Network Security News – Wednesday, August 16, 2006 Events
NetWare Enterprise-Web-Server /com Directory Indexing
NetWare Enterprise-Web-Server contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when browsing the '/com' directory, which will disclose the contents of this directory resulting in a loss of confidentiality.. Read more at osvdb.org/13404
NetWare Enterprise-Web-Server /com/novell/webaccess Directory Indexing
NetWare Enterprise-Web-Server contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when browsing the '/com/novell/webaccess' directory, which will disclose the contents of this directory resulting in a loss of confidentiality.. Read more at osvdb.org/13403
NetWare Enterprise-Web-Server /com/novell/ Directory Indexing
NetWare Enterprise-Web-Server contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when browsing the '/com/novell/' directory, which will disclose contents of this directory resulting in a loss of confidentiality.. Read more at osvdb.org/13402
Mac OS X WebKit Malformed HTML Deallocated Object Access DoS
Mac OS X contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a specially crafted web page is parsed by WebKit, which caused a previously de-allocated object to be accessed. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/27744
LibTIFF tif_dirread.c TIFFFetchShortPair Function Overflow
A local overflow exists in LibTIFF. The TIFFFetchShortPair function fails to validate TIFF image files resulting in a stack overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/27723
LibTIFF Custom Tag Support Unspecified Issue
LibTIFF contains an unspecified local overflow related to custom tag support in the TIFF library that may allow an attacker to execute arbitrary code. No further details have been provided.. Read more at osvdb.org/27729
LibTIFF NeXT RLE Decoder Image Handling Overflow
A local overflow exists in LibTIFF. The NeXT RLE decoder fails to validate RLE image files resulting in a heap overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/27726
LibTIFF PixarLog Decoder Unspecified Overflow
A local overflow exists in LibTIFF. The PixarLog decoder fails to validate TIFF image files resulting in a heap overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/27725
Opera Crafted iframe Style Sheet Property Out-of-bounds DoS
Opera contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed 'iframe' tag is combined with JavaScript to create an out-of-bounds memory access, and will result in loss of availability for the browser.. Read more at osvdb.org/27511
Netious CMS IP Based Session ID Weakness
Netious CMS contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered by a session ID weakness in which the session ID is based on the client IP address and an attacker connects from the same IP address as a logged-on administrative user. This flaw may allow an attacker to gain unauthorized access to administrative privileges, leading to a loss of integrity.. Read more at osvdb.org/27789
Vuln: Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability
Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/19204
Leave a Reply