| OSVDB ID | Disclosure Date | Title |
|---|
|
27653
Description:
Mambatstaff for Mambo contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to mambatstaff.php not properly sanitizing user input supplied to the 'mosConfig_absolute_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2006-07-31
|
Mambatstaff for Mambo (com_mambatstaff) mambatstaff.php mosConfig_absolute_path Parameter Remote File Inclusion
|
|
30198
Description:
(Description Provided by CVE) : PHP remote file inclusion vulnerability in editprofile.php in php(Reactor) 1.27pl1 allows remote attackers to execute arbitrary PHP code via a URL in the pathtohomedir parameter.
|
2006-07-31
|
php(Reactor) editprofile.php pathtohomedir Parameter Remote File Inclusion
|
|
29052
Description:
(Description Provided by CVE) : Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.2 have unknown impact and attack vectors.
|
2006-07-31
|
Simple HTTP Scanner Unspecified Issue
|
|
27699
Description:
(Description Provided by CVE) : Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0.1.10_rc5 and earlier on Linux/BSD, allow remote attackers to execute arbitrary code via (1) a large .S3M file handled by the mpLoadS3M function, (2) a crafted .IT file handled by the itplayerclass::module::load function, (3) a crafted .ULT file handled by the mpLoadULT function, or (4) a crafted .AMS file handled by the mpLoadAMS function.
|
2006-07-31
|
Open Cubic Player (OCP) playgmd/gmdls3m.cpp mpLoadS3M Function Overflow
|
|
27700
Description:
(Description Provided by CVE) : Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0.1.10_rc5 and earlier on Linux/BSD, allow remote attackers to execute arbitrary code via (1) a large .S3M file handled by the mpLoadS3M function, (2) a crafted .IT file handled by the itplayerclass::module::load function, (3) a crafted .ULT file handled by the mpLoadULT function, or (4) a crafted .AMS file handled by the mpLoadAMS function.
|
2006-07-31
|
Open Cubic Player (OCP) playit/itload.cpp Overflow
|
|
27701
Description:
(Description Provided by CVE) : Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0.1.10_rc5 and earlier on Linux/BSD, allow remote attackers to execute arbitrary code via (1) a large .S3M file handled by the mpLoadS3M function, (2) a crafted .IT file handled by the itplayerclass::module::load function, (3) a crafted .ULT file handled by the mpLoadULT function, or (4) a crafted .AMS file handled by the mpLoadAMS function.
|
2006-07-31
|
Open Cubic Player (OCP) playgmd/gmdlult.cpp mpLoadULT Function Overflow
|
|
27702
Description:
(Description Provided by CVE) : Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0.1.10_rc5 and earlier on Linux/BSD, allow remote attackers to execute arbitrary code via (1) a large .S3M file handled by the mpLoadS3M function, (2) a crafted .IT file handled by the itplayerclass::module::load function, (3) a crafted .ULT file handled by the mpLoadULT function, or (4) a crafted .AMS file handled by the mpLoadAMS function.
|
2006-07-31
|
Open Cubic Player (OCP) playgmd/gmdlams.cpp mpLoadAMS Function Overflow
|
|
27646
Description:
The vulnerability is caused due to a boundary error in the processing of the "PASS" command. This can be exploited to cause a stack-based buffer overflow by supplying an overly long argument (more than 2571 bytes).
|
2006-07-31
|
Easy File Sharing FTP Server PASS Command Overflow
|
|
27654
Description:
a6MamboHelpDesk for Mambo contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to admin.a6mambohelpdesk.php not properly sanitizing user input supplied to the 'mosConfig_live_site' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2006-07-31
|
a6MamboHelpDesk for Mambo (com_a6mambohelpdesk) admin.a6mambohelpdesk.php mosConfig_live_site Parameter Remote File Inclusion
|
|
27667
Description:
A local overflow exists in Lhaplus. Lhaplus fails to handle specialy crafted LZH files resulting in a heap overflow. With a specially crafted LZH file containing an "extended header size" in the file header set to 256 or more, an attacker can execute arbitrary commands resulting in a loss of integrity and/or availability.
