kscreensaver contains a flaw that is triggered during the handling of a key process containing Alt, SysRq, and F. This will cause the screen lock process to be terminated, which may allow a physically present attacker to bypass the screen lock feature by terminating the screen lock process.
Ksemail contains a flaw that allows a remote attacker to read files outside of the web path. The issue is due to the index.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'lang' and 'language' variable(s).
(Description Provided by CVE) : The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string containing crafted URL protocols.
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php), as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via crafted HTML entities.
Kshop contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'search' variables upon submission to the 'Kshop_search.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
(Description Provided by CVE) : SQL injection vulnerability in product_details.php in the Kshop 1.17 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id parameter.
(Description Provided by CVE) : Kshout 2.x and 3.x stores settings.dat under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords.
(Description Provided by CVE) : Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX Control (AxKSignSWAT.dll) 22.214.171.124 allow remote attackers to execute arbitrary code via long arguments to the (1) SWAT_Init, (2) SWAT_InitEx, (3) SWAT_InitEx2, (4) SWAT_InitEx3, and (5) SWAT_Login functions.
(Description Provided by CVE) : Multiple stack-based buffer overflows in the mt_codec::getHdrHead function in kernel/kls_hdr/fmt_codec_hdr.cpp in ksquirrel-libs 0.8.0 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE image (aka .hdr file).
(Description Provided by CVE) : KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not encrypt connections if the server does not support the requested encryption, which allows remote attackers to read communications via a man-in-the-middle attack.
(Description Provided by CVE) : The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack.
A remote overflow exists in KTH Kerberos 4 FTP Client. The FTP Client fails to do proper bounds checking while receiving a server response to a client request for passive mode, resulting in a heap overflow. By impersonating an FTP Server, an attacker can trigger the overflow on the FTP Client, resulting in a loss of integrity.
(Description Provided by CVE) : KTH Kerberos IV allows local users to specify an alternate proxy using the krb4_proxy variable, which allows the user to generate false proxy responses and possibly gain privileges.
(Description Provided by CVE) : KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges.
When the ticket creating process of Kerberos writes temporary files to the /tmp directory, it uses predictable file names. These file names can be anticipated by an attacker who can create a symbolic link utilizing this name. This could enable the attacker to overwrite system files as root, thus causing a Denial of Service.
A local overflow exists in ktools. The 'VGETSTRING()' function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a malicious user can cause arbitrary code execution resulting in a loss of integrity.
(Description Provided by CVE) : The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.
(Description Provided by CVE) : Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.
KTP Computer Customer Database contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to an Unspecified script not properly sanitizing user-supplied input to the 'lname' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
(Description Provided by CVE) : Directory traversal vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter to the default URI.
KTP Computer Customer Database contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to an Unspecified script not properly sanitizing user-supplied input to the 'tid' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
(Description Provided by CVE) : ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges.
The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO
warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright
holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.