Network Security News – Friday, January 20, 2006 Events
PHP-Nuke Search Module query Variable SQL Injection
PHP-Nuke contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the search module not properly sanitizing user-supplied input to the 'query' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20866
MyDNS Malformed Query Response DoS
MyDNS contains a flaw that may allow a remote denial of service. The issue is triggered when packets with malformed DNS queries are sent to the service, and will result in loss of availability for the service.. Read more at osvdb.org/22636
F-Secure Anti-Virus ZIP Archive Processing Overflow
A remote overflow exists in F-Secure Anti-Virus products. F-Secure fails to validate certain boundaries of ZIP files, resulting in a buffer overflow. With a specially crafted zip file, an attacker can cause arbitrary code execution, resulting in a loss of integrity.. Read more at osvdb.org/22632
F-Secure Anti-Virus Crafted ZIP/RAR Scanner Bypass
F-Secure Anti Virus products contain a flaw that may allow malicious code to bypass the scanning engine. The issue is triggered when specially crafted RAR or ZIP archives are processed by the scanning engine, resulting in a loss of integrity.. Read more at osvdb.org/22633
MyBulletinBoard (MyBB) Allow HTML in Signatures Script Insertion
MyBB contains a flaw that allows a remote script insertion attack. This flaw exists because the application does not properly validate JavaScript content inserted into signatures. This could allow a user to create a specially crafted signature that would execute arbitrary JavaScript code in other users' browsers within the trust relationship between their browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22628
Bit 5 Blog addcomment.php comment Variable XSS
Bit 5 Blog contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'comment' variable upon submission to the addcomment.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22446
Bit 5 Blog processlogin.php Multiple Field SQL Injection
Bit 5 Blog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the processlogin.php script not properly sanitizing user-supplied input to the 'username' and 'password' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22445
Benders Calendar index.php Multiple Variable SQL Injection
Benders Calendar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'year', 'month' and 'day' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22449
Oracle Database Upgrade & Downgrade DBMS_REGISTRY Multiple Procedure SQL Injection
Oracle Database Server contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the DBMS_REGISTRY package not properly sanitizing user-supplied input to the IS_COMPONENT, GET_COMP_OPTION, DISABLE_DDL_TRIGGERS, SCRIPT_EXISTS, COMP_PATH, GATHER_STATS, NOTHING_SCRIPT or VALIDATE_COMPONENTS procedures. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22566
Oracle Database Text CTXSYS.DRILOAD Multiple Procedure SQL Injection
Oracle Database Server contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the CTXSYS.DRILOAD package not properly sanitizing user-supplied input to the VALIDATE_STATEMENT or BUILD_DML procedures. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22555
Leave a Reply