• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Solaris FTP Client Arbitrary Command Execution

Network Security News – Sunday, March 06, 2005 Events

Solaris FTP Client Arbitrary Command Execution

The FTP client included with Solaris contains a flaw that allows a malicious FTP server to execute arbitrary commands on the client computer. No further details have been provided.. Read more at osvdb.org/8733

WS_FTP Multiple Command Long Argument Overflow

A remote overflow exists in WS_FTP. The WS_FTP fails to sanitize input to
DELE, MDTM, MLST, MKD, RMD, RNFR, RNTO, SIZE, STAT, XMKD, XRMD resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary commands to be execute resulting in a loss of confidentiality.. Read more at osvdb.org/14115

iGeneric iG Shop page.php Multiple Parameter SQL Injection

iG Shop contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'cats', 'l_price' and 'u_price' variables in the 'page.php' module are not verified properly and will allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/14057

Microsoft IIS Internal IP Address/Hostname Disclosure

Microsoft IIS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when attempting to access an area protected via basic http authentication without providing realm information. This may disclose the internal IP address or network name in the response header resulting in a loss of confidentiality.. Read more at osvdb.org/630

AIX ping Command Line Argument Overflow

A local overflow exists in AIX ping. The AIX ping fails to check command line arguments length resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary commands resulting in a loss of integrity.. Read more at osvdb.org/7969

phpBB username Handling XSS

phpBB contains a flaw that allows a remote cross site scripting attack. The flaw exists because the application does not validate user input upon submission to the username handling routines. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/11961

xloadimage FACES Format Image Multiple Parameter Overflow

A remote overflow exists in xloadimage. The 'facesLoad()' function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/13969

xli Non-descript Image Properties Overflow

xli contains a flaw related to the validation of image properties that may allow a remote attacker to execute arbitrary code. No further details have been provided.. Read more at osvdb.org/14366

xli Compressed Image Filename Shell Metacharacter Arbitrary Command Execution

xli contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is triggered due to the handling of compressed images. With a specially crafted filename containing shell meta characters, a remote attacker could execute arbitrary commands resulting in a loss of integrity.. Read more at osvdb.org/14365

xli FACES Format Image Multiple Parameter Overflow

A remote overflow exists in xli. The 'facesLoad()' function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/14403

Symantec Enterprise Firewall DNSD DNS Cache Poisoning Vulnerability

Raptor Firewall is an enterprise level firewall originally developed by Axent Technologies and is maintained and distributed by Symantec. Symantec Enterprise Firewall is …. Read more at securityfocus.com/bid/10557?ref=rss

BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffer Overflow Vulnerability

Computer Associates BrightStor ARCserve/Enterprise Backup products provide backup and restore protection for Windows, NetWare, Linux and UNIX servers as well as Windows, …. Read more at securityfocus.com/bid/12491?ref=rss

BrightStor ARCserve/Enterprise Discovery Service SERVICEPC Remote Buffer Overflow Vulnerability

Computer Associates BrightStor ARCserve/Enterprise Backup products provide backup and restore protection for Windows, NetWare, Linux and UNIX servers as well as Windows, …. Read more at securityfocus.com/bid/12536?ref=rss

Midnight Commander Multiple Unspecified Vulnerabilities

Midnight Commander is a popular file management tool for Unix systems. Among other features, Midnight Commander is provided with a code layer to access the file system; t…. Read more at securityfocus.com/bid/12263?ref=rss

Multiple Vendor loopback (land.c) Denial of Service Vulnerability

A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP packet with the "SYN" flag set and the source address and port spoofed to eq…. Read more at securityfocus.com/bid/2666?ref=rss

Sylpheed Mail Client Buffer Overflow Vulnerability

Sylpheed is a GTK+ based mail client for Unix, and Unix-like operating systems.It is reported that Sylpheed is susceptible to a buffer overflow vulnerability. This issu…. Read more at securityfocus.com/bid/12730?ref=rss

Windows Server 2003 and XP SP2 LAND attack vulnerability

Sender: Dejan Levaja [dejan at levaja dot com]. Read more at securityfocus.com/archive/1/392354?ref=rss

Re: Advisory #08 – phpBB 2.0.13 Bad filtered in usercp_register.php

Sender: Some one [someone at cannabismail dot com]. Read more at securityfocus.com/archive/1/392355?ref=rss

PaX privilege elevation security bug

Sender: [pageexec at freemail dot hu]. Read more at securityfocus.com/archive/1/392348?ref=rss

MDKSA-2005:052 – Updated kdegraphics packages fix vulnerabilities

Sender: Mandrakelinux Security Team [security at linux-mandrake dot com]. Read more at securityfocus.com/archive/1/392352?ref=rss

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software