Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

MySQL Non-existent '–user' Error Incorrect Privilege Database Invocat

Network Security News – Friday, June 24, 2005 Events

MySQL Non-existent '–user' Error Incorrect Privilege Database Invocation

The MySQL database server contains a flaw that may allow the server to run under an unintented user account. The issue is triggered when the server is started using the –user option, but the specified user does not exist. It is possible that the flaw may increase the severity of other attacks.. Read more at osvdb.org/16727

FusionBB Category Permission Weakness Invisible Forum Disclosure

FusionBB contains a flaw that may allow a malicious user to access invisible forums. The issue is due to category permission weakness. An attacker can access the invisible forums by requesting a visible category of invisible fourms, resulting in a loss of confidentiality.. Read more at osvdb.org/17431

ATutor directory.php Multiple Variable XSS

Atutor contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'roles', 'status', 'submit' and 'reset_filter' variables upon submission to the directory.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/17359

Trac id Variable Arbitrary File Upload / Access

Trac contains a flaw that may allow a malicious user to upload and access arbitrary file. The issue is due to insufficient validation of 'id' variable. An attacker can supply arbitrary paths to attachement upload and viewer scripts, resulting in a loss of integrity.. Read more at osvdb.org/17398

FusionBB Invisible User Online Status Disclosure

FusionBB contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a user is configured to be invisible, but their online status may still be viewed in another user's buddy list or ignore list, which will disclose invisible user status information resulting in a loss of confidentiality.. Read more at osvdb.org/17430

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *