The wall client packaged with Solaris makes assumptions about a user's environment when the client is executed. The assumption is made that if the file descriptor of stderr points to a tty when wall is executed, the user is local. If not, the user is considered remote, and the first five bytes of the supplied 'From' text will be used by wall as the users identification. This makes it possible for a user to close stderr prior to the execution of wall, and send a spoofed message using the client.
PlatinumFTPserver fails to properly sanitize some FTP commands, allowing a remote attacker to obtain information about sensitive resources located outside of the FTP root.
The modules.php script used by PHP-Nuke is vulnerable to a denial of service attack due to improper validation of some URI parameters. An attacker can exploit this vulnerability by modifying certain parameters in a request for the modules.php script, which will prevent visitors from creating new accounts and cause a denial of service.
CPU load goes to 100% until you restart explorer.exe
The SQL injection is possible on the "Advanced Search", the input is not validated correctly. To make it even worse, the search can be accessed without any authentication. Security Manager Plus also has to run as root or SYSTEM user, which makes a remote shell with root/SYSTEM privileges possible....
The Path Traversal is possible on the 'store' url, without any authentication. This allows us to download the complete database and thus gather windows/linux logins which are used for patching the servers. It will also download the passwd and shadow files as Security Manager Plus runs with root/SYSTEM privileges. Modify it to make it work on windows, and grab SAM files or other files. NOTE: At least one patch must have been downloaded in Security Manager Plus already.
Under some circumstances, it may be possible to disclose the contents of directories. By passing a malicious request to the viewtopic.php script, UPB may return a listing of the directory. This could be further refined to disclose the contents of selected files.
A vulnerability has been discovered in Boozt. By passing a malicious parameter of excessive length to the index.cgi script, it is possible to overrun a buffer. This could be exploited by a remote attacker to corrupt sensitive memory, which may result in the execution of arbitrary code.
A buffer overflow vulnerability has been reported for Moby NetSuite that may result in a denial of service condition. It is possible to cause NetSuite to crash when a malformed POST request is received. An attacker can exploit this vulnerability by issuing a malformed POST request. When NetSuite attempts to service the malformed POST request, it will crash resulting in a denial of service. Restarting the service is necessary to restore functionality.
The vulnerability allows for the construction of bytecode that can instantiate objects without proper initialization, leading to potential read/write access to system files despite the security constraints of the Applet sandbox.
Services By CQR