X.Org / X11 -logfile Parameter Arbitrary File Overwrite

Network Security News – Wednesday, March 22, 2006 Events

X.Org / X11 -logfile Parameter Arbitrary File Overwrite

Freedesktop.org Xorg server contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the xorg server does not properly verify the user id of the user allowing non root users access to the -logfile parameter. This then allows them to overwrite arbitrary files on the system and may lead to a loss of Integrity.. Read more at osvdb.org/24001

Drupal Login Session Fixation Hijacking

Drupal contains a flaw that may allow a malicious user to hijack a user's session. The issue is triggered when the victim clicks on a specially crafted link and then later logs on to Drupal resulting in a loss of integrity.. Read more at osvdb.org/23911

DCP-Portal inbox.php Multiple Variable XSS

DCP-Portal contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'subject' and 'message' variables upon submission to the inbox.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23979

DCP-Portal forums.php Multiple Variable XSS

DCP-Portal contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'bid', 'replying_msg', 'subject', 'body', and 'mid' variables upon submission to the forums.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23978

MyBloggie edituser.php errormsg Variable XSS

myBloggie contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'errormsg' variable upon submission to the edituser.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23987

DCP-Portal calendar.php Multiple Variable XSS

DCP-Portal contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'subject' and 'images' variables upon submission to the calendar.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23977

betaparticle BP Blog template_permalink.asp id Variable SQL Injection

BP Blog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the template_permalink.asp script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23966

MyBloggie editcat.php errormsg Variable XSS

myBloggie contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'errormsg' variable upon submission to the editcat.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23989

betaparticle BP Blog template_gallery_detail.asp fldGalleryID Variable SQL Injection

BP Blog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the template_gallery_detail.asp script not properly sanitizing user-supplied input to the 'fldGalleryID' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23965

AnyPortal Unspecified Path Disclosure

AnyPortal contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker performs an unspecified action with the siteman.php3 script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/23983

Vuln: ASP Portal Multiple SQL Injection Vulnerabilities

ASP Portal Multiple SQL Injection Vulnerabilities. Read more at securityfocus.com/bid/17174

Vuln: Macromedia Flash Multiple Unspecified Security Vulnerabilities

Macromedia Flash Multiple Unspecified Security Vulnerabilities. Read more at securityfocus.com/bid/17106

Vuln: Util-VServer Unknown Linux Capabilities Vulnerability

Util-VServer Unknown Linux Capabilities Vulnerability

. Read more at securityfocus.com/bid/17180

Vuln: Libcgi-session-perl Multiple Insecure Temporary File Creation Vulnerabilities

Libcgi-session-perl Multiple Insecure Temporary File Creation Vulnerabilities. Read more at securityfocus.com/bid/17177

Mini-Nuke<=1.8.2 SQL injection (6)

Mini-Nuke<=1.8.2 SQL injection (6). Read more at securityfocus.com/archive/1/428361

[ GLSA 200603-20 ] Macromedia Flash Player: Arbitrary code execution

[ GLSA 200603-20 ] Macromedia Flash Player: Arbitrary code execution

. Read more at securityfocus.com/archive/1/428353

[ GLSA 200603-19 ] cURL/libcurl: Buffer overflow in the handling of TFTP URLs

[ GLSA 200603-19 ] cURL/libcurl: Buffer overflow in the handling of TFTP URLs. Read more at securityfocus.com/archive/1/428339

ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities

ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities. Read more at securityfocus.com/archive/1/428355