BEA Tuxedo Domain Gateway Remote Domain ACL Bypass

Network Security News – Tuesday, August 09, 2005 Events

BEA Tuxedo Domain Gateway Remote Domain ACL Bypass

Tuxedo contains a flaw that may allow a malicious user to gain access to unauthorized services. The issue is triggered when specified authorization checks for remote services are ignored in outgoing requests and not performed by Tuxedo Domain gateways. This flaw may lead to a loss of confidentiality.. Read more at osvdb.org/18593

Lantonix Secure Console Server edituser Local Overflow

A local buffer overflow exists in the "edituser" comand on Lantronix console servers. The "edituser" command fails to check its command line arguments resulting in a stack overflow. With a specially crafted argument, an attacker can gain administrative privileges resulting in a full compromise.. Read more at osvdb.org/18597

PHPSiteStats Unspecified Login Bypass

PHPSiteStats contains a flaw related to the logon authentication script that may allow an attacker to bypass the login procedure. No further details have been provided.. Read more at osvdb.org/18588

SilverNews login.php username Field SQL Injection

SilverNews contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the "login.php" script not properly sanitizing user-supplied input to the username field. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/18517

Tor Unspecified Client Crypto Handshake Issue

Tor contains a flaw related to the crypto handshakes. No further details have been provided.. Read more at osvdb.org/18560

CA BrightStor ARCserve Backup Agent for Windows Long String Overflow

A remote stack-based buffer overflow exists in Brightstor Arcserve. The agent software fails to validate user-supplied input resulting in a long string overflow. With a specially crafted request of 3168 bytes to port 6070, an attacker can execute arbitrary code with System privilege resulting in a loss of confidentiality and integrity.. Read more at osvdb.org/18501

NetworkActiv Web Server Parameter XSS

NetworkActiv Web Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate input parameters before being returned to users. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity and confidentiality.. Read more at osvdb.org/18525

Atomic Photo Album apa_phpinclude.inc.php apa_module_basedir Variable Remote File Inclusion

Atomic Photo Album contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to apa_phpinclude.inc not properly sanitizing user input supplied to the apa_module_basedir variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/18265

HP NonStop Server DCE Core Services Crafted Request Remote DoS

HP NonStop Server contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted packet to the DCE Core Services occurs, and will result in loss of availability for the platform.. Read more at osvdb.org/18472

Kathi O'Shea Guestbook Guestbook.mdb User Database Remote Disclosure

Guestbook contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the guestbook.mdb file is stored in the server root by default, which will allow direct access to download the database file.. Read more at osvdb.org/18558