Network Security News – Thursday, August 10, 2006 Events
Sun N1 Grid Engine Unspecified Local Overflows
Multiple local overflows exists in Sun N1 Grid Engine. The N1 Grid Engine fails to check unspecified boundaries resulting in various buffer overflows. This flaw could be exploited by local users and it may be possible to execute arbitrary code to gain elevated privileges resulting in a loss of integrity.. Read more at osvdb.org/27639
PHP phpinfo() Function Long Array XSS
PHP contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not correctly validate large array values upon submission to the phpinfo() function. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24484
Mac OS X ImageIO Radiance Image Processing Overflow
A local overflow exists in Mac OS X. ImageIO fails to validate Radiance files resulting in a buffer overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/27740
Fetchmail UIDL POP3 Server Response Overflow
A remote overflow exists in fetchmail. The POP3 code fails to validate responses from the server resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/18174
Mac OS X AFP Server Malformed Request DoS
Mac OS X contains an unspecified flaw that may allow a remote denial of service. The issue is triggered when an attacker sends an invalid AFP request to the server, and will result in loss of availability.. Read more at osvdb.org/27733
PHPFormMail aliases XSS
PHPFormMail contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate aliases upon submission to formmail.php. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/12496
Mac OS X AFP Server Unspecified Overflow
An unspecified remote overflow exists in Mac OS X. The AFP server fails to validate requests from an authenticated user resulting in an integer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/27731
IBM Informix Dynamic Server ifx_file_to_file() Function Overflow
Informix Dynamic Server contains an unspecified flaw related to an overflow in the ifx_file_to_file() function that may allow an attacker to execute arbitrary code. No further details have been provided.. Read more at osvdb.org/27693
IBM Informix Dynamic Server Unauthorized Database Creation
Informix Dynamic Server contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered by default permissions that allow any authenticated user to create a database. This flaw may lead to a loss of integrity.. Read more at osvdb.org/27692
IBM Informix Dynamic Server sysmaster Multiple Procedure Arbitrary Command Execution
Informix Dynamic Server contains an unspecified flaw related to the dbimp and dbexp procedures in sysmaster that may allow an attacker to execute arbitrary code. No further details have been provided.. Read more at osvdb.org/27684
Vuln: Mercury Mail Multiple Remote IMAP Stack Buffer Overflow Vulnerabilities
Mercury Mail Multiple Remote IMAP Stack Buffer Overflow Vulnerabilities. Read more at securityfocus.com/bid/11775
Vuln: SecureCRT SSH1 Identifier String Buffer Overflow Vulnerability
SecureCRT SSH1 Identifier String Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/5287
Leave a Reply