A denial of service condition has been reported in 3ware's Disk Management (3DM) by sending a malformed HTTP request to port 1080. Successful exploitation of this vulnerability may cause the 3DM server to crash.
Nukebrowser is prone to an issue which may allow remote attackers to include files located on remote servers. This issue is present in the nukebrowser.php script file. Under some circumstances, it is possible for remote attackers to influence the include path for 'cmd.txt' to point to an external file on a remote server by manipulating some URI parameters.
MultiHTML is prone to a file disclosure vulnerability. It is possible for remote attackers to issue requests which are capable of disclosing sensitive webserver readable resources on the system hosting the software.
The at utility shipped with Sun Solaris may be prone to an issue which may allow attackers to delete arbitrary files on the system. The vulnerability occurs when using at with the '-r' option. This option is used to remove previously scheduled at jobs. The vulnerability exists because at does not properly sanitize parameters submitted as part of the -r commandline option. A local attacker can cause at to delete arbitrary files on the system.
Guestbook does not adequately filter HTML tags from various fields. This may enable an attacker to inject arbitrary script code into pages that are generated by the guestbook. The attacker's script code may be executed in the web client of arbitrary users who view the pages generated by the guestbook, in the security context of the website running the software.
List Site PRO is a top site ranking system that counts hits from member sites and then ranks them according to the number of hits. A vulnerability exists in List Site PRO that allows an attacker to inject arbitrary values via HTML input form fields into the underlying flat-file database used by List Site PRO. By signing up with a specially crafted banner URL, an attacker can reset the password of any user account to a known value.
It has been reported that the Sygate Pro firewall permits traffic originating from UDP source port 137 or 138 by default. This may allow a remote attacker to bypass the firewall.
A vulnerability has been discovered in GNU Mailman due to insufficient sanitization of user-supplied data which is output when generating error pages. Attackers may embed malicious script code or HTML into a link to a site running the vulnerable software. If such a link is followed, the attacker-supplied code will be interpreted in the web browser of the victim of the attack. It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks are also possible.
A vulnerability has been discovered in GNU Mailman. It has been reported that Mailman is prone to cross site scripting attacks. This is due to insufficient santization of URI parameters. As a result, attackers may embed malicious script code or HTML into a link to a site running the vulnerable software. If such a link is followed, the attacker-supplied code will be interpreted in the web browser of the victim of the attack. It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks are also possible.
A vulnerability has been discovered in slocate. It has been reported that a buffer overrun occurs when running the slocate program with command line arguments of excessive length. Specifically, it is possible to overrun a buffer in slocate by supplying excessive data as the regex ('-r') and parse /etc/updatedb.conf ('-c') command line options. By exploiting this issue to overwrite an instruction pointer an attacker may gain the ability to execute arbitrary instructions. As slocate is typically installed setgid, all commands executed by the attacker will be run with the elevated group privileges.
Services By CQR