Network Security News – Friday, March 24, 2006 Events
TuxBank manage_account.php id Variable SQL Injection
TuxBank contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the manage_account.php script not properly sanitizing user-supplied input to the 'id' variable, called via index.php. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24052
Apple Safari ZIP Archive File Extension Mismatch Arbitrary File Execution
Safari contains a flaw that may allow arbitrary commands execution when user opens malicious Web page or HTML email attachment. The issue is triggered due to an error in the processing of file association meta data in ZIP archives (stored in the "__MACOSX" folder) and mail messages (defined via the AppleDouble MIME format). It is possible that the flaw may result in a loss of integrity.. Read more at osvdb.org/23510
Orion Application Server Crafted Filename Extension JSP Source Disclosure
Orion Application Server contains a flaw that may lead to an unauthorized information disclosure. The issue is due to a validation error of the filename extension supplied by the user in the URL, which will disclose the source code of JSP files via a specially crafted request containing dot and space characters resulting in a loss of confidentiality.. Read more at osvdb.org/24053
AdMan editCampaign.php Malformed campaignId Variable Path Disclosure
Adman contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker assigns an empty or invalid value in the campaignId variable in a request to the editCampaign.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/24065
AdMan viewPricingScheme.php Malformed schemeId Variable Path Disclosure
AdMan contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker assigns an empty or invalid value to the schemeId variable in a request to the viewPricingScheme.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/24066
AdMan viewStatement.php transactions_offset Variable SQL Injection
AdMan contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the viewStatement.php script not properly sanitizing user-supplied input to the transactions_offset variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24064
Leave a Reply