It has been reported that a remote attacker is able to retrieve sensitive information from vulnerable access points, including AP login credentials. Information gained by exploiting this vulnerability may allow an attacker to launch further attacks against the target network.
Xeneo web server is vulnerable to a denial of service attack when it processes a malformed HTTP request. This can be triggered by sending a request with a URL containing a single percent sign (%), or a URL containing a percent sign followed by an uppercase letter (e.g. %A).
A denial of service vulnerability has been reported for Monkey HTTP server. The vulnerability is due to inadequate checks being performed when decoding POST requests. An attacker can exploit this vulnerability by issuing a POST request with an invalid Content-Length header, or without a Content-Length value. When the server attempts to service the request, it will crash and lead to the denial of service condition.
By sending a malicious HTTP request to a webserver running the vulnerable ION Script package, it is possible for a remote attacker to disclose arbitrary webserver readable files. As webservers are often run with high privileges, it may be possible to disclose sensitive system files. Exploiting this issue may allow an attacker to gain information required to launch further attacks against the target system.
A denial of service vulnerability has been reported for several networking devices. The condition will be triggered when the embedded web server, used by the devices, receives an overly long HTTP header. An attacker can exploit this vulnerability to cause the device to stop functioning. Rebooting the device is necessary to restore functionality. Although not yet confirmed, it has been speculated that this issue is a result of a buffer overflow.
A SQL injection vulnerability has been reported for PHP-Nuke 5.6. The vulnerability is due to insufficient sanitization of variables used to construct SQL queries in some scripts. It is possible to modify the logic of SQL queries through malformed query strings in requests for the vulnerable script. By injecting SQL code into variables, it may be possible for an attacker to corrupt database information.
Prometheus is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Prometheus. An attacker may exploit this by supplying a path to a malicious 'autoload.lib' file on a remote host as a value for the 'PROMETHEUS_LIBRARY_BASE' parameter.
Linksys BEFSR41 is vulnerable to a denial of service condition when the device receives a request for the script file 'Gozila.cgi' without any parameters.
It has been reported that it is possible for a remote attacker to execute arbitrary commands. The attacker must reportedly already have access to the 'lp' (or equivalent) account to exploit this condition. This cause of this vulnerability is that html2ps may open files using unsanitized input that may be supplied by a potentially malicious user.
SmartMail Server is reported to be prone to a remote denial of service condition. It is possible to trigger this condition by sending large amounts (5MB+) of data to the server via TCP port 25 or 110. SmartMail Server will need to be restarted to regain normal functionality.
Services By CQR