• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

phpMyAdmin /libraries/display_create_database.lib.php Direct Request Path Disclo

Network Security News – Friday, November 18, 2005 Events

phpMyAdmin /libraries/display_create_database.lib.php Direct Request Path Disclosure

phpMyAdmin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a direct request to the /libraries/display_create_database.lib.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/20913

phpMyAdmin /libraries/string.lib.php Direct Request Path Disclosure

phpMyAdmin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a direct request to the /libraries/string.lib.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/20911

phpMyAdmin /libraries/check_user_privileges.lib.php Direct Request Path Disclosure

phpMyAdmin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a direct request to the /libraries/check_user_privileges.lib.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/20914

phpMyAdmin /libraries/storage_engines.lib.php Direct Request Path Disclosure

phpMyAdmin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a direct request to the /libraries/storage_engines.lib.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/20912

NetBSD NIS Hostname Lookup Remote Overflow

A remote overflow exists in NetBSD. The hostname lookup code of the network information service (NIS) fails to check bounds on incoming match responses (IPv4 addresses) from NIS servers, resulting in a buffer overflow. With a specially crafted request, an attacker can hijack an account or gain elevated privileges, resulting in a loss of integrity.. Read more at osvdb.org/20777

NetBSD NFS mount args Local DoS

NetBSD contains multiple flaws in its network file system (NFS) that may allow a local denial of service. The issues are triggered when NFS fails to check the nfs file handle size. Furthermore, NFS did not check the size of authenticator and verifier strings sufficiently. Also, nentries and gnentries are not checked and export addresses are poorly checked. This may result in a kernel panic and loss of availability for the platform.. Read more at osvdb.org/20762

PHP with Apache 2 virtual() Function Unspecified Restriction Bypass

PHP, when used as an Apache 2 module, contains an unspecified flaw in the virtual() function that may allow a malicious user to bypass certain configuration directives (e.g. "safe_mode" and "open_basedir"). This may allow the disclosure of sensitive information, resulting in a loss of confidentiality.. Read more at osvdb.org/20897

NetBSD Multiple Driver ioctl Checking Weakness

NetBSD contains multiple flaws that may allow a local denial of service. The issue is triggered when device drivers do not sufficiently check variables in ioctl() routines, and will result in a kernel panic and loss of availability for the platform.. Read more at osvdb.org/20763

NetBSD Kernel sys_semop() Function Local Overflow

A local overflow exists in NetBSD as a result of sys_semop() function mismatched data types. With a specially crafted request, an attacker can cause a denial of service and/or execute arbitrary code, resulting in a loss of integrity, and/or availability.. Read more at osvdb.org/20761

PHP GEN Unspecified XSS

PHP GEN contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unspecified variables upon submission to various scripts. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20876

Vuln: VP-ASP Shopping Cart Shopadmin.ASP HTML Injection Vulnerability

VP-ASP Shopping Cart Shopadmin.ASP HTML Injection Vulnerability. Read more at securityfocus.com/bid/15490

Vuln: XMB Forum Member.PHP HTML Injection Vulnerability

XMB Forum Member.PHP HTML Injection Vulnerability. Read more at securityfocus.com/bid/15489

Vuln: Qualcomm Worldmail Server Directory Traversal Vulnerability

Qualcomm Worldmail Server Directory Traversal Vulnerability. Read more at securityfocus.com/bid/15488

Vuln: yaSSL Unspecified Certificate Chain Processing Vulnerability

yaSSL Unspecified Certificate Chain Processing Vulnerability. Read more at securityfocus.com/bid/15487

iDEFENSE Security Advisory 11.17.05: Qualcomm WorldMail IMAP Server Directory Traversal Vulnerability

iDEFENSE Security Advisory 11.17.05: Qualcomm WorldMail IMAP Server Directory Traversal Vulnerability. Read more at securityfocus.com/archive/1/417085

[SECURITY] [DSA 899-1] New egroupware packages fix several vulnerabilities

[SECURITY] [DSA 899-1] New egroupware packages fix several vulnerabilities. Read more at securityfocus.com/archive/1/417082

[SECURITY] [DSA 898-1] New phpgroupware packages fix several vulnerabilities

[SECURITY] [DSA 898-1] New phpgroupware packages fix several vulnerabilities. Read more at securityfocus.com/archive/1/417081

[KAPDA::#13] – XMB HTML Injection & Path Disclosure.

[KAPDA::#13] – XMB HTML Injection & Path Disclosure.. Read more at securityfocus.com/archive/1/417078

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2024 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software