|
2006-07-31
|
Lhaplus LZH Archive Extended Header Processing Overflow
|
|
27695
Description:
(Description Provided by CVE) : VMware ESX Server 2.0.x before 2.0.2 and 2.x before 2.5.2 patch 4 stores authentication credentials in base 64 encoded format in the vmware.mui.kid and vmware.mui.sid cookies, which allows attackers to gain privileges by obtaining the cookies using attacks such as cross-site scripting (CVE-2005-3619).
|
2006-07-31
|
VMware ESX Server Management Interface Session Cookie Password Encryption Weakness
|
|
27696
Description:
VMware ESX Server Web Server Log contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plaintext passwords when viewing the logs, which may lead to a loss of confidentiality.
|
2006-07-31
|
VMware ESX Server Web Server Log Cleartext Password Disclosure
|
|
27697
Description:
(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in the management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 allows allows remote attackers to perform unauthorized actions as the administrator via URLs, as demonstrated using the setUsr operation to change a password. NOTE: this issue can be leveraged with CVE-2005-3619 to automatically perform the attacks.
|
2006-07-31
|
VMware ESX Server setUsr Operation CSRF
|
|
28285
Description:
Unknown / Incomplete
|
2006-07-31
|
Help Center Live module.php Local File Inclusion
|
|
27909
Description:
(Description Provided by CVE) : Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds), Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, and 10.1.327.401), and Backup Exec for Windows Server and Remote Agent 9.1 (build 9.1.4691), 10.0 (builds 10.0.5484 and 10.0.5520), and 10.1 (build 10.1.5629) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RPC message.
|
2006-07-31
|
Symantec Backup Exec Remote Agent RPC Interface Multiple Unspecified Overflows
|
|
27666
Description:
MyNewsGroups contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /lib/tree/layersmenu.inc.php script not properly sanitizing user input supplied to the 'myng_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2006-07-31
|
MyNewsGroups layersmenu.inc.php myng_root Parameter Remote File Inclusion
|
|
27818
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via an encoded SCRIPT element in an e-mail message with the UTF-7 character set, as demonstrated by the "+ADw-SCRIPT+AD4-" sequence.
|
2006-07-31
|
Novell GroupWise WebAccess UTF-7 Encoded Message XSS
|
|
27819
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via an encoded SCRIPT element in an e-mail message with the UTF-7 character set, as demonstrated by the "+ADw-SCRIPT+AD4-" sequence.
|
2006-07-31
|
Novell GroupWise WebAccess Malformed SCRIPT Tag XSS
|
|
27681
Description:
Informix Dynamic Server contains an unspecified flaw related to a buffer overflow in the DBINFO() function that may allow an attacker to execute arbitrary code. No further details have been provided.
|
2006-07-31
|
IBM Informix Dynamic Server DBINFO() Function Overflow
|
|
27682
Description:
Informix Dynamic Server contains an unspecified flaw related to an overflow in the LOTOFILE() function that may allow an attacker to execute arbitrary code. No further details have been provided.
|
2006-07-31
|
IBM Informix Dynamic Server LOTOFILE() Function Overflow
|
|
27683
Description:
Informix Dynamic Server contains an unspecified flaw related to an overflow in the FILETOCLOB() function that may allow an attacker to execute arbitrary code. No further details have been provided.
|
2006-07-31
|
IBM Informix Dynamic Server FILETOCLOB() Function Overflow
|
|
27684
Description:
Informix Dynamic Server contains an unspecified flaw related to the dbimp and dbexp procedures in sysmaster that may allow an attacker to execute arbitrary code. No further details have been provided.
|
2006-07-31
|
IBM Informix Dynamic Server sysmaster Multiple Procedure Arbitrary Command Execution
|
|
27685
Description:
Informix Dynamic Server contains an unspecified flaw related to an overflow in the handling of Windows usernames that may allow an attacker to execute arbitrary code. No further details have been provided.
|
2006-07-31
|
IBM Informix Dynamic Server on Windows username Overflow
|
|
27686
Description:
Informix Dynamic Server contains an unspecified flaw related to the SET DEBUG FILE statement that may allow an attacker to execute arbitrary commands. No further details have been provided.
