Network Security News – Friday, July 22, 2005 Events
tcpdump bgp_update_print() Function Malformed BGP Protocol Data DoS
tcpdump contains a flaw that may allow a remote denial of service. The issue is triggered when a crafted BGP packet is parsed, causing an infinite loop, and will result in loss of availability for the service.. Read more at osvdb.org/17227
Cisco Spoofed EIGRP Packet Saturation DoS
Cisco IOS contains a flaw that may allow a remote denial of service. The issue is triggered when a flood of spoofed EIGRP neighbor annoucements are sent, causing an ARP storm of address lookups, and will result in loss of availability for the network segment.. Read more at osvdb.org/18055
Oracle E-Business Suite SQL portal.wpg_session Unspecified Input Manipulation Issue
Oracle E-Business Suite contain an unspecified flaw related to the Oracle Net component that may allow an attacker connected with a valid session to compromise the confidentiality and/or integrity of a server via SQL injection or parameter manipulation. No further details have been provided.. Read more at osvdb.org/18046
Oracle E-Business Suite SQL owf_mgr.wf_event_html Unspecified Input Manipulation Issue
Oracle E-Business Suite contain an unspecified flaw related to the Oracle Net component that may allow an attacker connected with a valid session to compromise the confidentiality and/or integrity of a server via SQL injection or parameter manipulation. No further details have been provided.. Read more at osvdb.org/18047
Oracle E-Business Suite HTTP Remote Unspecified Input Manipulation Issue
Oracle E-Business Suite contains an unspecified flaw related to the HTTP server that may allow a remote attacker to compromise the confidentiality and/or integrity of a server via SQL injection or parameter manipulation. No further details have been provided.. Read more at osvdb.org/18121
Oracle E-Business Suite HTTP Authenticated Unspecified Input Manipulation Issue
Oracle E-Business Suite contain an unspecified flaw related to the HTTP server that may allow an attacker connected with a valid session to compromise the confidentiality and/or integrity of a server via SQL injection or parameter manipulation. No further details have been provided.. Read more at osvdb.org/18044
Oracle Express Server Unauthenticated Trivial Remote DoS
Oracle Express Server contains a flaw that may allow a trivial unspecified denial of service, and will result in loss of availability for the service.. Read more at osvdb.org/18019
Oracle Database Link Creation Unspecified Issue
Oracle Database Server contains a flaw related to the core database that may allow an attacker to compromise the integrity and/or availability of a server. No further details have been provided.. Read more at osvdb.org/18023
Oracle Component Registry dbms_registry Issue
Oracle Component Registry contains an unspecified flaw that may allow an authenticated malicious user to compromise the integrity and/or confidentiality of a server. No further details have been provided.. Read more at osvdb.org/18021
Oracle XML Database HTTP Limited Information Disclosure
Oracle Database Server contains an unspecified flaw related to the XML database that may allow an attacker to trivially compromise the confidentiality of a server. No further details have been provided.. Read more at osvdb.org/18024
Leave a Reply