Network Security News – Thursday, April 28, 2005 Events
S9Y Serendipity BBCode Plugin HTML Injection Vulnerability
Serendipity is a Web log application that is written in PHP.S9Y Serendipity is affected by an HTML injection vulnerability. This issue is due to a failure in the appli…. Read more at securityfocus.com/bid/13411?ref=rss
Dream4 Koobi CMS Index.PHP Q Parameter SQL Injection Vulnerability
Koobi CMS is Web based content management software utilizing a MySQL backend and is implemented in PHP.Koobi CMS is prone to an SQL injection vulnerability. This issue…. Read more at securityfocus.com/bid/13413?ref=rss
Dream4 Koobi CMS Index.PHP P Parameter SQL Injection Vulnerability
Koobi CMS is Web based content management software utilizing a MySQL backend and is implemented in PHP.Koobi CMS is prone to an SQL injection vulnerability. This issue…
. Read more at securityfocus.com/bid/13412?ref=rss
BakBone NetVault NVStatsMngr.EXE Local Privilege Escalation Vulnerability
NetVault is a backup and restore solution available for UNIX, Windows NT/2000, Linux, Netware and Apple Mac OS X platforms.BakBone NetVault is affected by a local privi…. Read more at securityfocus.com/bid/13408?ref=rss
BulletProof FTP Server Local Privilege Escalation Vulnerability
BulletProof FTP Server is an FTP server for Microsoft Windows platforms.BulletProof FTP Server is prone to a local privilege escalation vulnerability. This issue can a…. Read more at securityfocus.com/bid/13410?ref=rss
ZRCSA-200501 – Multiple vulnerabilities in Claroline
Sender: Sieg Fried [Siegfried at zone-h dot org]
. Read more at securityfocus.com/archive/1/397072?ref=rss
SQL-injections in koobi-cms
Sender: CENSORED [censored at mail dot ru]. Read more at securityfocus.com/archive/1/397057?ref=rss
[CLA-2005:950] Conectiva Security Announcement – evolution
Sender: Conectiva Updates [secure at conectiva dot com dot br]. Read more at securityfocus.com/archive/1/397058?ref=rss
[CLA-2005:949] Conectiva Security Announcement – gaim
Sender: Conectiva Updates [secure at conectiva dot com dot br]
. Read more at securityfocus.com/archive/1/397060?ref=rss
MySQL MaxDB Web Administration Service Malformed GET Request Overflow
A remote overflow exists in MySQL MaxDB. The MaxDB web administration service fails to properly handle HTTP GET requests containing a percent sign ('%') resulting in a buffer overflow. With a specially crafted HTTP GET request containing a percent sign followed by an overly long string as the file parameter, a remote attacker can cause arbitrary code execution with SYSTEM privileges resulting in a loss of integrity.. Read more at osvdb.org/15816
MetaCart2 searchAction.asp Multiple Variable SQL Injection
MetaCart2 (multiple products) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to multiple variables in the searchAction.asp script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15874
MetaCart2 product.asp intProdID Variable SQL Injection
MetaCart2 (multiple products) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'intProdID' variable in the product.asp script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15873
MetaCart2 productsByCategory.asp Multiple Variable SQL Injection
MetaCart2 (multiple products) contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to multiple variables in the productsByCategory.asp script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15872
PHPCart phpcart.php Arbitrary Price Manipulation
PHPCart contains a flaw that allows a remote users to manipulate prices without authorization. The flaw exists because the application does not validate 'price' or 'postage' variables upon submission to the 'phpcart.php' script. This could allow a user to create a specially crafted URL to modify arbitrary prices.. Read more at osvdb.org/15859
Microsoft IE wininet.dll Long Hostname Heap Corruption Code Execution
A remote overflow exists in Windows. Internet Explorer improperly validates long URLs resulting in a heap overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/15464
BIG-IP / 3-DNS Radius Authentication login_radius Security Bypass
F5 Big-IP and 3DNS contain a flaw that may allow a malicious user to bypass RADIUS authentication. The issue is triggered when an attacker sends a specially-crafted RADIUS ACCEPT packet response, with the origin set as the radius server, and the login_radius function fails to properly check the shared secret, resulting in a loss of integrity.. Read more at osvdb.org/15804
VooDoo cIRCle BOTNET Remote Overflow
A remote overflow exists in VooDoo cIRCle BOTNET. VooDoo cIRCle BOTNET fails to properly perform bounds checking of user-supplied input in the handling of packets from BOTNET connections resulting in a buffer overflow. With a specially crafted request, an attacker can crash a vulnerable bot resulting in a loss of availability. Successful exploitation requires access to establish a BOTNET connection (e.g. knowledge of password or client SSL certificate).. Read more at osvdb.org/15830
WordPress template-functions-post.php Multiple Field XSS
WordPress contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate multiple fields upon submission to the 'template-functions-post.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15643
yappa-ng Nondescript Remote File Inclusion
yappa-ng contains a flaw that may allow a remote attacker to include a file from a remote host that contains arbitrary commands which will be executed by a vulnerable script. No further details have been provided.. Read more at osvdb.org/15829
Microsoft Internet Explorer Content Advisor File Handling Buffer Overflow Vulnerability
Internet Explorer Content Advisor is a feature of the browser that allows administrators to control users from visiting unsuitable Web sites and content on the Internet….. Read more at securityfocus.com/bid/13117?ref=rss
Leave a Reply