Network Security News – Saturday, March 25, 2006 Events
Sendmail Signal Handler Race Condition Remote Overflow
A remote overflow exists in Sendmail. The failure is due to a signal handling error resulting in the potential for remote code execution. With a specially crafted request, an attacker can cause memory corruption resulting in a loss of integrity.. Read more at osvdb.org/24037
Basic Analysis and Security Engine (BASE) base_maintenance.php Authentication Bypass
Basic Analysis and Security Engine (BASE) contains a flaw that may allow a malicious user to bypass BASE built in authentication system for the base_maintenance.php script. The issue is due to the broken "AuthenticateNoCookie()" function which is used in standalone mode. It is possible that the flaw may allow access to base_maintenance.php page resulting in a loss of confidentiality.. Read more at osvdb.org/24101
AbleDesign D-Man index.php title Variable XSS
AbleDesign D-Man contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'title' variable upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/21984
Baby FTP Server Traversal File Enumeration
BabyFTP contains a flaw that allows a remote attacker to enumerate files outside of the web path. The issue is due to the FTP server not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied which results in different error message responses.. Read more at osvdb.org/24057
Mac OS X LaunchServices Safe File Type Bypass
LaunchServices contains a flaw that may allow a malicious application to appear as a safe file type. It is possible that the flaw may allow malicious file to be executed automatically when visiting a malicious web site resulting in a loss of integrity.. Read more at osvdb.org/23870
Mac OS X Mail.app Attachment AppleDouble Header Processing Buffer Overflow
A remote overflow exists in Mac OS X Mail.app. The Mail.app facility fails to handle overly long Real Name entries resulting in a buffer overflow. With a specially crafted attachment in the AppleDouble format, an attacker can cause the execution of arbitrary code on a user's system resulting in a loss of integrity and/or availability.. Read more at osvdb.org/23872
Mac OS X CoreTypes Safe File Type Bypass
CoreTypes contains a flaw that may allow a malicious application to appear as a safe file type. It is possible that the flaw may allow malicious file to be executed automatically when visiting a malicious web site resulting in a loss of integrity.. Read more at osvdb.org/23871
Mac OS X CoreTypes Crafted Archive JavaScript Same-origin Policy Bypass
Mac OS X CoreTypes contains a flaw that may allow a malicious webpage access to the properties of another domain. The issue is triggered due to the application's failure to properly enforce same-origin policy for JavaScript remote data access. It is possible that the flaw may allow disclosure of sensitive information or may facilitate other attacks against a user of the browser, resulting in a loss of confidentiality.. Read more at osvdb.org/23873
Linux Kernel on ia64 Preemption ptrace() Function Local DoS
Linux Kernel on ia64 contains a flaw that may allow a local denial of service. The issue is triggered when preemption is having multiple tasks doing ptrace singlesteps around the same time, and will result in loss of availability for the platform.. Read more at osvdb.org/24098
cURL/libcURL TFTP URL Parsing Overflow
A remote overflow exists in cURL/libCURL. cURL/libcURL fails to boundary check resulting in a heap overflow. With a specially crafted request, an attacker can cause arbitrary code execution by redirecting cURL/libcURL to a TFTP URL that exceeds 512 bytes in length resulting in a loss of integrity.. Read more at osvdb.org/23982
Leave a Reply