Network Security News – Saturday, April 01, 2006 Events
Claroline rqmkhtml.php file Variable XSS
Claroline contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'file' variable upon submission to the rqmkhtml.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
Additionally, this can be used to disclose the software installation path. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/24285
SiteSearch Indexer searchresults.asp searchField Variable XSS
SiteSearch Indexer contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'searchField' variable upon submission to the searchresults.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24289
Samba winbindd Debug Log Server Credential Local Disclosure
Samba winbindd contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plain text winbindd passwords of a domain member server. When the log level is set to 5 or higher, winbindd stores these credentials in a plain text file readable by non-administrative users, which may lead to a loss of confidentiality.. Read more at osvdb.org/24263
phpmyfamily track.php name Variable XSS
phpmyfamily contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'name' variable upon submission to the 'track.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24166
Greymatter gm-upload.cgi Arbitrary File Upload
Greymatter contains a flaw that may allow a malicious user to upload files to arbitrary locations on the filesystem with the same privileges as the server process. It is possible that the flaw may allow arbitrary code execution when a script file is placed within or below the web server root directory, leading to a loss of integrity.. Read more at osvdb.org/24210
RedCMS register.php SQL Injection
RedCMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the register.php script not properly sanitizing user-supplied input to unspecirfied variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24299
RedCMS register.php Multiple Field XSS
RedCMS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'email', 'location', or 'website' fields upon submission to the register.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24296
RedCMS profile.php u Variable SQL Injection
RedCMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the profile.php script not properly sanitizing user-supplied input to the 'u' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24298
RedCMS login.php Multiple Variable SQL Injection
RedCMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login.php script not properly sanitizing user-supplied input to the 'username' and 'password' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24297
Annuaire (Directory) inscription.php Comment Field XSS
Annuaire (Directory) contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the Comment Field (COMMENTAIRE variable) upon submission to the inscription.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24303
Vuln: Esqlanelapse Unspecified Cross-Site Scripting Vulnerability
Esqlanelapse Unspecified Cross-Site Scripting Vulnerability. Read more at securityfocus.com/bid/17331
Vuln: Mon Album Multiple SQL Injection Vulnerabilities
Mon Album Multiple SQL Injection Vulnerabilities. Read more at securityfocus.com/bid/17327
Vuln: Mantis Multiple Remote Vulnerabilities
Mantis Multiple Remote Vulnerabilities
. Read more at securityfocus.com/bid/15227
Vuln: XFIT/S Unspecified Denial of Service Vulnerability
XFIT/S Unspecified Denial of Service Vulnerability. Read more at securityfocus.com/bid/17329
Buffer-overflow and in-game crash in Zdaemon 1.08.01
Buffer-overflow and in-game crash in Zdaemon 1.08.01. Read more at securityfocus.com/archive/1/429521
Warcraft III Replay Parser Script Remote Command Exucetion Vulnerability And Cross-Site Scripting Attacking
Warcraft III Replay Parser Script Remote Command Exucetion Vulnerability And Cross-Site Scripting Attacking
. Read more at securityfocus.com/archive/1/429535
DbbS<=2.0-alpha SQL injection
DbbS<=2.0-alpha SQL injection. Read more at securityfocus.com/archive/1/429512
[security bulletin] HPSBUX02108 SSRT061133 rev.2 – HP-UX running Sendmail, Remote Execution of Arbitrary Code
[security bulletin] HPSBUX02108 SSRT061133 rev.2 – HP-UX running Sendmail, Remote Execution of Arbitrary Code. Read more at securityfocus.com/archive/1/429477
Leave a Reply