Network Security News – Monday, April 11, 2005 Events
Sybase ASE attrib_valid Function Overflow
A remote overflow exists in Sybase Adaptive Server Enterprise attrib_valid function. The function fails to check input during internal parsing resulting in a buffer overflow. With a specially crafted request, an attacker can execute the code of their choice in the security context of the Sybase database server process resulting in a loss of integrity.
In order for this condition to be exploited an authenticated connection to ASE must exist.. Read more at osvdb.org/15198
GNU sharutils shar Output Overflow
A local overflow exists in GNU sharutils shar command. GNU shar fails to check the length of data returned by the shar command resulting in a buffer overflow. With a specially crafted shar archive, an attacker can cause loss of integrity.. Read more at osvdb.org/15375
FirstClass Client Bookmark Files Arbitrary Program Execution
OpenText FirstClass contains a flaw that may allow an attacker to execute arbitrary files. The issue is due to a lack of restrictions on bookmark URIs. This may allow an attacker to link to a file on a remote host which will be executed by the vulnerable client.. Read more at osvdb.org/15356
HP OpenView Network Node Manager Nondescript DoS
HP OpenView Network Node Manager contains a flaw that may allow a remote denial of service. No further information has been provided.. Read more at osvdb.org/15321
Linksys WET11 changepw.html Unauthenticated Password Modification
The LinkSys WET11 v1 Wireless Ethernet Bridge contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a remote user sends a crafted HTTP request to the Change Password scipt which will change the password without authentication.. Read more at osvdb.org/15311
P2P Share Spy Registry Local Password Disclosure
P2P Share Spy contains a flaw that may lead to an unauthorized information disclosure. The issue is due to plaintext storage of information in the registry, which may disclose the program launch password to local users resulting in a loss of confidentiality.. Read more at osvdb.org/15312
FireFly Registry Plaintext Proxy Password Disclosure
NetCruiser Software FireFly contains a flaw that may lead to an unauthorized information disclosure. The issue is due to plaintext storage of information in the registry, which may disclose the proxy username and password to local users resulting in a loss of confidentiality.. Read more at osvdb.org/15325
PunBB profile.php jabber Variable XSS
PunBB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the jabber variable upon submission to the profile.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15373
PunBB profile.php new_email Variable SQL Injection
PunBB contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the new_email variable in the profile.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15372
remstats remoteping Service Arbitrary Command Execution
remstats contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered when a remote user manipulates the inputs in the 'remoteping-server.pl' script. It is possible that the flaw may allow a user to execute arbitrary commands due to missing input sanitizing resulting in a loss of integrity.. Read more at osvdb.org/15259
Leave a Reply