Network Security News – Saturday, January 28, 2006 Events
CheesyBlog archive.php Multiple Field XSS
CheesyBlog contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Your name', 'Website URL' and 'Comment' fields upon submission to the 'archive.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22716
The Gallery User Name XSS
The Gallery contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the fullname set by users. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22660
Phpclanwebsite pollresults.php poll_id Variable XSS
Phpclanwebsite contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'par' and 'poll_id' variables upon submission to the 'index.php' script, and will call the 'pollresults.php' script without validating these variables. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22722
Multiple BSD pf Crafted IP Fragment Ruleset DoS
Packet Filter (PF) contains a flaw that may allow a remote denial of service. The issue is triggered when a logic bug in the IP fragment cache may result in a packet fragment being inserted twice, violating a kernel invariant. This will result in loss of availability for the platform.. Read more at osvdb.org/22732
FreeBSD Buffer Length Logic Error Arbitrary Kernel Memory Disclosure
FreeBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a logic error in computing a buffer length may allow too much data to be copied into userland, which may disclose portions of kernel memory resulting in a loss of confidentiality.. Read more at osvdb.org/22731
FreeBSD Uninitialized Buffer Arbitrary Kernel Memory Disclosure
FreeBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a buffer allocated from the kernel stack is not completely initialized before being copied to userland, which may disclose portions of kernel memory resulting in a loss of confidentiality.. Read more at osvdb.org/22730
MyBulletinBoard (MyBB) search.php Multiple Variable XSS
MyBB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "sortby" and "sortordr" variables upon submission to the search.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22750
Leave a Reply