[CLOSE] OSVDB ID : 32038 - Disclosed: 2006-11-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 30685 - Disclosed: 2006-11-30

Description:

(Description Provided by CVE) : LifeType 1.0.x and 1.1.x have insufficient access control for all of the PHP scripts under (1) class/ and (2) plugins/, which allows remote attackers to obtain the installation path via a direct request to any of the scripts, as demonstrated by (a) bayesianfilter.class.php and (b) bootstrap.php, which leaks the path in an error message.

[CLOSE] OSVDB ID : 30686 - Disclosed: 2006-11-30

Description:

(Description Provided by CVE) : LifeType 1.0.x and 1.1.x have insufficient access control for all of the PHP scripts under (1) class/ and (2) plugins/, which allows remote attackers to obtain the installation path via a direct request to any of the scripts, as demonstrated by (a) bayesianfilter.class.php and (b) bootstrap.php, which leaks the path in an error message.

[CLOSE] OSVDB ID : 34648 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : SQL injection vulnerability in includes/functions.php in Kubix 0.7 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the member_id parameter ($id variable) to index.php.

[CLOSE] OSVDB ID : 36832 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the Webadmin in @Mail before 4.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "unescaped data in the database."

[CLOSE] OSVDB ID : 31351 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions.

[CLOSE] OSVDB ID : 34641 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in Kubix 0.7 and earlier allow remote attackers to (1) include and execute arbitrary local files via ".." sequences in the theme cookie to index.php, which is not properly handled by includes/head.php; and (2) read arbitrary files via ".." sequences in the file parameter in an add_dl action to adm_index.php, as demonstrated by reading connect.php.

[CLOSE] OSVDB ID : 34642 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in Kubix 0.7 and earlier allow remote attackers to (1) include and execute arbitrary local files via ".." sequences in the theme cookie to index.php, which is not properly handled by includes/head.php; and (2) read arbitrary files via ".." sequences in the file parameter in an add_dl action to adm_index.php, as demonstrated by reading connect.php.

[CLOSE] OSVDB ID : 36529 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Teredo clients, when source routing is enabled, recognize a Routing header in an encapsulated IPv6 packet and send the packet to the next hop, which might allow remote attackers to bypass policies of certain Internet gateways that drop all source-routed packets.

[CLOSE] OSVDB ID : 36530 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Teredo creates trusted peer entries for arbitrary incoming source Teredo addresses, even if the low 32 bits represent an intranet address, which might allow remote attackers to send IPv4 traffic to intranet hosts that use non-RFC1918 addresses, bypassing IPv4 ingress filtering.

[CLOSE] OSVDB ID : 36531 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Teredo clients, when located behind a restricted NAT, allow remote attackers to establish an inbound connection without the guessing required to find a port mapping for a traditional restricted NAT client, by (1) using the client port number contained in the Teredo address or (2) following the bubble-to-open procedure.

[CLOSE] OSVDB ID : 36532 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Teredo clients, when following item 6 of RFC4380 section 5.2.3, start direct IPv6 connectivity tests (aka ping tests) in response to packets from non-Teredo source addresses, which might allow remote attackers to induce Teredo clients to send packets to third parties.

[CLOSE] OSVDB ID : 30784 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec function.

[CLOSE] OSVDB ID : 30781 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in admin.php in Blogn before 1.9.4 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

[CLOSE] OSVDB ID : 30777 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Unrestricted file upload vulnerability in P-News 2.0 allows remote attackers to upload and execute arbitrary files via an avatar file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 30725 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request.

[CLOSE] OSVDB ID : 31298 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion.

[CLOSE] OSVDB ID : 30770 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.

[CLOSE] OSVDB ID : 30772 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Directory traversal vulnerability in Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to list contents of arbitrary directories and download arbitrary files via a .. (dot dot) sequence in an FTP command argument, as demonstrated by RETR (GET) or STOR (PUT). NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 30773 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to cause a denial of service (crash) via consecutive RETR commands. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 31354 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary.

[CLOSE] OSVDB ID : 31583 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : Directory traversal vulnerability in lib/FBView.php in Horde Kronolith H3 before 2.0.7 and 2.1.x before 2.1.4 allows remote attackers to include arbitrary files and execute PHP code via a .. (dot dot) sequence in the view parameter.

