Network Security News Monitor - Saturday, April 29, 2006 Events

SpeedProject Multiple Product ACE Archive Handling Overflow

A remote overflow exists in Squeez and SpeedCommander. Squeez and SpeedCommander fails to handle an ACE archive that contains a file with an overly long filename resulting in a stack-based buffer overflow. With a specially crafted request, an attacker can execute arbitrary code resulting in a loss of integrity.. Read more.

Instant Photo Gallery portfolio_photo_popup.php id Variable SQL Injection

Instant Photo Gallery contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the portfolio_photo_popup.php script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.

IRIX rpcbind -w Option Symlink Arbitrary File Overwrite

IRIX contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to rpcbind creating files insecurely when used with the '-w' option. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.. Read more.

IRIX IPv6 Capability snoop Unspecified Privilege Escalation

IRIX contains a flaw related to the snoop network protocol analyzer that may allow undisclosed attacks under IPv6, due to a failure to properly handle packets. No further details have been provided.. Read more.

DevBB member.php member Variable XSS

DevBB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'member' variables upon submission to the member.php script. This could allow a user to create a specially crafted URL that would execute arbitrary HTML and script code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more.