| OSVDB ID | Disclosure Date | Title |
|---|
|
19174
Description:
Unknown / Incomplete
|
2005-08-12
|
sredird Unspecified Message Logging Issue
|
|
19030
Description:
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'username' variable. This will allow an attacker to inject or manipulate SQL queries in the back-end database, including logging in as the site administrator and full access to the Admin Control Panel.
|
2005-08-12
|
MyBulletinBoard (MyBB) index.php Username Parameter SQL Injection
|
|
19031
Description:
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the member.php script not properly sanitizing user-supplied input to the 'action', 'username', 'rating' and possibly other variables. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2005-08-12
|
MyBulletinBoard (MyBB) member.php Multiple Parameter SQL Injection
|
|
19032
Description:
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the polls.php script not properly sanitizing user-supplied input to the 'polloptions' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2005-08-12
|
MyBulletinBoard (MyBB) polls.php polloptions Parameter SQL Injection
|
|
19033
Description:
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the search.php script not properly sanitizing user-supplied input to the 'action' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2005-08-12
|
MyBulletinBoard (MyBB) search.php action Parameter SQL Injection
|
|
18731
Description:
(Description Provided by CVE) : Grandstream BudgeTone 101 and 102 running firmware 1.0.6.7 and possibly earlier versions, allows remote attackers to cause a denial of service (device hang or reboot) via a large UDP packet to port 5060.
|
2005-08-12
|
Grandstream Budge Tone Malformed UDP Packet DoS
|
|
18980
Description:
(Description Provided by CVE) : Kaspersky Anti-Virus for Unix/Linux File Servers 5.0-5 uses world-writable permissions for the (1) log and (2) license directory, which allows local users to delete log files, append to arbitrary files via a symlink attack on kavmonitor.log, or delete license keys and prevent keepup2date from properly executing.
|
2005-08-12
|
Kaspersky Anti-Virus for Unix Permission Weakness Local Privilege Escalation
|
|
18984
Description:
Xoops has been reported to contain a flaw that allows a remote attacker to disclose the installation path. Subsequent inestigation revealed the issue was due to the global PHP configuration set to report error messages. The path disclosure is unrelated to the Xoops installation.
|
2005-08-12
|
XOOPS Multiple Script Path Disclosure
|
|
18701
Description:
(Description Provided by CVE) : Buffer overflow in the xdr_xcode_array2 function in xdr.c in Linux kernel 2.6.12, as used in SuSE Linux Enterprise Server 9, might allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted XDR data for the nfsacl protocol.
|
2005-08-12
|
Linux Kernel XDR xdr_xcode_array2() Function Overflow
|
|
18754
Description:
MindAlign contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered through an unspecified user enumeration issue, which will disclose user account information resulting in a loss of confidentiality.
|
2005-08-12
|
MindAlign Unspecified User Enumeration Issue
|
|
18755
Description:
MindAlign contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unspecified variables upon submission to an unspecified script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-08-12
|
MindAlign Unspecified XSS
|
|
18756
Description:
(Description Provided by CVE) : Unknown vulnerability in Parlano MindAlign 5.0 and later versions allows remote attackers to bypass authentication via unknown vectors.
|
2005-08-12
|
MindAlign Unspecified Authentication Bypass
|
|
18757
Description:
MindAlign contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered through an unspecified encryption weakness, which will disclose authentication or system information resulting in a loss of confidentiality.
|
2005-08-12
|
MindAlign Unspecified Encryption Weakness
|
|
18733
Description:
(Description Provided by CVE) : Kaspersky Anti-Virus for Unix/Linux File Servers 5.0-5 uses world-writable permissions for the (1) log and (2) license directory, which allows local users to delete log files, append to arbitrary files via a symlink attack on kavmonitor.log, or delete license keys and prevent keepup2date from properly executing.
|
2005-08-12
|
Kaspersky Anti-Virus Log Directory Symlink Local Privilege Escalation
|
|
45053
Description:
Unknown / Incomplete
|
2005-08-12
|
cc_awstats for TYPO3 Unspecified Arbitrary Code Execution
|
|
18985
Description:
Unknown / Incomplete
|
2005-08-12
|
Dokeos scormdocument.php Delete Variable Traversal Arbitrary Directory Deletion
|
|
18986
Description:
Unknown / Incomplete
|
2005-08-12
|
Dokeos document.php Traversal Arbitrary File Manipulation
|
|
18987
Description:
Unknown / Incomplete
|
2005-08-12
|
Dokeos showinframes.php file Variable File Enumeration
|
|
18988
Description:
Unknown / Incomplete
|
2005-08-12
|
Dokeos contents.php file Variable File Enumeration
|
|
57544
Description:
Unknown / Incomplete
|
2005-08-12
|
Novell eDirectory NICI Security Key -e Option Unspecified Issue
|
|
57545
Description:
Unknown / Incomplete
|
2005-08-12
|
Novell eDirectory NLDAP Crafted LDIF File Handling Arbitrary Object Deletion
|
|
18796
Description:
CUPS for OS X contains a flaw that may allow a local denial of service. The issue is triggered when CUPS receives a partial IPP request and a client terminates the connection. The printing service will consume all available CPU resources, and will result in loss of availability for the CUPS printing service.