[CLOSE] OSVDB ID : 32018 - Disclosed: 2006-11-29

Description:

(Description Provided by CVE) : SQL injection vulnerability in login.asp in Redbinaria Sistema Integrado de Administracion de Portales (SIAP) allows remote attackers to execute arbitrary SQL commands via the username parameter.

[CLOSE] OSVDB ID : 34761 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator.c in Takeshi Kanno Haru Free PDF Library (libharu2, aka libharu) 2.0.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via certain arguments that yield a large amount of PDF data, as demonstrated by a filled circle.

[CLOSE] OSVDB ID : 32035 - Disclosed: 2006-11-28

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 31548 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields.

[CLOSE] OSVDB ID : 36533 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : Format string vulnerability in Songbird Media Player 0.2 and earlier allows remote attackers to cause a denial of service (crash) via an M3U Playlist file containing extended ASCII, which causes the Unicode converter to be invoked.

[CLOSE] OSVDB ID : 31264 - Disclosed: 2006-11-28

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 36527 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : Unspecified scripts in the admin directory in 8pixel.net SimpleBlog 3.0 and earlier do not properly perform authentication, which allows remote attackers to add users and perform certain other unauthorized privileged actions. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 32026 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in inc/CONTROL/import/import-mt.php in b2evolution 1.8.5 through 1.9 beta allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter.

[CLOSE] OSVDB ID : 33856 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs created by putty, which allows local users to gain sensitive information by reading these files.

[CLOSE] OSVDB ID : 30778 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in b2evolution 1.8.2 through 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) app_name parameter in (a) _404_not_found.page.php, (b) _410_stats_gone.page.php, and (c) _referer_spam.page.php in inc/VIEW/errors/; the (2) baseurl parameter in (d) inc/VIEW/errors/_404_not_found.page.php; and the (3) ReqURI parameter in (e) inc/VIEW/errors/_referer_spam.page.php.

[CLOSE] OSVDB ID : 30779 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in b2evolution 1.8.2 through 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) app_name parameter in (a) _404_not_found.page.php, (b) _410_stats_gone.page.php, and (c) _referer_spam.page.php in inc/VIEW/errors/; the (2) baseurl parameter in (d) inc/VIEW/errors/_404_not_found.page.php; and the (3) ReqURI parameter in (e) inc/VIEW/errors/_referer_spam.page.php.

[CLOSE] OSVDB ID : 30780 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in b2evolution 1.8.2 through 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) app_name parameter in (a) _404_not_found.page.php, (b) _410_stats_gone.page.php, and (c) _referer_spam.page.php in inc/VIEW/errors/; the (2) baseurl parameter in (d) inc/VIEW/errors/_404_not_found.page.php; and the (3) ReqURI parameter in (e) inc/VIEW/errors/_referer_spam.page.php.

[CLOSE] OSVDB ID : 30723 - Disclosed: 2006-11-28

Description:

A local overflow exists in Mac OS X. The shared_region_make_private_NP() function fails to validate user input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 30776 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : P-News 2.0 stores db/user.txt under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and password hashes via a direct request. NOTE: this might be the same issue as CVE-2006-6888.

[CLOSE] OSVDB ID : 31697 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : Business Objects Crystal Enterprise 9 and 10 generates predictable session identifiers, which allows remote attackers to hijack sessions of other users via WCSID cookie values.

[CLOSE] OSVDB ID : 30683 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : Monkey Boards 0.3.5 allows remote attackers to obtain sensitive information via direct requests to (1) include/admin_auth.inc.php and (2) include/engine/class.compiler.php, which reveals the full path in an error message. NOTE: this issue is only an exposure if the administrator has changed the default script path.

[CLOSE] OSVDB ID : 30684 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : Monkey Boards 0.3.5 allows remote attackers to obtain sensitive information via direct requests to (1) include/admin_auth.inc.php and (2) include/engine/class.compiler.php, which reveals the full path in an error message. NOTE: this issue is only an exposure if the administrator has changed the default script path.

[CLOSE] OSVDB ID : 36481 - Disclosed: 2006-11-28

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in view_search.asp in ClickTech Click Gallery allows remote attackers to inject arbitrary web script or HTML via the txtKeyWord parameter. NOTE: some of these details are obtained from third party information.