• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Microsoft Windows SeDebugPrivilege NtSystemDebugControl Function Privilege Escal

Network Security News – Friday, October 07, 2005 Events

Microsoft Windows SeDebugPrivilege NtSystemDebugControl Function Privilege Escalation

Microsoft Windows contains a flaw that may allow a malicious local user to gain elevated privileges. The issue is triggered due to flaws in the NtSystemDebugControl kernel debugging function. It is possible that the flaw may allow execution of arbitrary code on the system with kernel mode privileges resulting in a loss of integrity.. Read more at osvdb.org/19857

FreeBSD /dev/iir Permission Weakness Privilege Escalation

FreeBSD contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when default permissions allow a malicious user to open a /dev/iir device node and execute ioctl calls. By sending commands to iir(4) driver hardware via ioctl calls, a local user can destroy or possibly disclose data. This flaw may lead to a loss of confidentiality, integrity and/or availability.. Read more at osvdb.org/16090

FreeBSD i386_get_ldt() Function Arbitrary Kernel Memory Disclosure

FreeBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious user supplies negative or excessive values as an argument to the i386_get_ldt() system call, which will disclose arbitrary portions of kernel memory resulting in a loss of confidentiality.. Read more at osvdb.org/16092

UW-imapd Netmailbox Name mail_valid_net_parse_work() Function Overflow

A remote overflow exists in UW-imapd. The mail_valid_net_parse_work() function in 'src/c-client/mail.c' fails to properly validate the user-supplied mailbox name resulting in a stack overflow. With a specially crafted request, a remote authenticated attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/19856

Mac OS X securityd Unspecified Local Privilege Escalation

Mac OS X contains an unspecified flaw in Authorization Services that may allow a malicious user to gain access to unauthorized privileges. This flaw may lead to a loss of integrity.. Read more at osvdb.org/19711

Mac OS X SecurityAgent "Switch User…" Arbitrary Account Authentication Bypass

Mac OS X contains a flaw that may allow a malicious user to gain unauthorized access to a locked desktop. The issue is triggered when the "Switch User…" button appears in the screensaver Unlock Dialog, even with Fast User Switching disabled. It is possible that the flaw may allow the currently logged-in user's desktop to be displayed without a password resulting in a loss of confidentiality and/or integrity.. Read more at osvdb.org/19710

Mac OS X Mail.app auto-reply Rule Encrypted Message Cleartext Disclosure

Mac OS X contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when Mail.app processes an auto-reply rule for an encrypted message, which will include the decrypted contents of the original mail in the reply resulting in a loss of confidentiality.. Read more at osvdb.org/19704

Mac OS X ImageIO GIF Processing Overflow

An unspecified local overflow exists in Mac OS X. The ImageIO library fails to validate GIF image files resulting in a buffer overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/19703

WoltLab Burning Board modcp.php Multiple Variable SQL Injection

WoltLab Burning Board contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'modcp.php' script not properly sanitizing user-supplied input to the 'x' and 'y' variables. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/19035

PHPTB index.php mid Variable SQL Injection

PHPTB contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'mid' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/18736

Vuln: Computer Associates Multiple Product HTTP Request Remote Unspecified Buffer Overflow Vulnerability

Computer Associates Multiple Product HTTP Request Remote Unspecified Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/15025

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software