Winamp is vulnerable to a buffer overflow condition when checking for updated versions. A malicious server located at www.winamp.com may return a malicious response. Exploitation may result in the execution of arbitrary code as the Winamp process. It may be possible to exploit this vulnerability if an attacker can control the resolution of the www.winamp.com domain, possibly through DNS cache poisoning.
It has been reported that WorldSpan Res Manager 4.1 for Microsoft Windows is vulnerable to a denial of service condition. Res Manager systems are connected to Worldspan via private lines or through the Internet. Before accessing Worldspan, clients must first go through a local gateway, which accepts connections from Res Manager clients via TCP port 17990. If a malformed packet is sent to this port, the gateway software attempts to process the packet and eventually crashes.
It is possible to use an Unreal Tournament server as an amplifyer in a flooding attack, by transmiting multiple UDP packets with a spoofed victim IP address. The server will make repeated attempts to initiate a connection with the specified address, consuming network resources.
A weakness in the authentication scheme used by the VNC client and server may result in the disclosure of user passwords. An attacker able to sniff unencrypted network traffic during the VNC authentication process may trivially recover the plaintext password.
A directory traversal issue has been reported in the web server of ArGoSoft Mail Server, which could allow remote users access to all files residing on the host. This is accomplished by submitting a specially crafted request containing '/..' character sequences to a specific directory.
A flaw in /admin/login.php has been reported in PHPAuction, which could allow users to gain escalated privileges. Submitting authentication credentials via login.php will create the user account with adminsitrative permissions.
AnalogX Proxy is prone to a buffer overflow condition when attempting to handle malformed SOCKS4A requests (via TCP port 1080). This may be exploited to create a denial of service condition or to potentially execute arbitrary instructions with the privileges of the AnalogX Proxy process.
Blackboard is reportedly prone to cross-site scripting attacks. This issue was reported to be in the login.pl script. The vulnerable script fails to sanitize HTML tags from CGI parameters. Attackers may exploit this condition via a malicious link to a site running the vulnerable software. Successful exploitation will enable an attacker to cause script code to be executed in the web browser of a user who visits the malicious link. It has been reported that there other instances where Blackboard fails to sanitize arbitrary HTML and script code.
E-Guest guest book is vulnerable to command injection due to insufficient sanitization of user-supplied input. This allows an attacker to pass along commands via server-side includes that could allow a remote user to execute commands on the local host.
Macromedia JRun is prone to an authentication bypass vulnerability which allows remote attackers to bypass the authentication page for the admin server. This can be exploited by adding an extraneous '/' to a request for the administrative authentication page. This can allow attackers to access administrative functions such as shutting down the JRun server instance on port 8100.
Services By CQR