A remote attacker can inject SQL into queries made by the members.asp script in Snitz Forums 2000. Depending on the database implementation, this can result in disclosure of sensitive information or modification of data. It may also be leveraged to exploit vulnerabilities in the underlying database.
This is the proof-of-concept code for the Windows denial-of-serice attack described by the Razor team (NTBugtraq, 19-May-00) (MS00-029). This code causes cpu utilization to go to 100%.
The issues are triggered when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
A remote attacker can manipulate the URL parameters to add or delete web polls in PVote, a web voting system written in PHP. By modifying the values of the parameters, an attacker can add a poll with a specific topic or delete an existing poll by specifying its ID.
An authenticated user can exploit a buffer overflow condition in WebTrends Reporting Center for Windows by submitting an oversized GET request. This can lead to the execution of arbitrary code with SYSTEM privileges or a denial of service attack.
The SunShop web store software allows attackers to embed arbitrary script code into form fields, enabling a remote attacker to perform actions as the administrative user of the shopping cart. An attacker can exploit this vulnerability by registering as a new customer and entering a specially crafted name containing script code.
The Web Datablade Module for Informix SQL allows for the injection of SQL commands into any page request, potentially leading to the disclosure of sensitive information or unauthorized access to the database. An additional issue exists within the HTTP Basic Authentication process used by Web Datablade, but detailed exploitation information is not available.
A heap overflow condition in the 'chunked encoding transfer mechanism' related to Active Server Pages has been reported for Microsoft IIS (Internet Information Services). This condition affects IIS 4.0 and IIS 5.0. Exploitation of this vulnerability may result in a denial of service or allow for a remote attacker to execute arbitrary instructions on the victim host. Microsoft IIS 5.0 is reported to ship with a default script (iisstart.asp) which may be sufficient for a remote attacker to exploit. Other sample scripts may also be exploitable.
A heap overflow condition has been reported in the 'chunked encoding transfer mechanism' related to Active Server Pages in Microsoft IIS. Exploitation of this vulnerability may result in a denial of service or allow for a remote attacker to execute arbitrary instructions on the victim host.
An issue has been reported in Xpede, which could lead to a compromise of user authentication information. Xpede cookies containing username and password data are stored using a weak encryption method. Therefore, if a user obtains access to cookies residing on a system, he/she may be able to reveal authentication information of Xpede users.
Services By CQR