Network Security News – Saturday, April 09, 2005 Events
WebWasher CSM Conf Script navTo2 Variable XSS
WebWasher CSM contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'navTo2' variable upon submission to the CSM Conf script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15354
PaFileDB pafiledb.php start Parameter SQL Injection
PaFileDB contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'start' variable in the pafiledb.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15294
FreeBSD amd64 Direct Hardware Access Privilege Escalation
FreeBSD amd64 contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is caused by an incorrect initialization of bitmap used for determinatig the hardware access of unprivileged processes. This flaw may lead to a loss of confidentitaliy.. Read more at osvdb.org/15288
MailEnable IMAP A001 AUTHENTICATE Command Remote Overflow
A remote overflow exists in MailEnable. MailEnable fails to check bounds for input passed to "A001 AUTHENTICATE <buffer>" resulting in a buffer overflow. With a specially crafted request greater than 1016 bytes, an attacker can overwrite the ECX and EAX registers causing arbitrary code execution, resulting in a loss of integrity.. Read more at osvdb.org/15231
LiteCommerce cart.php Multiple Parameter SQL Injection
LiteCommerce contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'category_id' or 'product_id' variable in the cart.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15314
LiteCommerce cart.php Malformed target Parameter Script Source Disclosure
LiteCommerce contains a flaw that may lead to an unauthorized information disclosure. Өe issue is triggered when an attacker provides malformed data to the 'target' parameter of the cart.php script, which will disclose the source code for the script resulting in a loss of confidentiality.. Read more at osvdb.org/15313
SCO OpenServer termsh HOME Environment Variable Local Overflow
A local overflow exists in SCO OpenServer. The termsh utility fails to validate input received from the HOME environment variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code and gain additional privileges.. Read more at osvdb.org/15359
SCO OpenServer auditsh HOME Environment Variable Local Overflow
A local overflow exists in SCO OpenServer. The auditsh utility fails to validate input received from the HOME environment variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code and gain additional privileges.. Read more at osvdb.org/15358
SCO OpenServer atcronsh HOME Environment Variable Local Overflow
A local overflow exists in SCO OpenServer. The atcronsh utility fails to validate input received from the HOME environment variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code and gain additional privileges.. Read more at osvdb.org/15360
Gaim gaim_markup_strip_html Function Malformed HTML DoS
A remote overflow exists in Gaim. The 'gaim_markup_strip_html()' function fails to perform proper bounds checking resulting in a buffer overflow. By issuing a string that contains malformed HTML, a remote attacker can cause the application to crash resulting in a loss of availability.. Read more at osvdb.org/15276
Microsoft Outlook and Outlook Web Access Source Email Address Spoofing Weakness
Microsoft Outlook and Outlook Web Access clients are reported prone to a weakness that may allow remote attackers to send email with a spoofed address.It is reported th…
. Read more at securityfocus.com/bid/13078?ref=rss
Leave a Reply