Network Security News – Tuesday, March 15, 2005 Events
Multiple Video Card Memory Clear Issue
Multiple video cards do not properly clear the on-card buffers that handle video functions. When a user switches video modes, starts or exits a program that utilizes these functions, or reboots the computer, there is a chance that portions of the previous session or video display may be disclosed to a different user. For a brief period, these sessions may disclose sensitive information from a previous user if the workstation is shared by multiple users.. Read more at osvdb.org/14707
FileZilla psftp.exe Multiple Function Remote Overflow
A remote overflow exists in FileZilla. Multiple functions in the 'psftp.exe' application fail to perform proper bounds checking resulting in an integer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/14662
Hosting Controller forgotpassword.asp Information Disclosure
Hosting Controller contains a flaw that may allow a malicious user to disclose the
hosting owners e-mail. The issue is triggered when the attacker knows the site domain name, and removes the .com/.net/.* portion of the name before submitting it as the requested "login ID". This will lead to the script disclosing the hosting owner's e-mail address.. Read more at osvdb.org/14604
SOPE Application Server LDAP Authentication Bypass
SKYRiX Object Publishing Environment (SOPE) contains a flaw that may allow a remote attacker to bypass the LDAP authentication. The issue is triggered when the LDAP server is configured to allow unauthenticated binds. It is possible that the flaw may allow a remote attacker to gain access to administrative privileges resulting in a loss of integrity.. Read more at osvdb.org/14670
MySQL CREATE FUNCTION Arbitrary libc Code Execution
MySQL contains a flaw that may allow a malicious user to load arbitrary libraries. The issue is triggered when an authenticated user with INSERT and DELETE privileges use the CREATE FUNCTION command to specify and load an arbitrary custom library. It is possible that the flaw may allow a remote attacker to execute arbitrary code, resulting in a loss of confidentiality and/or integrity.. Read more at osvdb.org/14678
Active Webcam Connection Saturation DoS
Active Webcam contains a flaw that may allow a remote denial of service. The issue is triggered when a flood of connection request occurs, and will result in loss of availability for the service.. Read more at osvdb.org/14642
Novell iChain Mini FTP Server Unlimited Login Attempt
Novell iChain MiniFTP Server contains a flaw that may allow a malicious user to make unlimited, unsuccessful login attempts. The issue is due to the FTP server not limiting the amount of unsuccessful login attempts, making brute force style attacks more effective.. Read more at osvdb.org/14648
ArX dopatch Insecure Path Handling
Arx contains a flaw related to insecure path handling in 'dopatch' that may allow a malicious user to execute arbitrary code. No further details have been provided.. Read more at osvdb.org/14673
ArX Configuration Building Insecure Path Handling
Arx contains a flaw related to insecure path handling when building configurations that may allow a malicious user to execute arbitrary code. No further details have been provided.. Read more at osvdb.org/14672
Site Compromise Software Distribution Backdoor
Software distributed from various sites may contain a backdoor or malicious code. The issue is due to the distribution site being compromised by an attacker who then modifies the software available to everyone else. By placing a backdoor or other malicious code in the software package, any subsequent downloads may pose a risk to administrators who choose to install the software. This type of attack is extremely difficult to counter against given the nature of the internet.
In the past, several sites have experienced such an attack. The list included contains known occurances but is far from inclusive. The only way to really prevent such attacks is consistantly check the site for news of such attacks and continue to check MD5 sums for all downloads (even though they can be trivially forged under such a scenario).. Read more at osvdb.org/14702
KAME Racoon Malformed ISAKMP Packet Headers Denial of Service Vulnerability
racoon is an IKE (Internet Key Exchange) daemon included in KAME's IPsec utilities and the Linux 2.6 Kernel port IPsec-Tools. racoon is reported prone to a vulnerabilit…. Read more at securityfocus.com/bid/12804?ref=rss
VoteBox Votebox.PHP Remote File Include Vulnerability
VoteBox is a Web based voting system that is implemented in PHP.It is reported that VoteBox is affected by a remote PHP file include vulnerability. This issue is due in…. Read more at securityfocus.com/bid/12806?ref=rss
MaxDB WebAgent Input Validation Multiple Remote Denial Of Service Vulnerabilities
MaxDB is a re-branded version of SAP DB that includes certain enhancements. It is maintained by MySQL.MaxDB WebAgent is reported prone to multiple remote denial of serv…. Read more at securityfocus.com/bid/12805?ref=rss
Mitel 3300 Integrated Communications Platform Web Interface Authentication Bypass Vulnerability
Mitel 3300 Integrated Communications Platform is an IP-PBX device designed for enterprise implementation.A remote authentication bypass vulnerability affects the Web in…. Read more at securityfocus.com/bid/12682?ref=rss
Mozilla Suite/Firefox/Thunderbird Nested Anchor Tag Status Bar Spoofing Weakness
Mozilla Suite/Firefox and Thunderbird are reported prone to a URI obfuscation weakness. The issue is reported to manifest when 'Save Link As…' functionality is invoked …. Read more at securityfocus.com/bid/12798?ref=rss
phpbb <= 2.0.12 uid vuln + admin_styles.php php code injection exploit
Sender: bad boy [slythers at gmail dot com]. Read more at securityfocus.com/archive/1/393202?ref=rss
[SECURITYREASON.COM] phpAdsNew 2.0.4-pr1 Multiple vulnerabilities cXIb8O3.9
Sender: Maksymilian Arciemowicz [max at jestsuper dot pl]. Read more at securityfocus.com/archive/1/393188?ref=rss
LimeWire Gnutella client two vulnerabilities
Sender: Kevin Walsh [kwalsh at cs dot cornell dot edu]. Read more at securityfocus.com/archive/1/393146?ref=rss
Re: Av issues
Sender: Thierry Zoller [Thierry at sniff-em dot com]. Read more at securityfocus.com/archive/1/393204?ref=rss
Leave a Reply