Network Security News – Tuesday, February 21, 2006 Events
Kyocera FS-3830N Port 9100 Unauthenticated Command Execution
Kyocera FS-3820N printers contain a flaw that may allow a malicious user to issue arbitrary commands. The issue is triggered because access to the service on TCP port 9100 is unauthenticated. It is possible that the flaw may allow execution of arbitrary commands, resulting in a loss of integrity.. Read more at osvdb.org/23245
Kyocera Telnet Default Admin Account
By default, some Kyocera printers install with an default password. The 'admin' account has an empty password, which is publicly known and documented. This allows attackers to trivially access the system.. Read more at osvdb.org/23246
Netcool/NeuSecure Config File Permission Weakness Cleartext Password Disclosure
Netcool/NeuSecure contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plaintext passwords by reading the configuration files /etc/neusecure.conf and /opt/NeuSecure/etc/cms-3.0.236.buildconf, which may lead to a loss of confidentiality. The files are readable by any user on the system by default.. Read more at osvdb.org/23270
Netcool/NeuSecure ns_archiver.log Cleartext Password Disclosure
Netcool/NeuSecure contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plaintext passwords by viewing the application's log file, which may lead to a loss of confidentiality.. Read more at osvdb.org/23271
V-webmail help.php Direct Request Path Disclosure
V-webmail contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when invalid parameters are passed to the 'help.php' script, which will disclose file system path information resulting in a loss of confidentiality.. Read more at osvdb.org/23262
V-webmail frameset.php rframe Variable Arbitrary Remote HTML Inclusion
V-webmail contains a flaw that may allow a remote attacker to execute arbitrary commands in the target's web browser. The issue is due to 'frameset.php' not properly sanitizing user input supplied to the 'rframe' variable. This may allow an attacker to include a file from a remote host that contains arbitrary scripting commands which will be executed by the browser.. Read more at osvdb.org/23261
V-webmail preferences.personal.php newid Variable XSS
V-webmail contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'newid' variable upon submission to the 'preferences.personal.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23260
CPG Dragonfly CMS MSAnalysis Module index.php profile Variable SQL Injection
The MSAnalysis module for CPG Dragonfly CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'profile' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.
Additionally, if a failed SQL query is made, the program will disclose the full installation path. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/23250
Leave a Reply