[CLOSE] OSVDB ID : 31467 - Disclosed: 2006-12-19

Description:

(Description Provided by CVE) : The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash.

[CLOSE] OSVDB ID : 31526 - Disclosed: 2006-12-19

Description:

cwmVote contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'archive.php' script not properly sanitizing user input supplied to the 'abs' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 31589 - Disclosed: 2006-12-19

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to inject arbitrary web script or HTML via the catname parameter.

[CLOSE] OSVDB ID : 31590 - Disclosed: 2006-12-19

Description:

(Description Provided by CVE) : modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to obtain sensitive information via a request with an arbitrary catname parameter but no itemsdb parameter, which reveals the path in an error message. NOTE: CVE analysis suggests that this error might be resultant from a more serious issue such as directory traversal.

[CLOSE] OSVDB ID : 32341 - Disclosed: 2006-12-18

Description:

MailEnable is prone to an overflow condition. The POP service fails to properly sanitize user-supplied input to the PASS command, resulting in a stack-based buffer overflow. With a specially crafted request, a remote attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 70606 - Disclosed: 2006-12-18

Description:

PHP contains a flaw related to the accepting of the \0 character in a pathname. This may allow a context-dependent attacker to bypass access restrictions by combining this character with a safe file extension, such as .php\0.jpg.

[CLOSE] OSVDB ID : 32337 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in chetcpasswd 2.4.1 allow local users to gain privileges via unspecified vectors related to executing (1) the cp program, (2) the mail program, or (3) the program specified in the post_change configuration line.

[CLOSE] OSVDB ID : 30967 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename.

[CLOSE] OSVDB ID : 32130 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Drupal (1) Project Issue Tracking 4.7.x-1.0 and 4.7.x-2.0, and (2) Project 4.6.x-1.0, 4.7.x-1.0, and 4.7.x-2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, which do not use the check_plain function.

[CLOSE] OSVDB ID : 32354 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in admin/index_sitios.php in Azucar CMS 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the _VIEW parameter.

[CLOSE] OSVDB ID : 32129 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the MySite 4.7.x before 4.7.x-3.3 and 5.x before 5.x-1.3 module for Drupal allows remote attackers to inject arbitrary web script or HTML via the Title field when editing a page. NOTE: some details were obtained from third party information.

[CLOSE] OSVDB ID : 32351 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in index.php in VerliAdmin 0.3 and earlier allows remote authenticated users to execute arbitrary PHP code via a URL in the q parameter.

[CLOSE] OSVDB ID : 31466 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : The do_coredump function in fs/exec.c in the Linux kernel 2.6.19 sets the flag variable to O_EXCL but does not use it, which allows context-dependent attackers to modify arbitrary files via a rewrite attack during a core dump.

[CLOSE] OSVDB ID : 31375 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.

[CLOSE] OSVDB ID : 32338 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in chetcpasswd 2.4.1 allow local users to gain privileges via unspecified vectors related to executing (1) the cp program, (2) the mail program, or (3) the program specified in the post_change configuration line.

[CLOSE] OSVDB ID : 31527 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : The eyeHome function in apps/eyeHome.eyeapp/aplic.php in EyeOS before 0.9.3-3 allows remote attackers to upload and execute arbitrary code via dangerous file extensions that are not all lowercase, which bypasses a cleansing operation.

[CLOSE] OSVDB ID : 32347 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode with SSL enabled, allows remote attackers to cause a denial of service (refused connections) via malformed requests, which results in a mishandled exception.

[CLOSE] OSVDB ID : 32348 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and when the agent is bound to 0.0.0.0 (all interfaces), opens sockets in non-exclusive mode, which allows local users to hijack the socket, and capture data or cause a denial of service (loss of daemon operation).

[CLOSE] OSVDB ID : 32349 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and configured to use only HTTP, allows local users to modify requests and responses between a client and an agent by hijacking an HTTP FRAgent daemon and conducting a man-in-the-middle (MITM) attack.

[CLOSE] OSVDB ID : 32755 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) GNU wget 1.10.2 allows remote attackers to cause a denial of service (application crash) via a malicious FTP server with a large number of blank 220 responses to the SYST command.

[CLOSE] OSVDB ID : 32072 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in main.inc.php in planetluc.com RateMe 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathtoscript parameter.

