[CLOSE] OSVDB ID : 79636 - Disclosed: 2012-02-25

Description:

idev-BusinessDirectory contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'SEARCH' parameter upon submission to the 'index.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 80348 - Disclosed: 2012-02-25

Description:

Tiny Server contains a flaw that may allow a remote denial of service. The issue is triggered when sending an overly long GET request which causes the service to crash resulting in a loss of availability.

[CLOSE] OSVDB ID : 80751 - Disclosed: 2012-02-25

Description:

Collaborative Passwords Manager contains a flaw that allows a remote user to execute arbitrary PHP code. This flaw exists because the uploadify.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the user to execute the script.

[CLOSE] OSVDB ID : 79631 - Disclosed: 2012-02-25

Description:

IBM AIX contains a flaw that may allow a remote denial of service. The issue is triggered when sending a specially crafted ICMP packet which causes a kernel panic resulting in a loss of availability.

[CLOSE] OSVDB ID : 79662 - Disclosed: 2012-02-25

Description:

LibreSource contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'action' parameter upon submission to the 'home/development/bug' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79664 - Disclosed: 2012-02-25

Description:

TeamPass contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the index.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'user_language' cookie. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 79728 - Disclosed: 2012-02-25

Description:

TeamPass contains a flaw that allows a remote user to execute arbitrary PHP code. This flaw exists because the includes/libraries/uploadify/uploadify.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the user to execute the script.

[CLOSE] OSVDB ID : 80752 - Disclosed: 2012-02-25

Description:

Collaborative Passwords Manager contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the program not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'user_language' cookie. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 79496 - Disclosed: 2012-02-25

Description:

Puppet contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the application creating temporary files insecurely. It is possible for a local attacker to use a symlink attack against the '.k5login' file to cause the program to unexpectedly write to, or overwrite an attacker specified file.

[CLOSE] OSVDB ID : 79590 - Disclosed: 2012-02-25

Description:

Dropbear contains a flaw related to the management of channel concurrencies. The issue is triggered due to an 'use-after-free' condition within a specially crafted request that may allow a remote attacker to potentially execute arbitrary code with root privileges.

[CLOSE] OSVDB ID : 79637 - Disclosed: 2012-02-25

Description:

MyJobList contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'eid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79651 - Disclosed: 2012-02-25

Description:

NetDecision is prone to an overflow condition. The HTTP service fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted GET request containing an overly long URI, a remote attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 79789 - Disclosed: 2012-02-24

Description:

Google Chrome on multiple Chromebook platforms contains multiple unspecified issues that may allow an attacker to conduct an attack with an unknown impact. No further details have been provided.

[CLOSE] OSVDB ID : 79652 - Disclosed: 2012-02-24

Description:

NetDecision Traffic Grapher Server contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when sending a specially crafted HTTP GET request containing an invalid HTTP version number followed by multiple CRLFs to the 'default.nd' file, which will disclose the source code to a remote attacker.

[CLOSE] OSVDB ID : 79653 - Disclosed: 2012-02-24

Description:

NetDecision Dashboard Server contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when requesting a non-existent resource, which will disclose the absolute path of the web directory to a remote attacker.

[CLOSE] OSVDB ID : 79494 - Disclosed: 2012-02-24

Description:

PHP Live! contains multiple unspecified issues that may allow an attacker to conduct an attack with an unknown impact. No further details have been provided.

[CLOSE] OSVDB ID : 79495 - Disclosed: 2012-02-24

Description:

Puppet contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is due to the application not dropping its own group permissions when spawning child processes, which may allows a local attacker to gain access to root privileges.

[CLOSE] OSVDB ID : 79613 - Disclosed: 2012-02-24

Description:

CJWSoft ASPGuest GuestBook contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'edit.asp' script not properly sanitizing user-supplied input to the 'ID' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79618 - Disclosed: 2012-02-24

Description:

Snom VoIP Phone contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of the administrator's password. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 79687 - Disclosed: 2012-02-24

Description:

LimeSurvey contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the admin/userrighthandling.php script does not validate the 'full_name' parameter upon submission to the 'admin.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79688 - Disclosed: 2012-02-24

Description:

LimeSurvey contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin/browse.php script not properly sanitizing user-supplied input passed via the 'id' parameter to the 'admin.php' script. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 80179 - Disclosed: 2012-02-24

Description:

GnuTLS contains a flaw that may allow a remote denial of service. The issue is triggered due to a logical error within the libgnutls library when calling to free memory twice ('double-free') during the parsing of a malformed certificate list, which causes the application to crash resulting in a loss of availability.

