Network Security News Monitor - Monday, April 24, 2006 Events

PMTool inc/project.inc.php order Variable SQL Injection

PMTool contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'inc/project.inc.php' script not properly sanitizing user-supplied input to the 'order' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.

PMTool inc/user.inc.php order Variable SQL Injection

PMTool contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'inc/user.inc.php' script not properly sanitizing user-supplied input to the 'order' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.

Linux Kernel ip_route_input() Multi-cast IP Request Local DoS

The Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when a route for a multicast IP address is requested, and will result in a kernel panic cause by a NULL pointer dereference, and therefore lead to loss of availability for the platform.. Read more.

PMTool inc/customer.inc.php order Variable SQL Injection

PMTool contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'inc/customer.inc.php' script not properly sanitizing user-supplied input to the 'order' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.

Cisco Catalyst Enable Access Authentication Bypass

Cisco Catalyst 4000, 6000, and 6500 switches contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered due an an error in the local authentication mechanism. This flaw may lead to a loss of Integrity.. Read more.

Cisco Multiple Product Unspecified Compressed DNS Message DoS (1)

Cisco's DNS implementation in certain products contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted DNS packet(s), and will result in loss of availability for the devices. No further details have been provided.. Read more.

Cisco Multiple Product Misconfigured TACACS+ Server Authentication Bypass

Cisco TACACS+ contains a flaw that may allow a malicious user to bypass authentication. The issue is triggered when the TACACS+ configuration lacks the 'tacacs-server host' command. It is possible that the flaw may allow a malicious user to bypass authentication, resulting in a loss of confidentiality.. Read more.

Linux Kernel x87 Register Information Disclosure

The Linux kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered because the Floating Point Units (FPUs) of the affected processor types do not save and restore the FOP, FID and FPD registers when certain instructions are executed. As a result, Linux does not clear these registers either. When a context switch occurs, a user can potentially read these uncleared registers which could disclose floating point information, resulting in a loss of confidentiality.. Read more.

Monster Top List sources/functions.php root_path Variable Remote File Inclusion

Monster Top List contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to sources/functions.php not properly sanitizing user input supplied to the 'root_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more.

Cisco Security Agent Packet Handling DoS

Cisco Security Agent contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends malformed packets to a CSA protected host, and will result in loss of availability for the host.. Read more.