Network Security News – Sunday, April 23, 2006 Events
FreeBSD FPU x87 Register Information Disclosure
FreeBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered because the Floating Point Units (FPUs) of the affected processor types do not save and restore the FOP, FID and FPD registers when certain instructions are executed. As a result, FreeBSD does not clear these registers either. When a context switch occurs, a user can potentially read these uncleared registers which could disclose floating point information, resulting in a loss of confidentiality.. Read more at osvdb.org/24746
NetBSD sysctl() Memory Exhaustion Local DoS
NetBSD contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user causes a system lockup by allocating all available physical memory to a user supplied buffer where results of the sysctl(3) call are stored, and will result in loss of availability for the platform.. Read more at osvdb.org/24579
NetBSD elf_load_file() Malformed ELF Interpreter Local DoS
NetBSD contains a flaw that may allow a local denial of service. The issue is triggered when the elf_load_file() function dereferences a NULL pointer. The NULL pointer dereference occurs when a malicious user creates an elf interpreter that lacks a PT_LOAD section in its header. This will result in loss of availability for the platform.. Read more at osvdb.org/24576
bsdgames sail Username Local Overflow
A local overflow exists in sail of bsdgames. The game fails to validate the size of input into the 'buf' variable, resulting in a buffer overflow. With a specially crafted request, an attacker can obtain the privileges of the games group, resulting in a loss of integrity.. Read more at osvdb.org/24634
Bloggage check_login.asp Multiple Variable SQL Injection
Bloggage contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the check_login.asp script not properly sanitizing user-supplied input to the 'acc_name' and 'password' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24797
phpLDAPadmin template_engine.php Multiple Variable XSS
phpLDAPadmin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Container DN', 'Machine Name', or 'UID Number' fields as well as the 'dn' variable upon submission to the template_engine.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24794
phpLDAPadmin search.php scope Variable XSS
phpLDAPadmin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'scope' variable upon submission to the search.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24793
phpLDAPadmin rename_form.php dn Variable XSS
phpLDAPadmin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'dn' variable upon submission to the rename_form.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24790
phpLDAPadmin delete_form.php dn Variable XSS
phpLDAPadmin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'dn' variable upon submission to the delete_form.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24792
phpLDAPadmin copy_form.php dn Variable XSS
phpLDAPadmin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'dn' variable upon submission to the copy_form.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24789
Vuln: CrossFire Denial Of Service Vulnerability
CrossFire Denial Of Service Vulnerability. Read more at securityfocus.com/bid/16883
Vuln: VWar Admin.PHP Remote File Include Vulnerability
VWar Admin.PHP Remote File Include Vulnerability. Read more at securityfocus.com/bid/17443
Vuln: XZGV Image Viewer JPEG File Remote Heap Buffer Overflow Vulnerability
XZGV Image Viewer JPEG File Remote Heap Buffer Overflow Vulnerability
. Read more at securityfocus.com/bid/17409
Leave a Reply