Network Security News – Sunday, April 10, 2005 Events
PostNuke admin.php module Variable XSS
PostNuke contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'module' variable upon submission to the admin.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15369
PostNuke News Module sid Parameter SQL Injection
PostNuke contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'sid' variable in the News Module not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15371
PostNuke Reviews Module id Variable Path Disclosure
PostNuke contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker provides malformed input to the 'id' parameter of the Reviews Module, which will disclose the server installation path resulting in a loss of confidentiality.. Read more at osvdb.org/15368
PostNuke user.php op Variable XSS
PostNuke contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'op' variable upon submission to the user.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15370
Drummond Miles A1Statistics a1disp2.cgi Traversal Arbitrary File Read
A1Statistics contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the a1disp2.cgi script not properly sanitizing user input, specifically traversal style attacks (../../).. Read more at osvdb.org/554
Drummond Miles A1Statistics a1disp4.cgi Traversal Arbitrary File Read
A1Statistics contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the a1disp4.cgi script not properly sanitizing user input, specifically traversal style attacks (../../).. Read more at osvdb.org/15387
Drummond Miles A1Statistics a1disp3.cgi Traversal Arbitrary File Read
A1Statistics contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the a1disp3.cgi script not properly sanitizing user input, specifically traversal style attacks (../../).. Read more at osvdb.org/15386
BEA WebLogic config.cmd Log File Admin Credential Plaintext Disclosure
BEA WebLogic contains a flaw that may lead to an unauthorized information disclosure. The issue occurs because config.cmd writes the administrative credentials to a log in plaintext. This will allow a local user to trivially obtain the credentials by browsing the logs generated by the utility.. Read more at osvdb.org/15380
AN HTTPD Server httpd.log Arbitrary Text Injection
AN HTTPD Server contains a flaw that may allow a remote attacker to inject arbitrary text into the server log. The issue is due to the server not properly sanitizing the CR and LF characters of the URI being processed. Using a specially crafted URI, an attacker can cause the injection of custom lines into the log. This could be used to inject fake browsing entries, or arbitrary commands which can be executed through the cmdIS.DLL module.. Read more at osvdb.org/15362
AN HTTPD Server cmdIS.DLL user-agent Field Remote Overflow
A remote overflow exists in AN HTTPD Server. The server fails to check the bounds of the user-agent field resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of arbitrary scripts resulting in a loss of integrity.. Read more at osvdb.org/15361
File Upload Script PHPBB Module Arbitrary Script Upload Vulnerability
File Upload Script is a phpBB module that allows users to upload files to a Web site.File Upload Script is reported prone to an arbitrary script upload vulnerability. …
. Read more at securityfocus.com/bid/13084?ref=rss
Sun J2SE Software Development Kit Java Archive Tool Directory Traversal Vulnerability
Sun J2SE Java Archive Tool is a compression utility that is used to create Java Archive (JAR) files.The Java Archive Tool is reported vulnerable to a directory traversa…
. Read more at securityfocus.com/bid/13083?ref=rss
Azerbaijan Development Group AzDGDatingPlatinum Multiple Vulnerabilities
AzDGDatingPlatinum is a Web based forum implemented in PHP.AzDGDatingPlatinum is reported prone to multiple vulnerabilities. These issues result from insufficient sani…
. Read more at securityfocus.com/bid/13082?ref=rss
Citrix MetaFrame Web Client Access Restriction Bypass Vulnerability
Citrix MetaFrame Web Client allows users to connect to Citrix using a PC.It is reported that the client application provides access to various applications on the serve…
. Read more at securityfocus.com/bid/13081?ref=rss
RadScripts RadBids Gold Multiple Vulnerabilities
RadBids Gold is a Web based auction application implemented in PHP with a mySQL database.RadBids Gold is reported prone to multiple vulnerabilities. These issues inclu…
. Read more at securityfocus.com/bid/13080?ref=rss
Centrinity FirstClass Client Bookmark Window File Execution Vulnerability
Centrinity FirstClass Desktop is a client application used to manage the FirstClass server. FirstClass is reported prone to a vulnerability that may allow remote attack…
. Read more at securityfocus.com/bid/13079?ref=rss
Pafiledb ACTION Parameter XSS
Sender: tom cruise [the dot n3t at gmail dot com]
. Read more at securityfocus.com/archive/1/395424?ref=rss
UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : telnet client multiple issues
Sender: [please_reply_to_security at sco dot com]
. Read more at securityfocus.com/archive/1/395428?ref=rss
How to Report a Security Vulnerability to Microsoft
Sender: Microsoft Security Response Center [secure at microsoft dot com]
. Read more at securityfocus.com/archive/1/395427?ref=rss
iDEFENSE Security Advisory 04.08.05: Microsoft Multiple E-Mail Client Address Spoofing Vulnerability
Sender: iDEFENSE Labs [labs-no-reply at idefense dot com]
. Read more at securityfocus.com/archive/1/395426?ref=rss
Leave a Reply