NPDS Modules.php Lettre Variable XSS

Network Security News – Friday, June 03, 2005 Events

NPDS Modules.php Lettre Variable XSS

NPDS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'lettre' variable upon submission to the 'modules.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/16922

Nortel VPN Router Malformed IKE Packet DoS

Nortel VPN Router contains a flaw that may allow a remote denial of service. The issue is triggered by sending a single IPsec IKE packet with a malformed ISAKMP header. On receipt of this malformed packet, the VPN router will crash immediately. It was also noted that the router does not log the malformed packet, even at maximum level logging. This will result in loss of availability for the VPN Router.. Read more at osvdb.org/16918

phpBB common.php IP Spoofing Access Bypass

phpBB contains a flaw that may allow a remote attacker to circumvent administrative user management. The issue is triggered by specifying a spoofed IP address in the 'HTTP_X_FORWARDED_FOR' header, which may allow a remote attacker to bypass access restrictions resulting in a loss of integrity.. Read more at osvdb.org/7815

phpBB prefs.php l_statsblock Variable Arbitrary Code Execution

phpBB contains a flaw that may allow a remote attacker to execute arbitrary PHP code. The issue is due to the 'l_statsbloc' variable in the 'prefs.php' script not being properly sanitized and may allow a remote attacker to execute arbitrary PHP code resulting in a loss of integrity.. Read more at osvdb.org/4274

phpBB prefs.php Multiple Variable SQL Injection

phpBB contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'viewemail' and 'lang' variable in the 'prefs.php' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/4273

Cherokee Web Server Traversal Arbitrary File Access

Cherokee Web Server contains a flaw that allows a remote attacker to read files outside of the web path. The issue is due to the program not properly sanitizing user input in browser requests, specifically traversal style attacks (../../). Due to a related flaw, Cherokee does not properly drop privileges, allowing an attacker to read any files on the system with root permissions.. Read more at osvdb.org/16980