tetris-bsd on Gentoo Linux checkscores() Function Local Overflow

Network Security News – Sunday, April 09, 2006 Events

tetris-bsd on Gentoo Linux checkscores() Function Local Overflow

A local overflow exists in tetris-bsd of the port bsd-games on Gentoo Linux. The checkscores() function in scores.c fails to validate a player's name, obtained from the '/var/games/tetris-bsd.scores' file, before it is printed into a buffer using sprintf, resulting in a stack overflow. The same function also reads player level without validation, resulting in an integer overflow. With a specially crafted request, an attacker can execute arbitrary code as a user with the permissions of the games group, resulting in a loss of integrity.. Read more at osvdb.org/24261

NetBSD mail Record File Permission Weakness Information Disclosure

NetBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the "set record" setting is present in a users .mailrc and the default umask is set, which will create a record file with insecure permissions. This will disclose the record file of a user's email resulting in a loss of confidentiality.. Read more at osvdb.org/24258

CA BrightStor ARCserve Backup Default Administrator Account

BrightStor ARCserve Backup UniversalAgent contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is caused by a hard-coded, undocumented administrative account for the Common Agent. This flaw may lead to a loss of integrity.. Read more at osvdb.org/13706

SQuery igi2.php libpath Variable Remote File Inclusion

SQuery contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to igi2.php (not an underlying library) not properly sanitizing user input supplied to the 'libpath' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/24412

SQuery savage.php libpath Variable Remote File Inclusion

SQuery contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to savage.php (not an underlying library) not properly sanitizing user input supplied to the 'libpath' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/24423

SQuery hlife2.php libpath Variable Remote File Inclusion

SQuery contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to hlife2.php (not an underlying library) not properly sanitizing user input supplied to the 'libpath' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/24414

SQuery hlife.php libpath Variable Remote File Inclusion

SQuery contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to hlife.php (not an underlying library) not properly sanitizing user input supplied to the 'libpath' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/24411

SQuery halo.php libpath Variable Remote File Inclusion

SQuery contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to halo.php (not an underlying library) not properly sanitizing user input supplied to the 'libpath' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/24410

SQuery gsvari.php libpath Variable Remote File Inclusion

SQuery contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to gsvari.php (not an underlying library) not properly sanitizing user input supplied to the 'libpath' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/24409

SQuery rene.php libpath Variable Remote File Inclusion

SQuery contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to rene.php (not an underlying library) not properly sanitizing user input supplied to the 'libpath' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/24421

Vuln: Sudo Python Environment Variable Handling Security Bypass Vulnerability

Sudo Python Environment Variable Handling Security Bypass Vulnerability. Read more at securityfocus.com/bid/16184

Vuln: Sudo Perl Environment Variable Handling Security Bypass Vulnerability

Sudo Perl Environment Variable Handling Security Bypass Vulnerability. Read more at securityfocus.com/bid/15394

Vuln: ADOdb Server.PHP SQL Injection Vulnerability

ADOdb Server.PHP SQL Injection Vulnerability

. Read more at securityfocus.com/bid/16187

Vuln: ADOdb PostgreSQL SQL Injection Vulnerability

ADOdb PostgreSQL SQL Injection Vulnerability. Read more at securityfocus.com/bid/16364