IRIX HOSTALIASES Core Dump DoS

Network Security News – Monday, June 26, 2006 Events

IRIX HOSTALIASES Core Dump DoS

IRIX contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user sets the HOSTALIASES variable to a malicious value, and will result in loss of availability for privileged processes that do name resolution using said variable.. Read more at osvdb.org/2058

PicoZip zipinfo.dll Multiple Archive Filename Processing Overflow

A remote overflow exists in PicoZip. The 'zipinfo.dll' fails to get info of ACE, RAR, or ZIP archives containing a file with a long filename resulting in a stack-based overflow. With a specially crafted request, an attacker can execute arbitrary code resulting in a loss of integrity.. Read more at osvdb.org/26447

HP-UX Support Tools Manager Unspecified Local DoS

HP-UX Support Tools Manager contains a flaw that may allow a local denial of service. The issue is triggered when an unspecified error occurs, and will result in loss of availability for the system.. Read more at osvdb.org/26622

Flipper Poll poll.php root_path Variable Remote File Inclusion

Flipper Poll contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to poll.php not properly sanitizing user input supplied to the 'root_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/26503

IRIX Bulk Data Service BDSPro Arbitrary File Access

IRIX contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious attacker uses the Bulk Data Service (BDS) to read arbitrary system files, resulting in a loss of confidentiality.. Read more at osvdb.org/11081

CHM Lib extract_chmLib Traversal Arbitrary File Overwrite

CHM Lib contains a flaw that allows a remote attacker to extract arbitrary files outside of the web path. The issue is due to the 'extract_chmLib' example program not properly sanitizing user input, specifically directory traversal style attacks (../../).. Read more at osvdb.org/26636

easy-CMS Multiple Extension File Upload Code Execution

Easy-CMS contains a flaw that may allow a malicious user to execute remote arbitrary code. The issue is triggered when a user uploads a file with multiple extensions. It is possible that the flaw may allow the upload of a malicious script inside the web root via the choose_file.php script resulting in a loss of integrity.. Read more at osvdb.org/26633

Bible Portal Project Admin/rtf_parser.php destination Variable Remote File Inclusion

Bible Portal Project contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to Admin/rtf_parser.php not properly sanitizing user input supplied to the 'destination' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/26598

aRts artswrapper Helper Application Local Privilege Escalation

aRts artswrapper contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered because the artswrapper helper application does not properly process setuid() function call failures. This flaw may lead to a loss of Confidentiality.. Read more at osvdb.org/26506

CMS Mundo Image Upload Handling Arbitrary PHP Code Execution

CMS Mundo contains a flaw that may allow a malicious user to execute arbitrary PHP code. The issue is triggered when a user uploads specific image files (not properly verified). It is possible that the flaw may allow arbitrary PHP scripts upload and execution resulting in a loss of integrity.. Read more at osvdb.org/26465

Vuln: Winged Gallery Thumb.PHP Cross-Site Scripting Vulnerability

Winged Gallery Thumb.PHP Cross-Site Scripting Vulnerability. Read more at securityfocus.com/bid/18629

Vuln: Cisco Secure ACS Authentication Bypass Vulnerability

Cisco Secure ACS Authentication Bypass Vulnerability. Read more at securityfocus.com/bid/18621

Vuln: Custom Dating Biz Multiple Input Validation Vulnerabilities

Custom Dating Biz Multiple Input Validation Vulnerabilities

. Read more at securityfocus.com/bid/18626

Vuln: SmartSiteCMS Inc_Foot.PHP Remote File Include Vulnerability

SmartSiteCMS Inc_Foot.PHP Remote File Include Vulnerability. Read more at securityfocus.com/bid/18628

Re: Cisco Secure ACS Weak Session Management Vulnerability

Re: Cisco Secure ACS Weak Session Management Vulnerability. Read more at securityfocus.com/archive/1/438258

Re: PHP security (or the lack thereof)

Re: PHP security (or the lack thereof)

. Read more at securityfocus.com/archive/1/438191

rPSA-2006-0110-1 kernel

rPSA-2006-0110-1 kernel. Read more at securityfocus.com/archive/1/438168

Re: Re: MS Excel Remote Code Execution POC Exploit

Re: Re: MS Excel Remote Code Execution POC Exploit. Read more at securityfocus.com/archive/1/438156