Affix btsrv Crafted Filename Arbitrary Shell Command Injection

Network Security News – Friday, July 15, 2005 Events

Affix btsrv Crafted Filename Arbitrary Shell Command Injection

Affix contains a flaw that may allow a malicious user to execute arbitrary commands with the rights of the btsrv server. The issue is triggered when the ftp put command is used with malicious parameters. It is possible that the flaw may allow remote code execution resulting in a loss of integrity.. Read more at osvdb.org/17853

Affix btftp Client OBEX File Share Filename Overflow

A remote overflow exists in Affix bluetooth btftp client. The Affix bluetooth btftp client fails to handle long filenames resulting in a buffer overflow. With a specially crafted filename, an attacker can cause arbitrary code execution on the client resulting in a loss of integrity.. Read more at osvdb.org/17852

UBB.threads Rating System Main Parameter SQL Injection

UBB.threads contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'Rating System' not properly sanitizing user-supplied input to the 'Main' parameter. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17533

UBB.threads viewmessage.php message Variable SQL Injection

UBB.threads contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'viewmessage.php' script not properly sanitizing user-supplied input to the 'message' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17529

UBB.threads modifypost.php Number Variable SQL Injection

UBB.threads contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'modifypost.php' script not properly sanitizing user-supplied input to the 'Number' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17527

UBB.threads mailthread.php Number Variable SQL Injection

UBB.threads contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'mailthread.php' script not properly sanitizing user-supplied input to the 'Number' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17528

UBB.threads notifymod.php Number Variable SQL Injection

UBB.threads contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'notifymod.php' script not properly sanitizing user-supplied input to the 'Number' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17531

UBB.threads addfav.php main Variable SQL Injection

UBB.threads contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'addfav.php' script not properly sanitizing user-supplied input to the 'main' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17530

UBB.threads calendar.php Multiple Variable SQL Injection

UBB.threads contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'calendar.php' script not properly sanitizing user-supplied input to the 'year' or 'month' variables. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17526

UBB.threads grabnext.php posted Variable SQL Injection

UBB.threads contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'grabnext.php' script not properly sanitizing user-supplied input to the 'posted' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17532

Vuln: Simple Message Board User.CFM Cross-Site Scripting Vulnerability

Simple Message Board User.CFM Cross-Site Scripting Vulnerability. Read more at securityfocus.com/bid/14267

Vuln: Simple Message Board Forum.CFM Cross-Site Scripting Vulnerability

Simple Message Board Forum.CFM Cross-Site Scripting Vulnerability. Read more at securityfocus.com/bid/14266

Vuln: Sophos Anti-Virus BZip2 Archive Handling Remote Denial Of Service Vulnerability

Sophos Anti-Virus BZip2 Archive Handling Remote Denial Of Service Vulnerability

. Read more at securityfocus.com/bid/14270

Vuln: Macromedia JRun Unauthorized Session Access Vulnerability

Macromedia JRun Unauthorized Session Access Vulnerability. Read more at securityfocus.com/bid/14271

iDEFENSE Security Advisory 07.14.05: Sophos Anti-Virus Zip File Handling DoS Vulnerability

iDEFENSE Security Advisory 07.14.05: Sophos Anti-Virus Zip File Handling DoS Vulnerability. Read more at securityfocus.com/archive/1/405221

XSS in forums Simple Message Board Version 2.0 Beta 1

XSS in forums Simple Message Board Version 2.0 Beta 1. Read more at securityfocus.com/archive/1/405204

Re: [Full-disclosure] ICMP Security Vulnerabilities – NEW (cough)

Re: [Full-disclosure] ICMP Security Vulnerabilities – NEW (cough)

. Read more at securityfocus.com/archive/1/405209

[SM-ANNOUNCE] Patch available for CAN-2005-2095

[SM-ANNOUNCE] Patch available for CAN-2005-2095. Read more at securityfocus.com/archive/1/405200