XFSMD is vulnerable to remote command execution due to insufficient sanitization of arguments passed to the RPC. If shell metacharacters, such as ';' and '|' are embedded in the remotely supplied arguments, additional commands may be executed with root privileges.
A script injection issue has been reported in BasiliX Webmail. Script commands are not filtered from the Subject or message body, and may execute in the context of the BasiliX site when the content is viewed.
A vulnerability has been reported in some versions of the Cisco VPN Client. If an oversized profile name is passed to the vpnclient binary, a buffer overflow condition may occur. As vpnclient runs suid root, exploitation of this vulnerability will grant a local attacker root access to the vulnerable system. This vulnerability affects the VPN Client version 3.5.1 for Linux, Solaris and Mac OS X. Windows clients are not believed to be vulnerable. Earlier versions of the VPN Client may share this vulnerability, although this has not been confirmed.
WebBBS does not sufficiently filter shell metacharacters from CGI parameters. As a result, remote attackers may execute arbitrary commands on the underlying shell of the system hosting the vulnerable software. Remote attackers may gain local, interactive access to the host with the privileges of the webserver process as a result of successful exploitation.
A buffer overflow has been discovered in the gds_drop program packaged with Interbase. This problem could allow a local user to execute the program with strings of arbitrary length. By using a custom crafted string, the attacker could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code.
A buffer overflow has been discovered in the gds_drop program packaged with Interbase. This problem could allow a local user to execute the program with strings of arbitrary length. By using a custom crafted string, the attacker could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code.
PHP-Address is vulnerable to a Remote File Inclusion vulnerability which allows an attacker to include arbitrary files located on remote servers. If the remote file is a PHP script, this may allow for execution of attacker-supplied PHP code with the privileges of the webserver. An attacker can exploit this vulnerability by crafting a malicious URL and sending it to a victim.
osCommerce is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. If the remote file is a PHP script, this may allow for execution of attacker-supplied PHP code with the privileges of the webserver.
A file disclosure vulnerability has been reported with the MSP CGI program. A file name parameter supplied by the user is not properly validated. The inclusion of '../' character sequences allows the attacker to escape the web root, and view arbitrary system files.
ZyXEL 642R routers have difficulties handling certain types of malformed packets. In particular, it is possible to deny services by sending a vulnerable router a SYN-ACK packet. To a lesser degree, the router also encounters difficulties when handling SYN-FIN packets. In both instances, some services provided by the router (telnet, FTP and DHCP) will be denied, however, the device will continue to route network traffic. This issue has also been reproduced with other types of malformed packets.
Services By CQR