[CLOSE] OSVDB ID : 80268 - Disclosed: 2012-02-24

Description:

HostBill contains a flaw related to the administrative area. The issue is triggered when parsing security rules, and the software processes 'Allow' rules before 'Deny' rules. This may create a condition where traffic is passed that should be blocked.

[CLOSE] OSVDB ID : 79612 - Disclosed: 2012-02-24

Description:

PHP Gift Registry contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'users.php' script not properly sanitizing user-supplied input to the 'userid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79633 - Disclosed: 2012-02-24

Description:

phpFox contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'val[description]' parameter upon submission to the 'marketplace/add/id_195' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79667 - Disclosed: 2012-02-24

Description:

Bontq contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via the URL upon submission to the user/ script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 80107 - Disclosed: 2012-02-24

Description:

yaSSL contains a flaw that may allow a remote denial of service. The issue is triggered due to an error within the CyaSSL library when parsing malformed X.509 certificates which causes the application to crash resulting in a loss of availability.

[CLOSE] OSVDB ID : 79491 - Disclosed: 2012-02-24

Description:

Csound is prone to an overflow condition. The getnum() function in util/heti_main.c fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted hetro file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 79660 - Disclosed: 2012-02-24

Description:

Kongreg8 contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'groupname', 'groupdescription', 'firstname' and 'surname' parameters upon submission to the 'index.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 80329 - Disclosed: 2012-02-24

Description:

CreateVision CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'artykul_print.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 91173 - Disclosed: 2012-02-24

Description:

Apache Wicket contains a flaw that may allow a remote attacker to bypass the WebApplicationPath constructor. This will allow the attacker to gain access to any file in the /WEB-INF/ directory.

[CLOSE] OSVDB ID : 79477 - Disclosed: 2012-02-23

Description:

YVS Image Gallery contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'view_album.php' script not properly sanitizing user-supplied input to the 'album_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79508 - Disclosed: 2012-02-23

Description:

The Uploader contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login.php script not properly sanitizing user-supplied input to the 'username' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data. Additionally, this SQLi can be used to inject a PHP payload which can then be called and executed, allowing for arbitrary code execution.

[CLOSE] OSVDB ID : 79655 - Disclosed: 2012-02-23

Description:

The firmware in Snom VoIP phones contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered due to the handling of the advanced_network.htm form, allowing a remote attacker to reset the administrator password and gain access to full administrator privileges.

[CLOSE] OSVDB ID : 79478 - Disclosed: 2012-02-23

Description:

Apache Solr Extension for TYPO3 contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79507 - Disclosed: 2012-02-23

Description:

The Cisco Small Business SRP520 / SRP540 series contain a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the TFTP application not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) when handling file upload requests. This directory traversal attack would allow the attacker to upload arbitrary files.

[CLOSE] OSVDB ID : 79770 - Disclosed: 2012-02-23

Description:

Multiple D-Link DCS products contain a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the security.cgi script does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of the administrator's password. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 79617 - Disclosed: 2012-02-23

Description:

D-Link DSL-2640B is prone to an authentication-bypass vulnerability. Attackers can exploit this issue to connect with administrator permissions without make authentication.

[CLOSE] OSVDB ID : 79872 - Disclosed: 2012-02-23

Description:

FreeType contains an overflow condition in src/bdf/bdflib.c. The issue is triggered as user-supplied input is not properly validated when adding properties. With a specially crafted Bitmap Distribution Format (BDF) font file, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.

[CLOSE] OSVDB ID : 79875 - Disclosed: 2012-02-23

Description:

FreeType contains an overflow condition in src/type42/t42parse.c. The issue is triggered as user-supplied input is not properly validated. With a specially crafted SFNT string in a Type 42 font, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.