Network Security News – Sunday, May 01, 2005 Events
Bakbone Netvault nvstatsmngr.exe Local Privilege Escalation
NetVault contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered by a local attacker initiating the help functionality of the nvstatsmngr.exe process to execute arbitrary commands on the system with SYSTEM level privileges. This flaw may lead to a loss of integrity.. Read more at osvdb.org/15900
phpBB Personal Notes Module posting_notes.php p Variable SQL Injection
phpBB contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'p' variable in the posting_notes.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15899
SURVIVOR Nondescript XSS
SURVIVOR contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not perform proper validation of unspecified user-supplied input. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15905
Altiris Deployment Solution AClient System Tray Icon Privilege Escalation
Deployment Solution contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a user activates the client interface by launching the software from an icon in the Windows system tray and uses it to launch an arbitrary program. This will cause the program to run with the same privileges as the Altiris client allowing local privilege escalation.. Read more at osvdb.org/15897
Multiple Browser DOM Property Override Privilege Escalation
Multiple browser contains a flaw that may allow a remote attacker to gain access to unauthorized privileges. The issue is triggered due to improper validation of privileged 'chrome' UI code in DOM nodes. By creating a malicious script and tricking a victim to open the script or the context menu, a remote attacker could override properties and methods of DOM nodes and execute arbitrary code, resulting in a loss of integrity.. Read more at osvdb.org/15690
Microsoft Windows XP helpctr.exe Crafted URL Command Execution (Myth/Fake)
The Help Center ('HelpCtr.exe') in Microsoft Windows XP has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is supposedly triggered when issuing a 'http://' or 'file://' argument to the topic parameter in an 'hcp://' URL, which may allow a remote attacker to execute arbitrary commands. However, this flaw could not be validated.. Read more at osvdb.org/15981
Red Hat Linux Kernel NPTL tty DoS
The kernel in Red Hat Enterprise Linux contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user could take control of a pointer to a freed tty structure, which causes the kernel to crash resulting in a loss of availability.. Read more at osvdb.org/15808
Greg Mathew's Classifieds CGI Arbitrary Command Execution
Classifieds contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'classifieds.cgi' not properly sanitizing user-supplied input. This may allow a remote attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/6698
Leave a Reply