ISS Multiple Product Application Protection Module Local Privilege Escalation

Network Security News – Tuesday, March 28, 2006 Events

ISS Multiple Product Application Protection Module Local Privilege Escalation

ISS BlackICE and RealSecure Desktop packages contain a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a user resets a help dialog file mask and will permit a user to execute arbitrary code with the system level privileges. This flaw may lead to a loss of confidentiality or integrity.. Read more at osvdb.org/24096

HP-UX swagentd Unspecified DoS

HP-UX contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified error in the 'swagentd' daemon occurs, and will result in loss of availability for the service.. Read more at osvdb.org/24097

ADOdb tmssql.php Variable Arbitrary PHP Function Execution

ADOdb contains a flaw that may allow a malicious user to execute arbitrary PHP functions via the do parameter. The issue is triggered due to the insecure "tests/tmssql.php" test script. It is possible that the flaw may result in a loss of integrity.. Read more at osvdb.org/22291

Horde Admin Account Default Null Password

By default, Horde installs with a default password if configuration is started, but aren't completed. The admin account has a blank password which is publicly known and documented. This allows attackers to trivially access the program or system.. Read more at osvdb.org/24117

Microsoft IE mshtml.dll Multiple Script Action Handler Overflow

Remote overflow exists in Microsoft Internet Explorer. The product fails to properly check bounds for handling HTML tags with multiple event handlers resulting in a buffer overflow. With a specially crafted HTML document, an attacker can cause affected web browsers to crash or remote code execution resulting in a loss of integrity, and/or availability.. Read more at osvdb.org/23964

Microsoft IE createTextRange() Function Arbitrary Code Execution

Microsoft Internet Explorer contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered due to a memory corruption error when processing a specially crafted "createTextRange()" call associated with a "checkbox" object. It is possible that the flaw may allow attackers to remotely take complete control of an affected system resulting in a loss of integrity.. Read more at osvdb.org/24050

Microsoft IE Arbitrary HTA File Execution

Microsoft Internet Explorer contains a flaw that may allow a malicious user to execute HTA files (HTML Applications) in the context of targeted users. The issue is triggered when unspecified condition occurs. It is possible that the flaw may allow to execute code and potentially to compromise affected system resulting in a loss of integrity.. Read more at osvdb.org/24095

Linux Kernel ctnetlink ip_conntrack_proto_tcp.c Multiple Function DoS

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered via a message without ICMP ID (ICMP_ID) information or via an update message without private protocol information, and will result in loss of availability for the platform.. Read more at osvdb.org/24114

mIRC DCC Get Folder Dialog Long String Overflow

A local overflow exists in mIRC. The product fails to check bounds for elements of the locally opened "DCC Get Folder" dialog resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution with the current user privileges resulting in a loss of integrity.. Read more at osvdb.org/24116

Mac OS X BOMArchiveHelper Traversal Arbitrary File Overwrite

Mac OS X contains a flaw that allows an attacker to create archive files which unpack to arbitrary directories which are writable by the current user. The issue is due to the BOM framework not properly sanitizing paths to be written.. Read more at osvdb.org/23641

Vuln: Flex Code Generation Buffer Overflow Vulnerability

Flex Code Generation Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/16896

Vuln: Xigla Absolute Live Support XE Multiple HTML Injection Vulnerabilities

Xigla Absolute Live Support XE Multiple HTML Injection Vulnerabilities. Read more at securityfocus.com/bid/17258

Vuln: Caloris Planitia Technologies School Management System Cross-Site Scripting Vulnerability

Caloris Planitia Technologies School Management System Cross-Site Scripting Vulnerability

. Read more at securityfocus.com/bid/17257

Vuln: Veritas Backup Exec Multiple Remote Denial of Service Vulnerabilities

Veritas Backup Exec Multiple Remote Denial of Service Vulnerabilities. Read more at securityfocus.com/bid/17098

[SECURITY] [DSA 1020-1] New flex packages fix insecure code generation

[SECURITY] [DSA 1020-1] New flex packages fix insecure code generation. Read more at securityfocus.com/archive/1/428980

PHPLiveHelper 1.8 remote command execution (include) Xploit (perl)

PHPLiveHelper 1.8 remote command execution (include) Xploit (perl)

. Read more at securityfocus.com/archive/1/428976

SYM06-006, Veritas NetBackup: Multiple Overflow Vulnerabilities in NetBackup Daemons

SYM06-006, Veritas NetBackup: Multiple Overflow Vulnerabilities in NetBackup Daemons. Read more at securityfocus.com/archive/1/428992

ZDI-06-006: Symantec VERITAS NetBackup Database Manager Buffer Overflow

ZDI-06-006: Symantec VERITAS NetBackup Database Manager Buffer Overflow. Read more at securityfocus.com/archive/1/428988