Network Security News – Saturday, December 31, 2005 Events
Text-e Search Module XSS
Text-e contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate variables upon submission to the search module. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22067
IRIX xfsmd RPC Weak Authentication Privilege Escalation
IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious attacker bypasses the AUTH_UNIX authentication scheme used by the xfsmd daemon and issues remote procedure calls that mount, unmount, create, delete or modify xfs file systems. This flaw is leveraged to obtain root privileges, resulting in a loss of integrity.. Read more at osvdb.org/5315
VMware ESX Server Management Interface Unspecified XSS
VMware ESX Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate variables upon submission to the Management Interface. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22119
Mantis manage_user_page.php Multiple Variable SQL Injection
Mantis contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the manage_user_page.php script not properly sanitizing user-supplied input to the 'prefix' (via GET) or 'sort' (via POST) variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22051
Mantis view_all_set.php sort Variable SQL Injection
Mantis contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the view_all_set.php script not properly sanitizing user-supplied input to the 'sort' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22052
Mantis view_filters_page.php Multiple Variable XSS
Mantis contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'view_type' and 'target_field' variables upon submission to the view_filters_page.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22053
AdesGuestbook read.php totalRows_rsRead Variable XSS
AdesGuestbook contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'totalRows_rsRead' variable upon submission to the 'read.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22111
WAXTRAPP Search Module XSS
WAXTRAPP contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate variables upon submission to the search module. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22046
StaticStore admin11.cgi keywords Variable XSS
StaticStore contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'keywords' variable upon submission to the 'admin11.cgi' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22032
DCP-Portal mycontents.php dcp5_member_id Cookie Variable SQL Injection
DCP-Portal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the mycontents.php script not properly sanitizing user-supplied input to the 'dcp5_member_id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22027
Vuln: Cisco Downloadable RADIUS Policies Information Disclosure Vulnerability
Cisco Downloadable RADIUS Policies Information Disclosure Vulnerability. Read more at securityfocus.com/bid/16025
Vuln: iPei Guestbook Index.PHP Cross-Site Scripting Vulnerability
iPei Guestbook Index.PHP Cross-Site Scripting Vulnerability. Read more at securityfocus.com/bid/16092
Vuln: Ades Design AdesGuestbook Read Script Cross-Site Scripting Vulnerability
Ades Design AdesGuestbook Read Script Cross-Site Scripting Vulnerability. Read more at securityfocus.com/bid/16090
Vuln: OOApp Guestbook Home Script Cross-Site Scripting Vulnerability
OOApp Guestbook Home Script Cross-Site Scripting Vulnerability. Read more at securityfocus.com/bid/16091
Re: WMF Exploit
Re: WMF Exploit. Read more at securityfocus.com/archive/1/420556
rssh: root privilege escalation flaw
rssh: root privilege escalation flaw. Read more at securityfocus.com/archive/1/420536
phpbb2.0.19 fixes security issues
phpbb2.0.19 fixes security issues. Read more at securityfocus.com/archive/1/420537
Secunia Research: TUGZip ARJ Archive Handling Buffer OverflowVulnerability
Secunia Research: TUGZip ARJ Archive Handling Buffer OverflowVulnerability. Read more at securityfocus.com/archive/1/420538
Leave a Reply