Network Security News – Thursday, May 11, 2006 Events
Microsoft Exchange Collaboration Data Objects Crafted Email Code Execution
Microsoft Exchange contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered due to an error within the EXCDO (Exchange Collaboration Data Objects) and CDOEX (Collaboration Data Objects for Exchange) functionality when processing iCal and vCal properties in email messages. It is possible that the flaw may allow remote code execution resulting in a loss of integrity.. Read more at osvdb.org/25338
phpRaid auth.php Multiple Variable Remote File Inclusion
phpRaid contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to auth.php not properly sanitizing user input supplied to the 'phpbb_root_path' and 'smf_root_path' variables. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/25358
Ocean12 Calendar Manager Pro admin/edit.asp ID Variable SQL Injection
Ocean12 Calendar Manager Pro contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'admin/edit.asp' script not properly sanitizing user-supplied input to the 'ID' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/25346
Ocean12 Calendar Manager Pro admin/main.asp date Variable SQL Injection
Ocean12 Calendar Manager Pro contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'admin/main.asp' script not properly sanitizing user-supplied input to the 'date' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/25344
Ocean12 Calendar Manager Pro admin/main.asp date Variable XSS
Ocean12 Calendar Manager Pro contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'date' variable upon submission to the 'admin/main.asp' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/25347
Ocean12 Calendar Manager Pro admin/view.asp SearchFor Variable SQL Injection
Ocean12 Calendar Manager Pro contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'admin/view.asp' script not properly sanitizing user-supplied input to the 'SearchFor' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/25345
PassMasterFlexPlus User-Agent HTTP Header Field XSS
PassMasterFlexPlus contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the HTTP User-Agent header field upon displaying it in the application log files. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server when that user is viewing the log files, leading to a loss of integrity.. Read more at osvdb.org/25302
Flexcustomer /admin/index.php Multiple Variable SQL Injection
Flexcustomer contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the '/admin/index.php' script not properly sanitizing user-supplied input to the 'checkuser' and 'checkpass' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/25343
Flexcustomer index.php Multiple Variable SQL Injection
Flexcustomer contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'username' and 'password' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/25342
Linux Kernel Socket Data Buffering Local DoS
The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered when the kernel buffers data for transfer over a socket pair. A flaw in the checking for available memory can result in a kernel panic when many socket pairs are created with the maximum kernel buffer size allocated to them. If the allocating process is then turned into a 'zombie' or if the corresponding file descriptors are closed but references are still held, the data to transfer will be held in the kernel, eventually resulting in memory exhaustion and hence in loss of availability for the platform.. Read more at osvdb.org/22060
Vuln: Xine Playlist Handling Remote Format String Vulnerability
Xine Playlist Handling Remote Format String Vulnerability. Read more at securityfocus.com/bid/17579
Vuln: PAFileDB Pafiledb_Constants.PHP Remote File Include Vulnerability
PAFileDB Pafiledb_Constants.PHP Remote File Include Vulnerability. Read more at securityfocus.com/bid/17930
Vuln: Adobe Dreamweaver Generated Code SQL Injection Vulnerabilities
Adobe Dreamweaver Generated Code SQL Injection Vulnerabilities
. Read more at securityfocus.com/bid/17928
Vuln: GNOME Foundation GDM .ICEauthority Improper File Permissions Vulnerability
GNOME Foundation GDM .ICEauthority Improper File Permissions Vulnerability. Read more at securityfocus.com/bid/17635
ZDI-06-014: Verisign I-Nav ActiveX Control Code Execution Vulnerability
ZDI-06-014: Verisign I-Nav ActiveX Control Code Execution Vulnerability. Read more at securityfocus.com/archive/1/433589
Re: Firefox 1.5.0.3 – DoS
Re: Firefox 1.5.0.3 – DoS
. Read more at securityfocus.com/archive/1/433568
Re: IGNORING SSH CONNECTION USES ARP CACHE POISSONING
Re: IGNORING SSH CONNECTION USES ARP CACHE POISSONING. Read more at securityfocus.com/archive/1/433563
[ MDKSA-2006:084 ] – Updated MySQL packages fix several vulnerabilities
[ MDKSA-2006:084 ] – Updated MySQL packages fix several vulnerabilities. Read more at securityfocus.com/archive/1/433559
Leave a Reply