Network Security News – Monday, September 26, 2005 Events
Gallery Unspecified Small Security Issue
Gallery contains a flaw related to the input validation. No further details have been provided.. Read more at osvdb.org/19636
mwcollect PCRE Usage Unspecified DoS
mwcollect contains a flaw that relates to PCRE usage that may allow an attacker to perform a denial of service attack. No further details have been provided.. Read more at osvdb.org/19654
PBLang Private Message Reply Arbitrary User Encrypted Password Disclosure
PBLang contains a flaw that allows an unauthorized password disclosure. It is possible to gain access to encrypted passwords by loading arbitrary user's private message files by manipulating the URL after viewing your messages. Once another user's message is loaded, an attacker can view the source to see the user's password hash.. Read more at osvdb.org/19628
7-Zip ARJ Archive Processing Overflow
A local overflow exists in 7-Zip. 7-Zip contains a boundary error when handling an ARJ block that is larger than 2600 bytes resulting in a stack-based overflow. With a specially crafted request, an attacker can run arbitrary code resulting in a loss of integrity.. Read more at osvdb.org/19639
BLOG:CMS NP_Contact Unspecified Minor Security Issue
BLOG:CMS contains a flaw related to the NP_Contact. The vendor has indicated it is a "minor" issue. No further details have been provided.. Read more at osvdb.org/19638
PowerArchiver ACE/ARJ Archive Filename Overflow
A local overflow exists in PowerArchiver. PowerArchiver contains a boundary error when reading the filename of a compressed file from an ACE or ARJ archive resulting in a stack-based buffer overflow. With a specially crafted request, an attacker can cause allows arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/19651
SCO OpenServer authsh TERM Variable Local Overflow
A local overflow exists in SCO OpenServer. The 'authsh' program fails to validate the length of input to the TERM environment variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause an escalation of privileges resulting in a loss of integrity.. Read more at osvdb.org/8838
SCO OpenServer sysadm.menu TERM Variable Local Overflow
A local overflow exists in SCO OpenServer. The 'sysadm.menu' program fails to validate the length of input to the TERM environment variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause an escalation of privileges resulting in a loss of integrity.. Read more at osvdb.org/8841
SCO OpenServer backupsh TERM Variable Local Overflow
A local overflow exists in SCO OpenServer. The 'backupsh' program fails to validate the length of input to the TERM environment variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause an escalation of privileges resulting in a loss of integrity.. Read more at osvdb.org/8839
SCO OpenServer lpsh TERM Variable Local Overflow
A local overflow exists in SCO OpenServer. The 'lpsh' program fails to validate the length of input to the TERM environment variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause an escalation of privileges resulting in a loss of integrity.. Read more at osvdb.org/8840
Leave a Reply