Multiple Unix Vendor passwd Malformed ulimit /etc/passwd Manipulation

Network Security News – Saturday, September 17, 2005 Events

Multiple Unix Vendor passwd Malformed ulimit /etc/passwd Manipulation

passwd contains an implementation flaw that may allow a local denial of service. The issue is triggered when the 'passwd' command is used in an environment with a very small ulimit value. If /etc/passwd is larger than the ulimit, use of the 'passwd' command will result in a truncated /etc/passwd file. If ulimit was set to
0 the /etc/passwd file will be empty, which will invalidate all password authentication attempts, and result in a loss of availability.. Read more at osvdb.org/3814

Sawmill Web Server XSS

Sawmill contains a flaw that allows a remote cross site scripting attack. This flaw exists because the server does not validate any query string appended to a GET request. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19254

Lotus Domino CitiPayPro.nsf SubPayrollExceptionsFS Src Variable XSS

Lotus Domino contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Src' variable within the 'SubPayrollExceptionsFS' frame upon submission to the 'CitiPayPro.nsf' data file. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19424

Lotus Domino CitiPayPro.nsf SubReportFS Src Variable XSS

Lotus Domino contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Src' variable within the 'SubReportFS' frame upon submission to the 'CitiPayPro.nsf' data file. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19427

Lotus Domino CitiPayPro.nsf SubReportsPEFS2 Src Variable XSS

Lotus Domino contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Src' variable within the 'SubReportsPPFS2' frame upon submission to the 'CitiPayPro.nsf' data file. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19429

Lotus Domino CitiPayPro.nsf WNAV BaseTarget Variable XSS

Lotus Domino contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'BaseTarget' variable within the 'WNAV' frame upon submission to the 'CitiPayPro.nsf' data file. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19423

Lotus Domino CitiPayPro.nsf Footer BaseTarget Variable XSS

Lotus Domino contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'BaseTarget' variable within the 'Footer' frame upon submission to the 'CitiPayPro.nsf' data file. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19422

Lotus Domino CitiPayPro.nsf SubDocumentExchangeFS Src Variable XSS

Lotus Domino contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Src' variable within the 'SubDocumentExchangeFS' frame upon submission to the 'CitiPayPro.nsf' data file. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19426

Lotus Domino CitiPayPro.nsf SubFS Src Variable XSS

Lotus Domino contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Src' variable within the 'SubFS' frame upon submission to the 'CitiPayPro.nsf' data file. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19425

Lotus Domino CitiPayPro.nsf SubPaymentProcessingFS Src Variable XSS

Lotus Domino contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Src' variable within the 'SubPaymentProcessingFS' frame upon submission to the 'CitiPayPro.nsf' data file. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19428

Vuln: XFree86 Pixmap Allocation Local Privilege Escalation Vulnerability

XFree86 Pixmap Allocation Local Privilege Escalation Vulnerability. Read more at securityfocus.com/bid/14807

Vuln: PHPNuke Multiple SQL Injection Vulnerabilities

PHPNuke Multiple SQL Injection Vulnerabilities. Read more at securityfocus.com/bid/14815

Vuln: Util-Linux UMount Remounting Filesystem Option Clearing Vulnerability

Util-Linux UMount Remounting Filesystem Option Clearing Vulnerability

. Read more at securityfocus.com/bid/14816

Vuln: Linux Kernel Sendmsg() Local Buffer Overflow Vulnerability

Linux Kernel Sendmsg() Local Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/14785

Re: PHP SESSION MODIFICATION

Re: PHP SESSION MODIFICATION. Read more at securityfocus.com/archive/1/410902

Greyhats Security back online

Greyhats Security back online. Read more at securityfocus.com/archive/1/410909

Re: [Full-disclosure] FireFox Host: Buffer Overflow is not just exploitable on FireFox

Re: [Full-disclosure] FireFox Host: Buffer Overflow is not just exploitable on FireFox

. Read more at securityfocus.com/archive/1/410908

Re: worring about YaST in SuSE 9.3 and maybe lower

Re: worring about YaST in SuSE 9.3 and maybe lower. Read more at securityfocus.com/archive/1/410912