|
2006-07-31
|
IBM Informix Dynamic Server SET DEBUG FILE Statement Arbitrary Command Execution
|
|
27687
Description:
Informix Dynamic Server contains an unspecified flaw related to an overflow in the SET DEBUG FILE statement that may allow an attacker to execute arbitrary code. No further details have been provided.
|
2006-07-31
|
IBM Informix Dynamic Server SET DEBUG FILE Overflow
|
|
27688
Description:
Informix Dynamic Server contains an unspecified flaw related to an overflow in the getname() function that may allow an attacker to execute arbitrary code. No further details have been provided.
|
2006-07-31
|
IBM Informix Dynamic Server getname() Function Overflow
|
|
27689
Description:
Informix Dynamic Server contains an unspecified flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is related to C code UDR, and may lead to a loss of integrity.
|
2006-07-31
|
IBM Informix Dynamic Server C Code UDR Unspecified Privilege Upgrade
|
|
27690
Description:
Informix Dynamic Server contains 2 unspecified flaws that may allow an attacker to cause a denial of service. No further details have been provided.
|
2006-07-31
|
IBM Informix Dynamic Server Multiple Unspecified DoS
|
|
27691
Description:
Informix Dynamic Server contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to cleartext passwords because they are stored unencrypted in shared memory, which may lead to a loss of confidentiality.
|
2006-07-31
|
IBM Informix Dynamic Server Shared Memory Cleartext Password Disclosure
|
|
27692
Description:
Informix Dynamic Server contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered by default permissions that allow any authenticated user to create a database. This flaw may lead to a loss of integrity.
|
2006-07-31
|
IBM Informix Dynamic Server Unauthorized Database Creation
|
|
27693
Description:
Informix Dynamic Server contains an unspecified flaw related to an overflow in the ifx_file_to_file() function that may allow an attacker to execute arbitrary code. No further details have been provided.
|
2006-07-31
|
IBM Informix Dynamic Server ifx_file_to_file() Function Overflow
|
|
27694
Description:
Informix Dynamic Server contains an unspecified flaw related to an overflow in the SQLIDEBUG environment variable that may allow an attacker to execute arbitrary code. No further details have been provided.
|
2006-07-31
|
IBM Informix Dynamic Server SQLIDEBUG Environment Variable Overflow
|
|
41602
Description:
Unknown / Incomplete
|
2006-07-31
|
IBM WebSphere Application Server (WAS) SWAM Transformation Code security.xml Overwrite Weakness
|
|
28996
Description:
(Description Provided by CVE) : PHP remote file inclusion vulnerability in lmo.php in the LMO Component (com_lmo) 1.0b2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
|
2006-07-31
|
LMO for Joomla lmo.php mosConfig_absolute_path Parameter Remote File Inclusion
|
|
27534
Description:
Safari contains a flaw that may allow a malicious user to execute arbitrary code. The issue is caused due to an error in the 'KHTMLParser::popOneBlock()' function that can be exploited to cause a memory corruption via a script element in a div element redefining the document body. It is possible that the flaw may allow remote arbitrary code execution resulting in a loss of integrity.
|
2006-07-31
|
Apple Safari KHTMLParser::popOneBlock Code Execution
|
|
29868
Description:
(Description Provided by CVE) : PHP remote file inclusion vulnerability in administrator/components/com_bayesiannaivefilter/lang.php in the bayesiannaivefilter component (com_bayesiannaivefilter) 1.1 for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
|
2006-07-30
|
bayesiannaivefilter for Mambo lang.php mosConfig_absolute_path Parameter Remote File Inclusion
|
|
28277
Description:
Tor contains a flaw that may allow a remote denial of service. The issue is triggered due to two unspecified errors in the communication handling, and will result in loss of availability for the network or the client.
|
2006-07-30
|
EFF Tor Client First Node / Entry Guard Malformed Input Remote DoS
|
|
39200
Description:
Unknown / Incomplete
|
2006-07-30
|
Seir Anphin CMS index.php m Parameter SQL Injection
|
|
39201
Description:
Unknown / Incomplete
|
2006-07-30
|
Seir Anphin CMS article.php id Parameter SQL Injection
|
|
39202
Description:
Unknown / Incomplete
|
2006-07-30
|
Seir Anphin CMS blog.php id Parameter SQL Injection
|
