Network Security News – Friday, November 18, 2005 Events
phpMyAdmin /libraries/display_create_database.lib.php Direct Request Path Disclosure
phpMyAdmin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a direct request to the /libraries/display_create_database.lib.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/20913
phpMyAdmin /libraries/string.lib.php Direct Request Path Disclosure
phpMyAdmin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a direct request to the /libraries/string.lib.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/20911
phpMyAdmin /libraries/check_user_privileges.lib.php Direct Request Path Disclosure
phpMyAdmin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a direct request to the /libraries/check_user_privileges.lib.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/20914
phpMyAdmin /libraries/storage_engines.lib.php Direct Request Path Disclosure
phpMyAdmin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a direct request to the /libraries/storage_engines.lib.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/20912
NetBSD NIS Hostname Lookup Remote Overflow
A remote overflow exists in NetBSD. The hostname lookup code of the network information service (NIS) fails to check bounds on incoming match responses (IPv4 addresses) from NIS servers, resulting in a buffer overflow. With a specially crafted request, an attacker can hijack an account or gain elevated privileges, resulting in a loss of integrity.. Read more at osvdb.org/20777
NetBSD NFS mount args Local DoS
NetBSD contains multiple flaws in its network file system (NFS) that may allow a local denial of service. The issues are triggered when NFS fails to check the nfs file handle size. Furthermore, NFS did not check the size of authenticator and verifier strings sufficiently. Also, nentries and gnentries are not checked and export addresses are poorly checked. This may result in a kernel panic and loss of availability for the platform.. Read more at osvdb.org/20762
PHP with Apache 2 virtual() Function Unspecified Restriction Bypass
PHP, when used as an Apache 2 module, contains an unspecified flaw in the virtual() function that may allow a malicious user to bypass certain configuration directives (e.g. "safe_mode" and "open_basedir"). This may allow the disclosure of sensitive information, resulting in a loss of confidentiality.. Read more at osvdb.org/20897
NetBSD Multiple Driver ioctl Checking Weakness
NetBSD contains multiple flaws that may allow a local denial of service. The issue is triggered when device drivers do not sufficiently check variables in ioctl() routines, and will result in a kernel panic and loss of availability for the platform.. Read more at osvdb.org/20763
NetBSD Kernel sys_semop() Function Local Overflow
A local overflow exists in NetBSD as a result of sys_semop() function mismatched data types. With a specially crafted request, an attacker can cause a denial of service and/or execute arbitrary code, resulting in a loss of integrity, and/or availability.. Read more at osvdb.org/20761
PHP GEN Unspecified XSS
PHP GEN contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unspecified variables upon submission to various scripts. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20876
Vuln: VP-ASP Shopping Cart Shopadmin.ASP HTML Injection Vulnerability
VP-ASP Shopping Cart Shopadmin.ASP HTML Injection Vulnerability. Read more at securityfocus.com/bid/15490
Vuln: XMB Forum Member.PHP HTML Injection Vulnerability
XMB Forum Member.PHP HTML Injection Vulnerability. Read more at securityfocus.com/bid/15489
Vuln: Qualcomm Worldmail Server Directory Traversal Vulnerability
Qualcomm Worldmail Server Directory Traversal Vulnerability. Read more at securityfocus.com/bid/15488
Vuln: yaSSL Unspecified Certificate Chain Processing Vulnerability
yaSSL Unspecified Certificate Chain Processing Vulnerability. Read more at securityfocus.com/bid/15487
iDEFENSE Security Advisory 11.17.05: Qualcomm WorldMail IMAP Server Directory Traversal Vulnerability
iDEFENSE Security Advisory 11.17.05: Qualcomm WorldMail IMAP Server Directory Traversal Vulnerability. Read more at securityfocus.com/archive/1/417085
[SECURITY] [DSA 899-1] New egroupware packages fix several vulnerabilities
[SECURITY] [DSA 899-1] New egroupware packages fix several vulnerabilities. Read more at securityfocus.com/archive/1/417082
[SECURITY] [DSA 898-1] New phpgroupware packages fix several vulnerabilities
[SECURITY] [DSA 898-1] New phpgroupware packages fix several vulnerabilities. Read more at securityfocus.com/archive/1/417081
[KAPDA::#13] – XMB HTML Injection & Path Disclosure.
[KAPDA::#13] – XMB HTML Injection & Path Disclosure.. Read more at securityfocus.com/archive/1/417078
Leave a Reply