Network Security News – Sunday, May 07, 2006 Events
IRIX dmplay DISPLAY String Local Overflow
A local overflow exists in IRIX. The dmplay program fails to check bounds on strings passed to the DISPLAY variable via the command line, resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code as root, resulting in a loss of integrity.. Read more at osvdb.org/1484
IRIX lpsched Long Argument Local Overflow
A remote overflow exists in IRIX. The lpsched fails to check bounds resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code on the system with root privileges, resulting in a loss of integrity.. Read more at osvdb.org/8572
FtrainSoft Fast Click show.php path Variable Remote File Inclusion
Fast Click contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to show.php not properly sanitizing user input supplied to the 'path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/25192
FtrainSoft Fast Click top.php path Variable Remote File Inclusion
Fast Click contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to top.php not properly sanitizing user input supplied to the 'path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/25289
Leave a Reply