogin.asp pwd Variable Login SQL Injection
ASP-Programmers ASPKnowledgebase contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the adminlogin.asp script not properly sanitizing user-supplied input to the pwd variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20712
NetBSD Unspecified IPSec AH Packet DoS
NetBSD IPSec contains a flaw that may allow a remote denial of service. The issue is triggered when certain IPSec AH packets are processed, and will result in loss of availability for the service.. Read more at osvdb.org/20734
SAP Web Application Server Error Page XSS
SAP Web Application Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user input when returning with an error page. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20715
PHPlist /admin/fckphplist.php action Variable XSS
PHPlist contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'action' variable upon submission to the '/admin/fckphplist.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20576
PHPlist /admin/users.php find Variable XSS
PHPlist contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'find' variable upon submission to the '/admin/users.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20575
Vuln: Microsoft Internet Explorer COM Object Instantiation Variant Vulnerability
Microsoft Internet Explorer COM Object Instantiation Variant Vulnerability. Read more at securityfocus.com/bid/15061
Leave a Reply