• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Fuji Xerox Printing Systems (FXPS) Print Engine Crafted Request HTTP Authenticat

Network Security News – Sunday, September 03, 2006 Events

Fuji Xerox Printing Systems (FXPS) Print Engine Crafted Request HTTP Authentication Bypass

Fuji Xerox Printing Systems (FXPS) Print Engine contains a flaw that may allow bypassing certain security restrictions. The issue is triggered because the embedded HTTP server does not authenticate certain HTTP requests correctly. It is possible that the flaw may allow a malicious user to make unauthorized changes to the system configuration or to cause a denial of service resulting in a loss of integrity or availability.. Read more at osvdb.org/28250

GDB DWARF Debugging Code Crafted Location Block Overflow

A remote overflow exists in GDB DWARF. The compiler fails to handle 'DWARF' or 'DWARF2' information resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code resulting in a loss of integrity.. Read more at osvdb.org/28318

xbiff2 .xbiff2rc File Permission Weakness Information Disclosure

Xbiff 2 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to an error in the configuration routine which creates .xbiff2rc with file permissions set to 755, which will disclose user's POP or IMAP credentials resulting in a loss of confidentiality.. Read more at osvdb.org/28278

Cerberus Helpdesk ticket Variable Arbitrary Ticket Access

Cerberus Helpdesk contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to missing access verification in the Client Support Center when viewing tickets, which will disclose other users' tickets informations by changing the 'ticket' parameter resulting in a loss of confidentiality.. Read more at osvdb.org/28317

AIX dtterm Unspecified Local Privilege Escalation

AIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges and execute arbitrary code with root privileges. The issue is triggered due to an unspecified error in 'dtterm'. This flaw may lead to a loss of Integrity.. Read more at osvdb.org/28275

Streamripper HTTP Header Parsing Overflow

A remote overflow exists in Streamripper. The product fails to check for boundary errors while processing certain HTTP headers resulting in a buffer overflow. With a specially crafted request, an attacker can cause execute arbitrary code resulting in a loss of integrity.. Read more at osvdb.org/28178

Sun Java System Content Delivery Server Arbitrary File Disclosure

Sun Java System Content Delivery Server contains a flaw that may allow a malicious user to read data from arbitrary file. No further details have been provided.. Read more at osvdb.org/28227

phpCodeGenie Core.php BEAUT_PATH Variable Remote File Inclusion

phpCodeGenie contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the '/app/common/lib/codeBeautifier/Beautifier/Core.php' script not properly sanitizing user input supplied to the 'BEAUT_PATH' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/28035

phpECard functions.php include_path Variable Remote File Inclusion

phpECard contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'functions.php' not properly sanitizing user input supplied to the 'include_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/28291

ezContents showlinks.php GLOBALS[admin_home] Variable Remote File Inclusion

ezContents contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the showlinks.php script not properly sanitizing user input supplied to the 'GLOBALS[admin_home]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/28325

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software