PortailPHP mod_forum/read_message.php id Variable SQL Injection

Network Security News – Sunday, August 14, 2005 Events

PortailPHP mod_forum/read_message.php id Variable SQL Injection

PortailPHP contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'read_message.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/18685

SysCP phpmyadmin Arbitrary Database Creation

SysCP contains a flaw that may allow a remote attacker to arbitrarily create databases. The issue is triggered due to the application not sanitizing user-supplied input. By using an underscore ('_') as a SQL prefix, it is possible for a remote attacker to arbitrarily create databases with phpmyadmin resulting in a loss of integrity.. Read more at osvdb.org/18564

Business Objects Enterprise/Crystal Reports Crafted Request crystalras.exe DoS

Business Objects Enterprise XI/Crystal Reports XI contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted request is submitted causing a crash in the crystalras.exe module, and will result in loss of availability for the reporting service.. Read more at osvdb.org/18473

FreeBSD IPsec AES-XCBC-MAC Persistant Key Use

FreeBSD contains a programming error in the implementation of the AES-XCBC-MAC algorithm which may result in the constant key being used. If identity of the source system protects access to sensitive information or systems,
this may result in information disclosure or privilege escalation.. Read more at osvdb.org/18297

Linux Kernel Keyring Management KEYCTL_JOIN_SESSION_KEYRING DoS

Linux contains a flaw that may allow a local denial of service. The issue is triggered when a user causes the system to attempt to allocate a new session keyring after either the user's key quota has been reached, or if the new keyring name is blank or is too long, and will result in loss of availability for the keyring management service.. Read more at osvdb.org/18652

Linux Kernel Malformed Keyring Addition DoS

Linux contains a flaw that may allow a local denial of service. The issue is triggered when a user attempts to add a keyring with anything other than an empty description payload. Creation of the keyring will fail, and when the system attempts to remove the keyring from the name list, a kernel crash will occur, and will result in loss of availability for the operating system.. Read more at osvdb.org/18651

WordPress Cookie cache_lastpostdate Variable Arbitrary PHP Code Execution

WordPress contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to functions.php not properly sanitizing user input supplied in the cache_lastpostdate cookie. This may allow an attacker to include PHP code that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/18672