The scoadminreg.cgi program does not properly validate user input when executed with the -c option. Because of this, a user may load an arbitrary program with the -c flag. When this program is executed, the file loaded with the -c flag will be executed with administrative privileges.
A vulnerability has been discovered in MacOS systems running Internet Explorer 5.1 and earlier. File URLs may be used by a malicious webmaster to execute programs on a web user's local system. The exact path to the location of the file must be known. This includes being able to anticipate the name of a particular user's hard drive. This issue may be exploited to execute 'Speakable Items' in MacOS 8 and 9. This issue may also be exploitable through maliciously crafted HTML-enabled e-mail.
Cyberstop is a web server for Windows 9x/NT/2000 systems. Attacks can be launched on a Cyberstop host if a request is submitted containing an unusual number of arbitrary characters. Cyberstop web server will stop responding, a restart of the application may be required in order to regain normal functionality.
dnrd (Domain Name Relay Daemon) is a freely available, open-source proxy name server. There is a lack of sufficient bounds checking in DNS request and reply functions. As a result, it is possible for a remote attacker to cause a denial of service to legitimate users of dnrd. It is not known whether it is possible to execute arbitrary attacker-supplied instructions as a result of this vulnerability.
Citrix Nfuse is an application portal server meant to provide the functionality of any application on the server via a web browser. Nfuse works in conjunction with a previously-installed webserver. If a request for 'applist.asp' is submitted without authentication, Nfuse reportedly will disclose a list of all published applications.
A vulnerability exists in some versions of Timbuktu. If a large number of connections are created to the Timbuktu server, the server will no longer accept new connections.
PHPNuke is a website creation/maintenance tool that can be back-ended by a number of database products such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. The sql_layer.php script contains a debugging feature that may be used by attackers to disclose sensitive information about all SQL queries made by PHPNuke. Access to the debugging feature is not restricted to administrators, which may be used by a remote attacker to disclose sensitive information about the database which may contribute to further attacks against the website running PHPNuke and the database. It is not known whether PostNuke is also affected by this issue.
It is possible to cause a denial of service condition in Oracle 8i. If either of the dbsnmp_start or dbsnmp_stop commands are sent remotely to the TNS listener service, a memory error will occur.
A vulnerability exists in Chinput. A local user with an extremely long HOME environment variable may cause a buffer to overflow. If successfully exploited, this can overwrite the instruction pointer, and lead to the execution of arbitrary code as root.
PHPNuke is a website creation/maintenance tool. The 'index.php' script has a feature which allows users to include files. Due to insufficent input validation, it is possible to include files located on a remote server. Arbitrary code in the attacker's included file may be executed. As one consequence of this issue, a remote attacker can cause commands to be executed on the shell of the host running vulnerable versions of PHPNuke. Commands will be executed with the privileges of the webserver process and may result in the attacker gaining local access.
Services By CQR