The server hosting sendmail, ftp.sendmail.org, was compromised recently. It has been reported that the intruder made modifications to the source code of sendmail to include Trojan Horse code. Downloads of the sendmail source code from ftp.sendmail.org between September 28, 2002 and October 6, 2002 likely contain the trojan code. The trojan will run once upon compilation of sendmail. Once the Trojan is executed, it attempts to connect to host spatula.aclue.com (66.37.138.99) on port 6667.
Due to insufficient sanitization of variables used to construct SQL queries, it is possible to modify the logic of a query, via a malicious request. Exploiting this issue could allow an attacker to reset the password of an arbitrary forum user. The ability to impersonate arbitrary users could potentially allow an attacker to launch further attacks against the vulnerable server. Other SQL injection attacks may also be possible.
A vulnerability has been reported in some PC Firewall packages that could allow remote denial of service attacks. By sending spoofed traffic that could be deemed malicious by the firewall software package, an attacker could effectively limit the sites a system is capable of reaching.
SSGbook includes codes for allowing users to specify HTML formatting and layout inside of guestbook entries. For example, a user can include an image by including it inside of [image] or [img] tags. However, arbitrary HTML and script code are not sufficiently sanitized within these tags. As a result, users may include malicious HTML and script code inside of guestbook entries. The attacker-supplied code will be rendered in the web client of a user who views a malicious guestbook entry.
It is possible for an attacker to obtain information regarding Published Applications, by sending specially crafted requests to the Citrix server, and examining responses. By bruteforcing a Citrix Published Applications list, it may be possible for an attacker to launch further attacks.
The Killer Protection PHP script is prone to an information-disclosure issue. Reportedly, unauthorized users can access sensitive user data by requesting the 'vars.inc' file in a malicious HTTP request. Exploiting this issue may allow attackers to access sensitive usernames and passwords, which could be used in future attacks.
Oracle 9i Application Server (9iAS) allows remote administration via a web access module. When a custom request is sent to the Web Administration module, the module may react unpredictably. By sending a malicious custom request to the module, it is possible to cause the administration server to crash. A manual restart of the server is required to resume service.
When Microsoft Internet Information Server (IIS) receives a request for an .idc file, the server typically returns a 404 message when the page does not exist. However, when a request containing a long URL and ending in the .idc extension is received by IIS, the entire contents of the URL are returned on the error page without the sanitizing of input. This could result in the execution of arbitrary script code.
PowerFTP server does not properly handle long user names. When excessive data is supplied as an argument to the FTP 'USER' command, the server becomes unstable. Exploitation of this vulnerability typically results in a crash of the server, requiring a manual restart to resume FTP service.
PowerFTP server does not properly handle long user names. When excessive data is supplied as an argument to the FTP 'USER' command, the server becomes unstable. Exploitation of this vulnerability typically results in a crash of the server, requiring a manual restart to resume FTP service.
Services By CQR