Network Security News – Tuesday, January 03, 2006 Events
IRIX XFS File System Malformed File DoS
IRIX contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user causes any program on the system to open a specially crafted file, and will result in a system hang and possible loss of availability for the platform.. Read more at osvdb.org/5417
MyBulletinBoard (MyBB) POST Method usercp.php Multiple Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the usercp.php script not properly sanitizing user-supplied input to the 'threadmode', 'showcodebuttons' or 'list' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22156
MyBulletinBoard (MyBB) POST Method ratethread.php rating Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the ratethread.php script not properly sanitizing user-supplied input to the 'rating' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22158
1Two Livre dOr guestbook.php Multiple Field XSS
1Two Livre d'Or contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'livreornom', 'livreoremail', and 'livreormessage' variables upon submission to the 'guestbook.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/16717
MyBulletinBoard (MyBB) POST Method member.php rating Variable SQL Injection
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the member.php script not properly sanitizing user-supplied input to the 'rating' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22157
IRIX fsr_xfs Overwrite Arbitrary File
IRIX contains a flaw related to the XFS Filesystem Reorganizer that may allow a malicious user to overwrite sensitive system files and gain root access. No further details have been provided.. Read more at osvdb.org/5317
Discus Error Message XSS
Discus Freeware and Discus Professional contain a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user-supplied input before returning it in an error message. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22153
Proxim Wireless Access Points Static WEP Key Authentication Bypass
Proxim Wireless Access Points contain a flaw that may allow a malicious user to gain access to the wireless network. The issue is triggered when when 802.1x is enabled but WEP is disabled. If these conditions are met, a static WEP key of '12345' can be used to circumvent the authentication mechanism. This flaw may lead to a loss of Integrity.. Read more at osvdb.org/22091
VisNetic Mail Server Webmail /mail/settings.html Language Variable Local File Inclusion
VisNetic Mail Server Webmail contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when improper information is assigned to the "language" variable when calling the /mail/settings.html script, which will display arbitrary files on the server's filesystem resulting in a loss of confidentiality.. Read more at osvdb.org/22080
Hitachi Business Logic Container (BLC) Unspecified Input Form HTTP Response Splitting
Business Logic Container contains a flaw that allows an HTTP response splitting vulnerability. This flaw exists because the application does not validate parameters upon submission to unspecified forms. This could allow a user to create a specially crafted URL that would influence or misrepresent how Web content is served, cached or interpreted, leading to a loss of integrity.. Read more at osvdb.org/22064
Leave a Reply