DUware DUportal Pro password.asp result Variable XSS

Network Security News – Friday, December 16, 2005 Events

DUware DUportal Pro password.asp result Variable XSS

DUware DUportal Pro contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'result' variable upon submission to the 'password.asp' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/21485

NetAuctionHelp Auction Software search.asp Multiple Variable XSS

NetAuctionHelp Auction Software contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'L', 'sort', 'category', and 'categoryname' variables upon submission to the 'search.asp' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/21474

XcClassified CPSearch.asp SearchFor Variable XSS

XcClassified contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'SearchFor' variable upon submission to the 'CPSearch.asp' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/21470

Multiple BSD ipfw Filtering Evasion

FreeBSD and Mac OS X contain a flaw that may allow a malicious user to bypass a firewall. The issue is triggered when TCP packets with the ECE flag set are treated as being part of an already established TCP connection. It is possible that the flaw may allow a malicious user to bypass certain ipfw rules resulting in a loss of integrity.. Read more at osvdb.org/1743

Multiple BSD TCP RST DoS

FreeBSD and OpenBSD contain a flaw that may allow a remote denial of service. The issue is triggered when a malicious user sends TCP RST packets to a victim system to terminate its connection, which takes advantage of FreeBSD and OpenBSD's interpretation of sequence numbers in RST packets, and will result in loss of availability for the platform.. Read more at osvdb.org/6094

Multiple BSD-derived TCP/IP Short Packet DoS

BSD-derived TCP/IP implementations contain a flaw that may allow a remote denial of service. The issue is triggered when short TCP packets with certain options set are sent to the system, and will result in loss of availability for the system.. Read more at osvdb.org/5707

Multiple BSD USER_LDT Kernel Option Memory Access

NetBSD and OpenBSD contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when accessing kernel memory via a segment call gate when the USER_LDT kernel option is enabled, which may allow a malicious user to gain root privileges. This flaw may lead to a loss of integrity.. Read more at osvdb.org/6141