|
2005-08-12
|
CUPS on Mac OS X Partial IPP Request Connection Termination DoS
|
|
18797
Description:
CUPS contains a flaw that may allow a local denial of service. The issue is triggered when multiple, simultaneous print jobs are executed, and will result in loss of availability for the CUPS Service.
|
2005-08-12
|
CUPS on Mac OS X Print Job Saturation DoS
|
|
25368
Description:
WebSphere Application Server contains a flaw that may lead to unauthorized access. The issue is triggered when a context is secured using a '/*' directive. Direct access to a context's index page using its file name is covered by an authentication process, whereas a request to the directory itself is not covered. This will disclose the index page without authenticatoin, resulting in a loss of confidentiality.
|
2005-08-11
|
IBM WebSphere Application Server (WAS) Welcome Page Security Bypass
|
|
18921
Description:
(Description Provided by CVE) : VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a symlink attack.
|
2005-08-11
|
Adobe Version Cue VCNative Symlink Arbitrary File Overwrite
|
|
18922
Description:
(Description Provided by CVE) : VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, allows local users to load arbitrary libraries and execute arbitrary code via the -lib command line argument.
|
2005-08-11
|
Adobe Version Cue VCNative Arbitrary Library Load Privilege Escalation
|
|
18735
Description:
(Description Provided by CVE) : The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the "Common Framework\Db" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory.
|
2005-08-11
|
McAfee ePolicy Orchestrator / ProtectionPilot Symlink Arbitrary Privileged File Access
|
|
18699
Description:
FUDforum contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker modifies the mid HTTP variable, which will disclose arbitrary restricted forum messages resulting in a loss of confidentiality.
|
2005-08-11
|
FUDforum mid Variable Tree View Arbitrary Restricted Message Access
|
|
23195
Description:
Unknown / Incomplete
|
2005-08-11
|
T2 gnomesu/feature.patch Local Password Disclosure
|
|
20162
Description:
(Description Provided by CVE) : SQL injection vulnerability in MidiCart allows remote attackers to execute arbitrary SQL commands via the code_no parameter to (1) Item_Show.asp or (2) search_list.asp.
|
2005-08-11
|
MidiCart PHP Shopping Cart search_list.asp code_no Parameter SQL Injection
|
|
18763
Description:
ezUpload contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to index.php not properly sanitizing user input supplied to the path variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2005-08-11
|
ezUpload index.php path Parameter Remote File Inclusion
|
|
18764
Description:
ezUpload contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to initialize.php not properly sanitizing user input supplied to the path variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2005-08-11
|
ezUpload initialize.php path Parameter Remote File Inclusion
|
|
18765
Description:
ezUpload contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to customize.php not properly sanitizing user input supplied to the path variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2005-08-11
|
ezUpload customize.php path Parameter Remote File Inclusion
|
|
18766
Description:
ezUpload contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to form.php not properly sanitizing user input supplied to the path variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2005-08-11
|
ezUpload form.php path Parameter Remote File Inclusion
|
|
18703
Description:
A remote overflow exists in Novell eDirectory iMonitor on Windows. iMonitor fails to handle malformed HTTP GET requests resulting in a stack overflow. With a specially crafted request, an attacker can execute arbitrary code with SYSTEM privileges resulting in a loss of integrity.
|
2005-08-11
|
Novell eDirectory iMonitor on Windows dhost.exe Unspecified Remote Overflow
|
|
45590
Description:
(Description Provided by CVE) : The siteaccess URIMatching implementation in eZ publish 3.5 through 3.8 before 20050812 converts all non-alphanumeric characters in a URI to '_' (underscore), which allows remote attackers to bypass access restrictions by inserting certain characters in a URI, as demonstrated by a request for /admin:de, which matches a rule allowing only /admin_de to access /admin.
|
2005-08-11
|
eZ publish siteaccess URIMatching Implementation Crafted Request Access Bypass
|
|
18697
Description:
Nortel VPN Client contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the client is manipulated to run local commands. The VPN Client allows the local user to select an application instead of a configuration file or replace a VPN Client application with a local application. The following application screens can be manipulated (e.g. Change file to cmd.exe) to allow this flaw to occur: - Options >> Authentication Options >> Digital Certificate Authentication Entrust - Connection Wizard - Group Authentication Options >> Challenge Response Token Options >> Software Token Directory This flaw may lead to a loss of integrity as any local commands can be executed as the same user as the VPN Client (typically running as a service under the Window System account).
|
2005-08-10
|
Nortel VPN Client Software Local Privilege Escalation
|
|
18687
Description:
(Description Provided by CVE) : Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers.
|
2005-08-10
|
Evolution vCard Attachment Format String
|
|
18688
Description:
Evolution contains a flaw that may allow a malicious user to execute arbitrary code. The issue is related to an unspecified format string flaw in the display of LDAP contact data. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
|
2005-08-10
|
Evolution LDAP Server Contact Data Remote Format String
|
|
18689
Description:
Evolution contains a flaw that may allow a malicious user to execute arbitrary code. The issue is due to an unspecified format string flaw related to the display of task list data from remote servers. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
|
2005-08-10
|
Evolution Task List Data Remote Format String
|
