Network Security News Monitor - Sunday, May 07, 2006 Events

IRIX dmplay DISPLAY String Local Overflow

A local overflow exists in IRIX. The dmplay program fails to check bounds on strings passed to the DISPLAY variable via the command line, resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code as root, resulting in a loss of integrity.. Read more.

IRIX lpsched Long Argument Local Overflow

A remote overflow exists in IRIX. The lpsched fails to check bounds resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code on the system with root privileges, resulting in a loss of integrity.. Read more.

FtrainSoft Fast Click show.php path Variable Remote File Inclusion

Fast Click contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to show.php not properly sanitizing user input supplied to the 'path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more.

FtrainSoft Fast Click top.php path Variable Remote File Inclusion

Fast Click contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to top.php not properly sanitizing user input supplied to the 'path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more.