Antigen for Domino Malformed RAR File DoS

Network Security News – Thursday, March 31, 2005 Events

Antigen for Domino Malformed RAR File DoS

Antigen for Domino contains a flaw that may allow a local denial of service. The issue is due to an unspecific error within the scanning functionality when scanning a specially crafted RAR file, and will result in loss of availability for the system.. Read more at osvdb.org/15077

E-Data Personal Information Addition XSS

E-Data contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the input fields upon submission to the creation of a new user. This could allow a user to create a specially crafted HTML and script code that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server when the malicious personal information is viewed, leading to a loss of integrity.. Read more at osvdb.org/15091

NetComm NB1300 Malformed Ping Saturation DoS

Netcomm NB1300 DSL Modem contains a flaw that may allow a remote denial of service. The issue is triggered when flooding the WAN interface with large ICMP ECHO requests, and will result in loss of service availability for legitimate users.. Read more at osvdb.org/15088

Fetchmail IMAP Message Count Overflow

A remote overflow exists in Fetchmail. Fetchmail email client fails to properly limit the maximum number of messages available resulting in an overwrite of memory via a message count that exceeds the boundaries of an array. With a specially crafted request, a malicious IMAP server can cause an overwrite of the process stack memory space resulting in a loss of system integrity.. Read more at osvdb.org/4595

EncapsBB index_header.php root Parameter Remote File Inclusion

EncapsBB contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to "index_header.php" not properly sanitizing user input supplied to the "root" variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script. This vulnerability need to active "register_globals" and "allow_url_fopen" in configuration file "php.ini".. Read more at osvdb.org/15078

Mac OS X AFP Drop Box Information Disclosure

Mac OS X contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by insecure default permissions on the Drop Box, which will disclose Drop Box contents information resulting in a loss of confidentiality.. Read more at osvdb.org/15005

Mac OS X AFP Core Foundation Library CF_CHARSET_PATH Variable Overflow

A local overflow exists in Mac OS X. The Core Foundation Library fails to validate the CF_CHARSET_PATH environment variable resulting in a buffer overflow. With a specially crafted request greater than 1024 characters, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/15006

NukeBookmarks marks.php Path Disclosure

NukeBookmarks contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker accesses the marks module with certain parameters missing causing an error to occur, which will disclose the installation path information resulting in a loss of confidentiality.. Read more at osvdb.org/15034

Squirrelcart PHP Shopping Cart index.php SQL Injection

Squirrelcart PHP Shopping Cart contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'crn' and 'rn' variables in the index.php script are not verified properly and will allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15124

Ublog Reload ublogreload.mdb Information Disclosure

Ublog Reload contains a flaw that may lead to an unauthorized information disclosure. Өe issue is triggered when an attacker directly requests the ublogreload.mdb file, which will disclose the administrator login and hashed password resulting in a loss of confidentiality.. Read more at osvdb.org/15122

GDK-Pixbuf BMP Image Processing Double Free Remote Denial of Service Vulnerability

gdk-pixbuf is a GNOME library that provides functions to load and display images of multiple formats. Gdk-pixbuf is used in many GNOME utilities. gdk-pixbuf library is …. Read more at securityfocus.com/bid/12950?ref=rss

Mozilla Suite Multiple Remote Vulnerabilities

Multiple remote vulnerabilities affect Mozilla Suite, Firefox, and Thunderbird. The following text outlines the issues that have been disclosed.An insecure temporary d…. Read more at securityfocus.com/bid/12659?ref=rss