Network Security News – Thursday, August 11, 2005 Events
Lantonix Secure Console Server listen_fifo_server Symlink Arbitrary Privileged File Overwrite
Lantronix Secure Console Server contains a flaw that may allow a malicious local user to modify arbitrary files on the system. Due to insecure permissions set on the /tmp directory, an attacker can exploit a race condition against the creation of the /tmp/listen_fifo_server pipe to modify arbitrary files on the system resulting in a loss of integrity.. Read more at osvdb.org/18595
Lantonix Secure Console Server Traversal Arbitrary Privileged Command Execution
Lantronix Secure Console Server contains a flaw that allows a local console user to execute system binaries. The issue is due to the console software not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the command line variables. Sysadmin user can abuse this bug to become root user, and gain privileges usally not granted by the console software.. Read more at osvdb.org/18596
Microsoft IE JPEG Rendering Memory Corruption Arbitrary Code Execution
Windows contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when an attacker causes the target to view a specially crafted JPEG file within Internet Explorer. It is possible that the flaw may allow memory corruption leading to arbitrary code execution, resulting in a loss of integrity.. Read more at osvdb.org/18610
Microsoft IE Web Folder Cross-Domain Code Execution
Windows contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when browsing from a Web page to a Web folder using WebDAV, and URLs are not properly validated by the Internet Explorer cross-domain security model, allowing an attacker to execute arbitrary code. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/18611
SlimFTPd Multiple Commands Remote Overflow
A local overflow exists in SlimFTPd. The LIST, DELE and RNFR commands fail to validate a string argument resulting in a stack overflow. With a specially crafted command, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/18172
Check Point VPN-1 SecuRemote/SecureClient Registry Information Disclosure
VPN-1 SecuRemote/SecureClient contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to encrypted passwords due to incorrect permissions on the HKLM/SOFTWARE/Checkpoint/SecureRemote/Credentials/ registry key, which may lead to a loss of confidentiality.. Read more at osvdb.org/18113
Comdev eCommerce config.php Remote File Inclusion
eCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to config.php not properly sanitizing user input supplied to the path[docroot] variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/18601
Microsoft IE COM Object Memory Corruption Arbitrary Code Execution
Windows contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when Internet Explorer does not properly call interface arguments when instantiating COM components in devenum.dll. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/18612
Leave a Reply