Network Security News – Thursday, July 13, 2006 Events
MyBulletinBoard (MyBB) Unspecified User Group Manipulation
MyBB contains an unspecified that may allow an attacker to manipulate user groups. No further details have been provided.. Read more at osvdb.org/26810
AdPlug dtm.cpp DTM File Processing Overflow
A local overflow exists in AdPlug. The 'dtm.cpp' library fails to sanitize user controlled fields in a DTM file resulting in a buffer overflow. With a specially crafted DTM file, an attacker can compromise applications using the library resulting in a loss of integrity.. Read more at osvdb.org/27045
Cisco Secure Access Control Server RAS/NAS Downloadable IP ACL Disclosure
Cisco Secure ACS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when Downloadable IP Access Lists are configured for use by Cisco NAS/Ras devices, and the ACS creates a hidden user which can be sniffed and used by an attacker resulting in a loss of confidentiality.. Read more at osvdb.org/22193
Mac OS X Apple File Protocol (AFP) Server Search Result Information Disclosure
Mac OS X contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a user performs a search in an AFP share, which will disclose filenames for which the user has no permission resulting in a loss of confidentiality.. Read more at osvdb.org/26930
Microsoft IE HtmlDlgSafeHelper fonts Property NULL Dereference
Microsoft IE contains a flaw that may allow a local denial of service. The issue is triggered when a call to HtmlDlgSafeHelper with a NULL pointer is referenced by the 'fonts' property, and will result in loss of availability for the service.. Read more at osvdb.org/27055
AjaxPortal Search Field SQL Injection
AjaxPortal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the application not properly sanitizing user-supplied input to the 'Search' field during a search. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/27068
AjaxPortal Login Routine Username Field SQL Injection
AjaxPortal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the application not properly sanitizing user-supplied input to the 'Username' field during user login. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/27067
ATutor create_course.php Multiple Variable XSS
ATRC ATutor contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'show_courses' and 'current_cat' variables upon submission to the 'create_course.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/27019
Leave a Reply