Network Security News – Sunday, February 26, 2006 Events
Easy Forum join.php Image URL Field XSS
Easy Forum contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the Image URL field upon submission to the 'join.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23430
CuteNews show_news.php show Variable XSS
CuteNews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'show' variable upon submission to the 'show_news.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23400
RunCMS ratefile.php lid Variable XSS
RunCMS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'lid' variable upon submission to the 'ratefile.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23388
Lotus Domino Multiple Function Potential DoS
Lotus Domino contains several flaws which may allow an unprivileged attacker to create a denial of service condition. Due to a lack of published details, it is not clear if each method can be abused by an unprivileged user or not. If additional details are published, seperate entries may be created for some issues.. Read more at osvdb.org/23485
SpeedProject Products ZIP/JAR Archive Traversal Arbitrary File Overwrite
SpeedProject SpeedCommander, ZipStar, and Squeez contain a flaw that allows a remote attacker to overwrite files outside of the target path. The issue is due to the programs not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via a manipulated ZIP or JAR archive.. Read more at osvdb.org/23465
WinACE RAR/TAR Archive Traversal Arbitrary File Overwrite
WinACE contains a flaw that allows a remote attacker to overwrite files outside of the extraction target path. The issue is due to the programs not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via a manipulated RAR or TAR archive.. Read more at osvdb.org/23464
StuffIt / ZipMagic Archive Traversal Arbitrary File Overwrite
StuffIt Standard, StuddIt Deluxe, ZipMagic Deluxe, and StuffIt Expandercontain a flaw that allows a remote attacker to overwrite files outside of the target path. The issue is due to the programs not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via a manipulated ZIP or TAR archive. Read more at osvdb.org/23463
Simple Machines Forum Register.php X-Forwarded-For XSS
Simple Machines Forum contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'X-Forwarded-For' HTTP header variables upon submission to the 'Register.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23480
NOCC functions.php Accept-Language HTTP Field Local PHP File Inclusion
NOCC contains a flaw that may allow a malicious user to execute arbitrary code on the target server. The issue is triggered because the application fails to properly sanitize input supplied to the 'functions.php' script via the 'Accept-Language' HTTP header filed. It is possible that the flaw may allow an attacker to include an arbitrary .php file from the server, which will be executed under the privilege of the web server.. Read more at osvdb.org/23418
ShoutLIVE savesettings.php Multiple Field Arbitrary PHP Code Execution
ShoutLIVE contains a flaw that may allow a malicious user to execute arbitrary code on the server. The issue is triggered because the application does not verify all input supplied to the 'settings.php' script. It is possible that the flaw may allow an attacker to inject PHP code in these fields which is then executed on the server, resulting in a loss of integrity.. Read more at osvdb.org/23482
Vuln: ArGoSoft FTP Server DELE Command Remote Buffer Overrun Vulnerability
ArGoSoft FTP Server DELE Command Remote Buffer Overrun Vulnerability. Read more at securityfocus.com/bid/12755
Leave a Reply