Network Security News – Wednesday, April 12, 2006 Events
Pubcookie MS ISAPI Filter Unspecified XSS
Pubcookie contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unspecified variables upon submission to the MS ISAPI filter. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24520
Pubcookie index.cgi Unspecified XSS
Pubcookie contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unspecified variables upon submission to the index.cgi script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24521
Pubcookie Apache mod_pubcookie Unspecified XSS
Pubcookie mod_pubcookie contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unknown variables. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24103
Shopweezle memo.php itemID Variable SQL Injection
Shopweezle contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the memo.php script not properly sanitizing user-supplied input to the 'itemID' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24472
Shopweezle index.php Multiple Variable SQL Injection
Shopweezle contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'itemgr', 'brandID', and 'album' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24471
Shopweezle login.php itemID Variable SQL Injection
Shopweezle contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login.php script not properly sanitizing user-supplied input to the 'itemID' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24470
Shopweezle Malformed SQL Query Path Disclosure
Shopweezle contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker submits requests containing SQL injection attacks to various unspecified scripts, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/24473
OpenVPN LD_PRELOAD Environment Variable Pushing Arbitrary Code Execution
OpenVPN contains a flaw that may allow a malicious user to execute arbitrary code. The issue is caused due to OpenVPN clients allowing the server to transmit environment variables including LD_PRELOAD to client-side shell scripts via 'setenv' configuration directives. It is possible that the flaw may allow arbitrary code execution by placing and loading a file in a known location resulting in a loss of integrity.. Read more at osvdb.org/24444
Cisco ONS 15000 Series CTC Launcher java.policy Permission Weakness Arbitrary Code Execution
Cisco CTC contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered because the Java Applet installed by CTC on a client workstation installs with a 'grant all' permission set for 'http://*/fs/LAUNCHER.jar'. This allows malicious applets from websites to execute arbitrary Java code with all permissions if they are installed in a location that fits that pattern. This flaw may lead to a loss of integrity.. Read more at osvdb.org/24438
Gallery Unspecified JavaScript Injection
Gallery contains a flaw that allows a remote JavaScript injection attack. This flaw exists because the application does not validate certain unspecified user input. This could allow a user to execute arbitrary scripting code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24466
Vuln: Microsoft Internet Explorer Double Byte Character Memory Corruption Vulnerability
Microsoft Internet Explorer Double Byte Character Memory Corruption Vulnerability. Read more at securityfocus.com/bid/17454
Vuln: Linux Kernel 64-Bit SMP Routing_ioctl() Local Denial of Service Vulnerability
Linux Kernel 64-Bit SMP Routing_ioctl() Local Denial of Service Vulnerability. Read more at securityfocus.com/bid/14902
Vuln: Linux Kernel SYSFS_Write_File Local Integer Overflow Vulnerability
Linux Kernel SYSFS_Write_File Local Integer Overflow Vulnerability
. Read more at securityfocus.com/bid/13091
Vuln: Linux Kernel Multiple Local Vulnerabilities
Linux Kernel Multiple Local Vulnerabilities. Read more at securityfocus.com/bid/11956
Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability
Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability. Read more at securityfocus.com/archive/1/430713
AzDGVote File inclusion
AzDGVote File inclusion
. Read more at securityfocus.com/archive/1/430691
Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer POC
Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer POC. Read more at securityfocus.com/archive/1/430711
Manila <= 9.5 – XSS Vulnerabilities
Manila <= 9.5 – XSS Vulnerabilities. Read more at securityfocus.com/archive/1/430668
Leave a Reply