Network Security News – Saturday, May 14, 2005 Events
CA License Server/Client Multiple Command Remote Overflow
Muliple remote overflows exist in CA License Manager. The LIC98RMT.EXE component fails to validate the parameters passed to several commands resulting in buffer overflows. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/14389
CA License Server/Client GCR Request Packet Multiple Overflows
A remote overflow exists in License Manager. The program fails to validate GCR Request packets resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/14321
CA License Server/Client GCR Checksum Multiple Overflow
A remote overflow exists in License Manager. The program fails to validate GCR Checksum packets resulting in a stack overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/14320
OpenBSD TCP Malformed SACK Option DoS
OpenBSD contains a flaw that may allow a remote denial of service. The issue is triggered when TCP segments with invalid SACK options are received, and will result in loss of availability for the platform.. Read more at osvdb.org/15191
Mozilla Firefox Content-Type Crafted Header Download Dialog Spoofing
Mozilla Firefox contains a flaw that may allow a malicious user to spoof file types in the file download dialog. The issue exists because file download dialog does not properly validate the filename and the "Content-Type" HTTP header before displaying it. It is possible that the flaw may trick a user into executing malware if the file is opened through the file download dialog resulting in a loss of integrity.. Read more at osvdb.org/16431
Mozilla Firefox Content-Type Header "Save to Disk" File Extension Spoofing
Mozilla Firefox contains a flaw that may allow a malicious user to spoof file types in the file download dialog. The issue is triggered when saving a file to disk with "Save to Disk" option and the "Content-Type" header has been carefully modified. It is possible that the flaw may allow malicious files to be saved to the download directory, which by default is the desktop.. Read more at osvdb.org/16432
OpenBSD Nondescript copy(9) Function Issue
OpenBSD contains a flaw related to the copy(9) function that may allow an attacker to overwrite kernel memory. No further details have been provided.. Read more at osvdb.org/14276
Squid DNS Lookup Spoofing
Squid Proxy contains a flaw that may allow a malicious user to spoof DNS lookups. The issue is triggered when an unspecified error occur in the DNS client while handling DNS responses. It is possible that the flaw may allow a malicious user to spoof DNS lookups resulting in a loss of integrity.. Read more at osvdb.org/16335
Microsoft Windows RPC Locator Remote Overflow
A remote overflow exists in Windows. The RPC Locator service fails to validate search requests resulting in a stack overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/7117
WordPress RSS/Atom Feed Password Protected Entry Disclosure
WordPress contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a password protected post is created with included files which the RSS 2.0 or Atom feed then outputs, even if a password is not entered, which will disclose potentially sensitive information resulting in a loss of confidentiality.. Read more at osvdb.org/16436
PHPHeaven PHPMyChat Style.CSS.PHP3 Cross-Site Scripting Vulnerability
phpMyChat is Web based chat software that is implemented in PHP.phpMyChat is prone to a cross-site scripting vulnerability. This issue is due to a failure in the appli…. Read more at securityfocus.com/bid/13628?ref=rss
PHPHeaven PHPMyChat Start-Page.CSS.PHP3 Cross-Site Scripting Vulnerability
phpMyChat is Web based chat software that is implemented in PHP.phpMyChat is prone to a cross-site scripting vulnerability. This issue is due to a failure in the appli…. Read more at securityfocus.com/bid/13627?ref=rss
Yahoo! Messenger URL Handler Remote Denial Of Service Vulnerability
Yahoo! Messenger is a freely available chat client distributed and maintained by Yahoo! It is available for the Apple Mac OS and Microsoft Windows platform.Yahoo! Messe…. Read more at securityfocus.com/bid/13626?ref=rss
OpenBB Member.PHP Cross-Site Scripting Vulnerability
OpenBB is a freely available, open source bulletin board software package. It is available for Unix, Unix variants, and Microsoft Windows operating systems. OpenBB also s…
. Read more at securityfocus.com/bid/13625?ref=rss
OpenBB Read.PHP SQL Injection Vulnerability
OpenBB is a freely available, open source bulletin board software package. It is available for Unix, Unix variants, and Microsoft Windows operating systems. OpenBB also s…. Read more at securityfocus.com/bid/13624?ref=rss
Multiple Vendor Hyper-Threading Technology Information Disclosure Vulnerability
Hyper-Threading (HT) technology is simultaneous multithreading on certain Intel Pentium 4, and newer processors. HT is a method to create multiple virtual CPUs for operat…. Read more at securityfocus.com/bid/12724?ref=rss
PHPHeaven PHPMyChat Cross-site Scripting Vulnerablitiy
Sender: Megasky [magasky at hotmail dot com]
. Read more at securityfocus.com/archive/1/398167?ref=rss
Yahoo! Chat Add Buddy Without Consent Privacy Issue
Sender: Torseq Tech dot [bindshell at gmail dot com]. Read more at securityfocus.com/archive/1/398168?ref=rss
Yahoo! Messenger URL Handler Remote DoS Vulnerability
Sender: Torseq Tech dot [bindshell at gmail dot com]. Read more at securityfocus.com/archive/1/398164?ref=rss
Re: Windows image size crash
Sender: Oliver J dot Morais [oliver dot morais at chello dot at]
. Read more at securityfocus.com/archive/1/398166?ref=rss
Leave a Reply