Network Security News – Monday, January 23, 2006 Events
Rockliffe MailSite HTTP Management Agent WCONSOLE.DLL Crafted Parameter DoS
MailSite contains a flaw that may allow a remote denial of service. The issue is triggered when certain special characters are passed as parameters to WCONSOLE.DLL, and will result in loss of availability for the service.. Read more at osvdb.org/22678
Rockliffe MailSite HTTP Management Agent WCONSOLE.DLL XSS
MailSite contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate variables upon submission to the 'WCONSOLE.DLL' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22677
Rockliffe MailSite Express Cookie Plaintext Password Storage
MailSite Express contains a flaw that may lead to an unauthorized information disclosure. The issue is that the user's password is stored in a cookie file in plaintext. This can allow local users to obtain passwords by reading the cookie file, or can be used in conjunction with the XSS vulnerability (OSVDB ID 20488) to steal the user's password remotely, resulting in a loss of confidentiality.. Read more at osvdb.org/22682
Rockliffe MailSite Express WebMail Email Message Body XSS
MailSite Express contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the message body of incoming emails. This could allow a user to create a specially crafted email message that, when viewed, would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20488
1-2-All Broadcast E-mail /admin/index.php Username Field SQL Injection
1-2-All Broadcast E-Mail contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the /admin/index.php script not properly sanitizing user-supplied input to the 'username' field. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20949
MailWatch for MailScanner authenticate() Function SQL Injection
MailWatch for MailScanner contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the authenticate() function not properly sanitizing user-supplied input to unspecified variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20451
Widexl Download Tracker down.pl ID Variable XSS
Widexl Download Tracker contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'ID' variable upon submission to the 'down.pl' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22462
TYPO3 t3lib/stddb/tables.php Direct Request Path Disclosure
TYPO3 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker direclty requests the 't3lib/stddb/tables.php' script, which will result in a failure to access certain include files. This will disclose the software's installation path in an error message, resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/22667
TYPO3 tslib/showpic.php Direct Request Path Disclosure
TYPO3 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker direclty requests the 'tslib/showpic.php' script, which will result in a failure to access certain include files. This will disclose the software's installation path in an error message, resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/22666
TYPO3 typo3/t3lib/thumbs.php Direct Request Path Disclosure
TYPO3 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker direclty requests the 'typo3/t3lib/thumbs.php' script, which will result in a failure to access certain include files. This will disclose the software's installation path in an error message, resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/22665
Leave a Reply