CuteNews show.inc.php Direct Request Path Disclosure

Network Security News – Tuesday, May 09, 2006 Events

CuteNews show.inc.php Direct Request Path Disclosure

CuteNews contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the inc/show.inc.php script is directly requested, which will disclose the installation path resulting in a loss of confidentiality.. Read more at osvdb.org/25305

X7 Chat avatar Variable XSS

X7 Chat contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'avatar' variable when setting the URL for a remote avatar image. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/25303

CuteNews search.php Multiple Variable XSS

CuteNews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'story', 'title', and 'user' variables upon submission to the search.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/25304

CuteNews functions.inc.php Direct Request Path Disclosure

CuteNews contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the inc/functions.php script is directly requested, which will disclose the installation path resulting in a loss of confidentiality.. Read more at osvdb.org/25306

Linux Kernel dm-crypt Local Cryptographic Key Disclosure

The Linux kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered because 'dm-crypt' does not zero out the 'struct crypt_config' structure before it is freed, potentially leaking cryptographic key information, resulting in a loss of confidentiality.. Read more at osvdb.org/22418

Linux Kernel get_nodes() Function Crafted Value Local DoS

The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'get_nodes' function is called with a 'maxnodes' argument between ((-2 * (BITS_PER_LONG – 1) and 0, and will result in loss of availability for the platform.. Read more at osvdb.org/23895

Linux Kernel nfs2acl.c Exported NFS readonly ACL Bypass

The Linux kernel contains a flaw that may allow a malicious user to perform unauthorised actions. The issue is triggered because attackers can set permissions on exported NFS shares flagged as 'read-only'. This flaw may result in a loss of integrity.. Read more at osvdb.org/22179

VWar admin.php vwar_root Variable Remote File Inclusion

VWar contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'admin.php' not properly sanitizing user input supplied to the 'vwar_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/25301

WebCalendar Login User Account Enumeration

WebCalendar contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when invalid credentials are provided to the application. The application responds with different messages to valid and invalid user name/password combinations, allowing an attacker to enumerate valid user names and resulting in a loss of confidentiality.. Read more at osvdb.org/25280

Web4Future Portal Solutions comentarii.php ID Variable SQL Injection

Portal Solutions contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'comentarii.php' script not properly sanitizing user-supplied input to the 'ID' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/25285

Vuln: GDK-Pixbuf BMP Image Processing Double Free Remote Denial of Service Vulnerability

GDK-Pixbuf BMP Image Processing Double Free Remote Denial of Service Vulnerability. Read more at securityfocus.com/bid/12950

Vuln: GDK-Pixbuf Multiple Vulnerabilities

GDK-Pixbuf Multiple Vulnerabilities. Read more at securityfocus.com/bid/11195

Vuln: Intervations FileCopa User Command Remote Buffer Overflow Vulnerability

Intervations FileCopa User Command Remote Buffer Overflow Vulnerability

. Read more at securityfocus.com/bid/17881

Vuln: VP-ASP Shopping Cart Shopcurrency.ASP SQL Injection Vulnerability

VP-ASP Shopping Cart Shopcurrency.ASP SQL Injection Vulnerability. Read more at securityfocus.com/bid/17882

Re: SYMSA-2006-003: Cisco Secure ACS for Windows – Administrator Password Disclosure

Re: SYMSA-2006-003: Cisco Secure ACS for Windows – Administrator Password Disclosure. Read more at securityfocus.com/archive/1/433301

VSR Advisory: WebSense content filter bypass when deployed in conjunction with Cisco filtering devices

VSR Advisory: WebSense content filter bypass when deployed in conjunction with Cisco filtering devices

. Read more at securityfocus.com/archive/1/433278

PHPFusion <= v6.00.306 avatar mod_mime arbitrary file upload & local inclusion vulnerabilities

PHPFusion <= v6.00.306 avatar mod_mime arbitrary file upload & local inclusion vulnerabilities. Read more at securityfocus.com/archive/1/433277

Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1

Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1. Read more at securityfocus.com/archive/1/433280