Network Security News – Monday, February 13, 2006 Events
Verity KeyView Viewer SDK tarrdr.dll TAR Extraction Overflow
A remote overflow exists in Verity KeyView Viewer SDK. 'tarrdr.dll' fails to perform bounds checking on filenames of files contained by TAR archives, resulting in a stack based overflow. With a specially crafted TAR archive, an attacker can cause arbitrary code execution when the archive is extracted with an application using the vulnerable viewer, resulting in a loss of integrity.. Read more at osvdb.org/23067
Verity KeyView Viewer SDK uudrdr.dll UUE Filename Overflow
A remote overflow exists in Verity KeyView Viewer SDK. 'uudrdr.dll' fails to perform bounds checking on filenames of UUE files, resulting in a stack based overflow. With a specially crafted UUE file, an attacker can cause arbitrary code execution when the file is opened in an application using the vulnerable viewer, resulting in a loss of integrity.. Read more at osvdb.org/23065
SPIP spip_acces_doc.php3 file Variable SQL Injection
SPIP contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'spip_acces_doc.php3' script not properly sanitizing user-supplied input to the 'file' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23087
Verity KeyView Viewer SDK kvarcve.dll Compressed File Pathname Generation Overflow
A remote overflow exists in Verity KeyView Viewer SDK. 'kvarcve.dll' fails to perform bounds checking when constructing the full pathname of a compressed file before extracting it from a ZIP archive, resulting in a stack based overflow. With a specially crafted ZIP archive, an attacker can cause arbitrary code execution when a compressed file with a long filename is extracted from within an application using the vulnerable viewer, resulting in a loss of integrity.. Read more at osvdb.org/23064
NOOFS FUSE Client Unspecified Issue
NOOFS contains a flaw related to the FUSE Client. No further details have been provided.. Read more at osvdb.org/23052
NOOFS noofsd Unspecified Issue
NOOFS contains a flaw related to noofsd. No further details have been provided.. Read more at osvdb.org/23053
GA Forum archive.asp Forum Variable SQL Injection
GA Forum contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'archive.asp' script not properly sanitizing user-supplied input to the 'Forum' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23085
ashNews ashnews.php id Variable XSS
ashNews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'id' variable upon submission to the 'ashnews.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22934
ACC Tigris Access Terminal Server Unauthenticated Command Execution
ACC Tigris Terminal Server contains a flaw that may allow a malicious user to execute non-privileged commands without being authenticated. This is possible by using the undocumented username (public) and password (public). The issue is also triggered when the user presses the 'CTRL-U' or 'Backspace' key followed by any command at the login prompt. The malicious user then may execute the 'show' or telnet command resulting in a loss of confidentiality and integrity.. Read more at osvdb.org/267
CPG Dragonfly CMS linking.php XSS
CPG-Nuke Dragonly CMS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate an unspecified variable upon submission to the linking.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23060
Vuln: PowerD Remote Format String Vulnerability
PowerD Remote Format String Vulnerability. Read more at securityfocus.com/bid/16582
Leave a Reply