Hesk Helpdesk admin.php Crafted PHPSESSID Authentication Bypass

Network Security News – Thursday, September 22, 2005 Events

Hesk Helpdesk admin.php Crafted PHPSESSID Authentication Bypass

Hesk Helpdesk contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an invalid PHPSESSID is sent to admin.php, and then the session ID is used to access administrative functions. This flaw may lead to a loss of Confidentiality, Integrity and/or Availability.. Read more at osvdb.org/19572

Hesk Helpdesk Crafted PHPSESSID HTTP Header Path Disclosure

Hesk Helpdesk contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker sends an invalid PHPSESSID to admin.php, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/19573

Apple Safari data:// URI Handler Memory Corruption DoS

Apple Safari contains a flaw that may allow a URI to cause a denial of service. The issue is triggered when a malformed data:// URI is loaded, which will result in a crash of the browser.. Read more at osvdb.org/19569

A-CART Customer Database Exposure

A-CART contains a flaw that may lead to an unauthorized information disclosure. Өe acart2_0.mdb file is stored in the web root, which allows it to be downloaded by remote users. This will disclose customer and order information, resulting in a loss of confidentiality.. Read more at osvdb.org/4360

vBulletin /admincp/usertools.php ids Variable SQL Injection

vBulletin contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the /admincp/usertools.php script not properly sanitizing user-supplied input to the 'ids' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/19537

vBulletin /admincp/template.php Multiple Variable XSS

vBulletin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'hex', 'rgb' or 'expandset' variables upon submission to the /admincp/template.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19543

vBulletin /admincp/replacement.php do Variable XSS

vBulletin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'do' variable upon submission to the /admincp/replacement.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19556

vBulletin File Upload Arbitrary Command Execution

vBulletin contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered when a remote authenticated attacker uploads a crafted file then directly requests it. Because the system does not fully validate file types or extensions, it will allow files with arbitrary commands to be uploaded and executed.. Read more at osvdb.org/19560

vBulletin /admincp/usertools.php POST Method Variable Manipulation

vBulletin contains a flaw that may allow a malicious user to manipulate arbtirary variables in the /admincp/usertools.php script. No further details have been provided.. Read more at osvdb.org/19545

vBulletin /admincp/language.php XSS

vBulletin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user supplied input upon submission to the /admincp/language.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/19554

Vuln: Symantec Brightmail AntiSpam Winmail.DAT Decomposer Denial Of Service Vulnerability

Symantec Brightmail AntiSpam Winmail.DAT Decomposer Denial Of Service Vulnerability. Read more at securityfocus.com/bid/14758

Vuln: Symantec Brightmail AntiSpam Deeply Nested Zip File Denial Of Service Vulnerability

Symantec Brightmail AntiSpam Deeply Nested Zip File Denial Of Service Vulnerability. Read more at securityfocus.com/bid/14757

Vuln: Mall23 AddItem.ASP SQL Injection Vulnerability

Mall23 AddItem.ASP SQL Injection Vulnerability

. Read more at securityfocus.com/bid/14898

Vuln: Simplog Multiple SQL Injection Vulnerabilities

Simplog Multiple SQL Injection Vulnerabilities. Read more at securityfocus.com/bid/14897

Re: Paper – How It’s Difficult to Ruin a Good Name: An Analysis of Reputational Risk

Re: Paper – How It’s Difficult to Ruin a Good Name: An Analysis of Reputational Risk. Read more at securityfocus.com/archive/1/411325

[security bulletin] SSRT5988 rev.1 – HP Tru64 Unix libXpm Remote Denial of Service (DoS) or Execute Privileged Code

[security bulletin] SSRT5988 rev.1 – HP Tru64 Unix libXpm Remote Denial of Service (DoS) or Execute Privileged Code. Read more at securityfocus.com/archive/1/411324

PocketPC exploitation

PocketPC exploitation

. Read more at securityfocus.com/archive/1/411312

Paper – How It’s Difficult to Ruin a Good Name: An Analysis of Reputational Risk

Paper – How It’s Difficult to Ruin a Good Name: An Analysis of Reputational Risk. Read more at securityfocus.com/archive/1/411310