Network Security News – Thursday, March 23, 2006 Events
X.Org / X11 -modulepath Parameter Privileged Code Execution
Freedesktop.org Xorg server contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the xorg server does not properly verify the user id of the user allowing non root users access to the -modulepath parameter allowing them to execute arbitrary code on the system. This flaw may lead to a loss of Integrity.. Read more at osvdb.org/24000
MailEnable WebMail Malformed Encoded Quoted-printable Mail DoS
MailEnable WebMail contains a flaw that may allow a remote denial of service. The issue is triggered when incorrectly encoded quoted-printable emails are viewed, and will result in loss of availability for the platform.. Read more at osvdb.org/24014
MailEnable POP3 Unspecified Pre-authentication Remote Overflow
A remote overflow exists in MailEnable. The MailEnable POP3 server fails to properly sanitize unspecified POP3 pre-authentication commands resulting in a buffer overflow. With a specially crafted request, an attacker can cause execution of arbitrary code resulting in a loss of integrity.. Read more at osvdb.org/24012
Jupiter Content Manager image BBcode XSS
Jupiter Content Manager contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'image' BBcode tag variables when submitting a message. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23839
ASP Portal download_click.asp downloadid Variable SQL Injection
ASP Portal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the download_click.asp script not properly sanitizing user-supplied input to the 'downloadid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24020
Apple Safari Safe File Type Bypass Variation
Safari contains a flaw that may allow a malicious application to appear as a safe file type. It is possible that the flaw may allow a malicious file to be executed automatically when a user visits a malicious web site resulting in a loss of integrity.. Read more at osvdb.org/23869
1WebCalendar /news/newsView.cfm NewsID Variable SQL Injection
1WebCalendar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the newsView.cfm script not properly sanitizing user-supplied input to the 'NewsID' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24022
1WebCalendar viewEvent.cfm EventID Variable SQL Injection
1WebCalendar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the viewEvent.cfm script not properly sanitizing user-supplied input to the 'EventID' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24021
1WebCalendar mainCal.cfm SQL Injection
1WebCalendar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the mainCal.cfm script not properly sanitizing user-supplied input to an unspecified variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24023
Leave a Reply