Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

Hosting Controller editplanopt3.asp Crafted Request DoS

Network Security News – Tuesday, August 02, 2005 Events

Hosting Controller editplanopt3.asp Crafted Request DoS

Hosting Controller contains a flaw that may allow a remote denial of service. The issue is triggered when requesting the 'editplanopt3.asp' script directly, which causes the 'inetinfo.exe' process to consume all available CPU resources resulting in a loss of availability.. Read more at osvdb.org/17904

Hosting Controller planmanager.asp Crafted Request DoS

Hosting Controller contains a flaw that may allow a remote denial of service. The issue is triggered when requesting the 'planmanager.asp' script either directly or with specific parameters, which causes the 'inetinfo.exe' process to consume all available CPU resources resulting in a loss of availability.. Read more at osvdb.org/17902

Hosting Controller plansettings.asp Crafted Request DoS

Hosting Controller contains a flaw that may allow a remote denial of service. The issue is triggered when requesting the 'plansettings.asp' script with specific parameters, which causes the 'inetinfo.exe' process to consume all available CPU resources resulting in a loss of availability.. Read more at osvdb.org/17903

Hosting Controller planmanagerstep1.asp Arbitrary Unrestricted Plan Creation

Hosting Controller contains a flaw that may allow a remote attacker to create arbitrary plans. The problem is that the application does not restrict access to the 'planmanagerstep1.asp' script, which may allow an authenticated remote attacker to create arbitrary plans resulting in a loss of integrity.. Read more at osvdb.org/17917

Hosting Controller IISManagerDB.asp Search Field SQL Injection

Hosting Controller contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'IISManagerDB.asp' script not properly sanitizing user-supplied input to the 'search' field. This may allow an authenticated remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17901

Hosting Controller listreason.asp ListReason Variable SQL Injection

Hosting Controller contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'listreason.asp' script not properly sanitizing user-supplied input to the 'ListReason' variable. This may allow an authenticated remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17905

Hosting Controller plandetails.asp hostcustid Variable SQL Injection

Hosting Controller contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'plandetails.asp' script not properly sanitizing user-supplied input to the 'hostcustid' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17918

Hosting Controller AccountManager.asp Search Field SQL Injection

Hosting Controller contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'AccountManager.asp' script not properly sanitizing user-supplied input to the 'search' field. This may allow an authenticated remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17900

Hosting Controller addsubsite_online.asp Remote Privilege Escalation

Hosting Controller contains a flaw that may allow a remote attacker to gain access to unauthorized privileges. With a specially crafted request to the 'addsubsite_online.asp' script, an authenticated remote attacker can create arbitrary privileged accounts resulting in a loss of integrity.. Read more at osvdb.org/17899

Hosting Controller editplanopt1.asp planid Variable Arbitrary Plan Disclosure

Hosting Controller contains a flaw that may lead to an unauthorized information disclosure. The issue is due to the 'editplanopt1.asp' script not properly sanitizing user-supplied input to the 'planid' variable, which may allow a remote attacker to arbitrarily disclose plans resulting in a loss of confidentiality.. Read more at osvdb.org/17915

Vuln: ProFTPD SQLShowInfo SQL Output Format String Vulnerability

ProFTPD SQLShowInfo SQL Output Format String Vulnerability. Read more at securityfocus.com/bid/14380

Vuln: Immunity CANVAS Unspecified Remote Vulnerability

Immunity CANVAS Unspecified Remote Vulnerability. Read more at securityfocus.com/bid/14446

Vuln: Info-ZIP UnZip Privilege Escalation Vulnerability

Info-ZIP UnZip Privilege Escalation Vulnerability

. Read more at securityfocus.com/bid/14447

Vuln: Trend Micro OfficeScan POP3 Module Shared Section Insecure Permissions Vulnerability

Trend Micro OfficeScan POP3 Module Shared Section Insecure Permissions Vulnerability. Read more at securityfocus.com/bid/14448

[ GLSA 200508-02 ] ProFTPD: Format string vulnerabilities

[ GLSA 200508-02 ] ProFTPD: Format string vulnerabilities. Read more at securityfocus.com/archive/1/406998

[security bulletin] SSRT5931 rev.1 Apache on HP-UX Remote Denial of Service and client restriction bypass

[security bulletin] SSRT5931 rev.1 Apache on HP-UX Remote Denial of Service and client restriction bypass. Read more at securityfocus.com/archive/1/406996

ChurchInfo Multiple Vulnerabilities

ChurchInfo Multiple Vulnerabilities

. Read more at securityfocus.com/archive/1/406959

TSLSA-2005-0038 – multi

TSLSA-2005-0038 – multi. Read more at securityfocus.com/archive/1/406960

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *