• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Bakbone Netvault nvstatsmngr.exe Local Privilege Escalation

Network Security News – Sunday, May 01, 2005 Events

Bakbone Netvault nvstatsmngr.exe Local Privilege Escalation

NetVault contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered by a local attacker initiating the help functionality of the nvstatsmngr.exe process to execute arbitrary commands on the system with SYSTEM level privileges. This flaw may lead to a loss of integrity.. Read more at osvdb.org/15900

phpBB Personal Notes Module posting_notes.php p Variable SQL Injection

phpBB contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'p' variable in the posting_notes.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15899

SURVIVOR Nondescript XSS

SURVIVOR contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not perform proper validation of unspecified user-supplied input. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15905

Altiris Deployment Solution AClient System Tray Icon Privilege Escalation

Deployment Solution contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a user activates the client interface by launching the software from an icon in the Windows system tray and uses it to launch an arbitrary program. This will cause the program to run with the same privileges as the Altiris client allowing local privilege escalation.. Read more at osvdb.org/15897

Multiple Browser DOM Property Override Privilege Escalation

Multiple browser contains a flaw that may allow a remote attacker to gain access to unauthorized privileges. The issue is triggered due to improper validation of privileged 'chrome' UI code in DOM nodes. By creating a malicious script and tricking a victim to open the script or the context menu, a remote attacker could override properties and methods of DOM nodes and execute arbitrary code, resulting in a loss of integrity.. Read more at osvdb.org/15690

Microsoft Windows XP helpctr.exe Crafted URL Command Execution (Myth/Fake)

The Help Center ('HelpCtr.exe') in Microsoft Windows XP has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is supposedly triggered when issuing a 'http://' or 'file://' argument to the topic parameter in an 'hcp://' URL, which may allow a remote attacker to execute arbitrary commands. However, this flaw could not be validated.. Read more at osvdb.org/15981

Red Hat Linux Kernel NPTL tty DoS

The kernel in Red Hat Enterprise Linux contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user could take control of a pointer to a freed tty structure, which causes the kernel to crash resulting in a loss of availability.. Read more at osvdb.org/15808

Greg Mathew's Classifieds CGI Arbitrary Command Execution

Classifieds contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'classifieds.cgi' not properly sanitizing user-supplied input. This may allow a remote attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/6698

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software