PhpGedView help_text_vars.php Remote File Inclusion

Network Security News – Sunday, January 15, 2006 Events

PhpGedView help_text_vars.php Remote File Inclusion

PhpGedView contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the 'help_text_vars.php' not properly sanitizing user-supplied input to the 'PGV_BASE_DIRECTORY' variable. When the register_globals PHP option is set to 'on', a remote attacker can display the contents of local files. In addition, when the magic_quotes_gpc and the allow_url_fopen PHP options are set to 'on', a remote attacker can include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/22009

PhpGedView Registration Multiple Field Arbitrary PHP Code Execution

PhpGedView contains a flaw that may allow a remote attacker to execute arbitrary PHP code. The issue is due to the 'login_register.php' script not properly sanitizing user-supplied input to the 'user_language', 'user_email' and 'user_gedcomid' fields before being stored in the 'authenticate.php' script, which may allow a remote attacker to execute arbitrary PHP code resulting in a loss of integrity.. Read more at osvdb.org/22010

IRIX xwsh ANSI Escape Code Arbitrary Command Execution

IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an ingenious, yet malicious, user places escape sequences in a file or filename, which when passed to xwsh, will remap keys to unexpected strings or to xwsh internal functions. This flaw may lead to a loss of integrity.. Read more at osvdb.org/18725

IRIX print manager clogin Root Privilege Escalation

IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the print manager allows local users to gain root privileges, possibly through the clogin command. This flaw may lead to a loss of integrity.. Read more at osvdb.org/8557

IRIX Desktop Permissions Tool File Modification Privilege Escalation

IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user can use the /usr/lib/desktop/permissions tool to modify the permissions of any file on the system. This flaw may lead to a loss of integrity.. Read more at osvdb.org/8449

IRIX colorview -text Argument Arbitrary File Read

IRIX contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious user passes any file name to colorview using the -text argument, which will disclose the contents of the file resulting in a loss of confidentiality.. Read more at osvdb.org/979

IRIX /usr/sbin/Mail Arbitrary Mail Spool Access

IRIX contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when usr/sbin/Mail fails to reset its group ID to the group ID of the caller, which will allow a malicious user to read the mail of other users, as well as that of the root user, resulting in a loss of confidentiality.. Read more at osvdb.org/8567

Analysis Console for Intrusion Databases (ACID) acidlab acid_qry_main.php SQL Injection

Acidlab contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the acid_qry_main.php script not properly sanitizing user-supplied input to an unspecified variable(s). This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20836

Plogger plog-admin-functions.php config[basedir] Variable Remote File Inclusion

Plogger contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the plog-admin-functions.php script not properly sanitizing user input supplied to the "config[basedir]" variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/22395

Cyphor show.php id Variable SQL Injection

Cyphor contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the show.php script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20983

Vuln: Ultimate Auction Item.PL Cross-Site Scripting Vulnerability

Ultimate Auction Item.PL Cross-Site Scripting Vulnerability. Read more at securityfocus.com/bid/16239

Vuln: Helmsman HomeFtp Remote Denial Of Service Vulnerability

Helmsman HomeFtp Remote Denial Of Service Vulnerability. Read more at securityfocus.com/bid/16238

Vuln: EZDatabaseRemote PHP Script Code Execution Vulnerability

EZDatabaseRemote PHP Script Code Execution Vulnerability. Read more at securityfocus.com/bid/16237

Vuln: Cisco IP Phone 7940 Remote Denial of Service Vulnerability

Cisco IP Phone 7940 Remote Denial of Service Vulnerability. Read more at securityfocus.com/bid/16200

Hacking With The Google Search Engine

Hacking With The Google Search Engine. Read more at securityfocus.com/archive/1/421873

MyBB 1.0.2 SQL injection in usercp.php

MyBB 1.0.2 SQL injection in usercp.php. Read more at securityfocus.com/archive/1/421871

FullPath disclosure in Xaraya 1.0.1

FullPath disclosure in Xaraya 1.0.1. Read more at securityfocus.com/archive/1/421872

[NMRC Advisory] Microsoft Windows Wireless Exposure on Laptops

[NMRC Advisory] Microsoft Windows Wireless Exposure on Laptops. Read more at securityfocus.com/archive/1/421868