Network Security News – Sunday, March 06, 2005 Events
Solaris FTP Client Arbitrary Command Execution
The FTP client included with Solaris contains a flaw that allows a malicious FTP server to execute arbitrary commands on the client computer. No further details have been provided.. Read more at osvdb.org/8733
WS_FTP Multiple Command Long Argument Overflow
A remote overflow exists in WS_FTP. The WS_FTP fails to sanitize input to
DELE, MDTM, MLST, MKD, RMD, RNFR, RNTO, SIZE, STAT, XMKD, XRMD resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary commands to be execute resulting in a loss of confidentiality.. Read more at osvdb.org/14115
iGeneric iG Shop page.php Multiple Parameter SQL Injection
iG Shop contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'cats', 'l_price' and 'u_price' variables in the 'page.php' module are not verified properly and will allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/14057
Microsoft IIS Internal IP Address/Hostname Disclosure
Microsoft IIS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when attempting to access an area protected via basic http authentication without providing realm information. This may disclose the internal IP address or network name in the response header resulting in a loss of confidentiality.. Read more at osvdb.org/630
AIX ping Command Line Argument Overflow
A local overflow exists in AIX ping. The AIX ping fails to check command line arguments length resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary commands resulting in a loss of integrity.. Read more at osvdb.org/7969
phpBB username Handling XSS
phpBB contains a flaw that allows a remote cross site scripting attack. The flaw exists because the application does not validate user input upon submission to the username handling routines. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/11961
xloadimage FACES Format Image Multiple Parameter Overflow
A remote overflow exists in xloadimage. The 'facesLoad()' function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/13969
xli Non-descript Image Properties Overflow
xli contains a flaw related to the validation of image properties that may allow a remote attacker to execute arbitrary code. No further details have been provided.. Read more at osvdb.org/14366
xli Compressed Image Filename Shell Metacharacter Arbitrary Command Execution
xli contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is triggered due to the handling of compressed images. With a specially crafted filename containing shell meta characters, a remote attacker could execute arbitrary commands resulting in a loss of integrity.. Read more at osvdb.org/14365
xli FACES Format Image Multiple Parameter Overflow
A remote overflow exists in xli. The 'facesLoad()' function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/14403
Symantec Enterprise Firewall DNSD DNS Cache Poisoning Vulnerability
Raptor Firewall is an enterprise level firewall originally developed by Axent Technologies and is maintained and distributed by Symantec. Symantec Enterprise Firewall is …. Read more at securityfocus.com/bid/10557?ref=rss
BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffer Overflow Vulnerability
Computer Associates BrightStor ARCserve/Enterprise Backup products provide backup and restore protection for Windows, NetWare, Linux and UNIX servers as well as Windows, …. Read more at securityfocus.com/bid/12491?ref=rss
BrightStor ARCserve/Enterprise Discovery Service SERVICEPC Remote Buffer Overflow Vulnerability
Computer Associates BrightStor ARCserve/Enterprise Backup products provide backup and restore protection for Windows, NetWare, Linux and UNIX servers as well as Windows, …. Read more at securityfocus.com/bid/12536?ref=rss
Midnight Commander Multiple Unspecified Vulnerabilities
Midnight Commander is a popular file management tool for Unix systems. Among other features, Midnight Commander is provided with a code layer to access the file system; t…. Read more at securityfocus.com/bid/12263?ref=rss
Multiple Vendor loopback (land.c) Denial of Service Vulnerability
A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP packet with the "SYN" flag set and the source address and port spoofed to eq…. Read more at securityfocus.com/bid/2666?ref=rss
Sylpheed Mail Client Buffer Overflow Vulnerability
Sylpheed is a GTK+ based mail client for Unix, and Unix-like operating systems.It is reported that Sylpheed is susceptible to a buffer overflow vulnerability. This issu…. Read more at securityfocus.com/bid/12730?ref=rss
Windows Server 2003 and XP SP2 LAND attack vulnerability
Sender: Dejan Levaja [dejan at levaja dot com]. Read more at securityfocus.com/archive/1/392354?ref=rss
Re: Advisory #08 – phpBB 2.0.13 Bad filtered in usercp_register.php
Sender: Some one [someone at cannabismail dot com]. Read more at securityfocus.com/archive/1/392355?ref=rss
PaX privilege elevation security bug
Sender: [pageexec at freemail dot hu]. Read more at securityfocus.com/archive/1/392348?ref=rss
MDKSA-2005:052 – Updated kdegraphics packages fix vulnerabilities
Sender: Mandrakelinux Security Team [security at linux-mandrake dot com]. Read more at securityfocus.com/archive/1/392352?ref=rss
Leave a Reply