[CLOSE] OSVDB ID : 32343 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : The NeoScale Systems CryptoStor 700 series appliance before 2.6 relies on client-side ActiveX code for smartcard authentication, which allows remote attackers to bypass smartcard authentication, and gain access if able to present a valid username and password, by disabling ActiveX.

[CLOSE] OSVDB ID : 35837 - Disclosed: 2006-12-18

Description:

(Description Provided by CVE) : SQL injection vulnerability in administration/administre2.php in Eric GUILLAUME uploader&downloader 3 allows remote attackers to execute arbitrary SQL commands via the id_user parameter.

[CLOSE] OSVDB ID : 58707 - Disclosed: 2006-12-18

Description:

Apache WSS4J contains a flaw that may lead to an unauthorized bypass of credentials. The issue is triggered from UsernameTokenProcessor.java where the digest is checked and will validate any password value resulting in a loss of integrity.

[CLOSE] OSVDB ID : 39210 - Disclosed: 2006-12-17

Description:

(Description Provided by CVE) : SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows remote attackers to bypass authentication via the (1) k_a class or (2) sifre parameter.

[CLOSE] OSVDB ID : 32350 - Disclosed: 2006-12-17

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in display.php in HyperVM 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an encoded frm_action parameter. NOTE: the vendor disputes this issue, but it is not certain whether the dispute is about the severity of the issue, or its existence.

[CLOSE] OSVDB ID : 32344 - Disclosed: 2006-12-17

Description:

(Description Provided by CVE) : The server component in Marathon Aleph One before 0.17.1 and 2006-12-17 allows remote attackers to cause a denial of service (application crash) via unspecified vectors related to "gathering net games."

[CLOSE] OSVDB ID : 32345 - Disclosed: 2006-12-17

Description:

(Description Provided by CVE) : Format string vulnerability in Marathon Aleph One before 0.17.1 and 2006-12-17 might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in the TopLevelLogger::logMessageV function in Misc/Logging.cpp. NOTE: some details were obtained from third party information.

[CLOSE] OSVDB ID : 32334 - Disclosed: 2006-12-17

Description:

(Description Provided by CVE) : Fightersoft Multimedia Star FTP server 1.10 allows remote attackers to cause a denial of service (crash) via multiple RETR commands with long arguments.

[CLOSE] OSVDB ID : 37366 - Disclosed: 2006-12-16

Description:

(Description Provided by CVE) : The Allied Telesis AT-9000/24 Ethernet switch has a default password for its admin account, "manager," which allows remote attackers to perform unauthorized actions.

[CLOSE] OSVDB ID : 32501 - Disclosed: 2006-12-16

Description:

(Description Provided by CVE) : The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations.

[CLOSE] OSVDB ID : 31232 - Disclosed: 2006-12-16

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in pages/meeting_constants.php in the Meeting (mx_meeting) 1.1.2 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.

[CLOSE] OSVDB ID : 31233 - Disclosed: 2006-12-16

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in charts_constants.php in the Charts (mx_charts) 1.0.0 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.

[CLOSE] OSVDB ID : 39215 - Disclosed: 2006-12-16

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 36831 - Disclosed: 2006-12-16

Description:

@Mail contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not sanitize incoming emails while rendering HTML emails. This could allow a user to create a specially crafted email that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 32067 - Disclosed: 2006-12-16

Description:

(Description Provided by CVE) : SQL injection vulnerability in haber.asp in Contra Haber Sistemi 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

[CLOSE] OSVDB ID : 33278 - Disclosed: 2006-12-16

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Omniture SiteCatalyst allow remote attackers to inject arbitrary web script or HTML via the (1) ss parameter in (a) search.asp and the (2) company and (3) username fields on (b) the web login page. NOTE: some details were obtained from third party information.

[CLOSE] OSVDB ID : 33280 - Disclosed: 2006-12-16

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Omniture SiteCatalyst allow remote attackers to inject arbitrary web script or HTML via the (1) ss parameter in (a) search.asp and the (2) company and (3) username fields on (b) the web login page. NOTE: some details were obtained from third party information.

[CLOSE] OSVDB ID : 35719 - Disclosed: 2006-12-16

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in language/lang_english/lang_admin.php in the Web Links (mx_links) 2.05 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter.

[CLOSE] OSVDB ID : 32355 - Disclosed: 2006-12-15

Description:

(Description Provided by CVE) : Unspecified vulnerability in Nortel CallPilot 4.x Server has unknown impact and attack vectors, aka P-2006-0011-GLOBAL.