[CLOSE] OSVDB ID : 30834 - Disclosed: 2006-08-24

Description:

A remote buffer overflow exists in URLMON.DLL of Microsoft Internet Explorer. The browser fails to check the bounds on long URLs when using the HTTP 1.1 protocol and GZip compression resulting in a heap-based buffer overflow. With a specially crafted request, an attacker can cause execution of arbitrary code resulting in a loss of integrity.

[CLOSE] OSVDB ID : 28250 - Disclosed: 2006-08-24

Description:

Fuji Xerox Printing Systems (FXPS) Print Engine contains a flaw that may allow bypassing certain security restrictions. The issue is triggered because the embedded HTTP server does not authenticate certain HTTP requests correctly. It is possible that the flaw may allow a malicious user to make unauthorized changes to the system configuration or to cause a denial of service resulting in a loss of integrity or availability.

[CLOSE] OSVDB ID : 28204 - Disclosed: 2006-08-24

Description:

ImageMagick contains a flaw that may allow heap-based buffer overflows. The issue is triggered due to unspecified errors within the 'DecodeBitmap()' function and the 'ReadSUNImage()' function in sun.c when processing specially crafted Sun Rasterfile images. It is possible that the flaw may allow remote arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 28205 - Disclosed: 2006-08-24

Description:

ImageMagick contains a flaw that may allow stack-based and a heap-based overflow. The issue is triggered due to errors within the XCF image decoder when processing specially crafted XCF image files. It is possible that the flaw may allow remote arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 30340 - Disclosed: 2006-08-24

Description:

(Description Provided by CVE) : ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different vulnerability than CVE-2006-5778.

[CLOSE] OSVDB ID : 29184 - Disclosed: 2006-08-24

Description:

(Description Provided by CVE) : Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via a Trojan horse program, involving the "system subroutine".

[CLOSE] OSVDB ID : 28230 - Disclosed: 2006-08-24

Description:

Zend Platform contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when the value in the 'PHPSESSID' variable is a 0 length session identifier or a very long session identifier. It is possible that the flaw may allow an attacker to execute arbitrary code resulting in a loss of integrity.

[CLOSE] OSVDB ID : 28231 - Disclosed: 2006-08-24

Description:

A remote overflow exists in Zend Platform. The 'mod_cluster' module fails to handle PHP sessions with an overly long or a zero-length session identifier resulting in a buffer overflow. With a specially crafted request, an attacker can cause a arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 28232 - Disclosed: 2006-08-24

Description:

Zend Platform contains a flaw that allows a remote attacker to create arbitrary files on the hard disk, via the PHP session identifier. The issue is due to an error in the disk storage module, and may result in a loss of integrity.

[CLOSE] OSVDB ID : 28233 - Disclosed: 2006-08-24

Description:

Zend Platform contains a flaw that may allow a malicious user to hijack an existing session. The flaw exists because the product uses non-standard characters in its creation of PHP session IDs. It is possible that the flaw may allow injection of arbitrary code into the session file resulting in a loss of integrity.

[CLOSE] OSVDB ID : 28273 - Disclosed: 2006-08-24

Description:

PHP contains a flaw that may allow a malicious user to inject PHP code into the 'PHPSESSID' session identifier. The flaw is due to lack of validation of the characters used in the 'PHPSESSID' session identifier. It is possible that the flaw may allow execution of arbitrary code resulting in a loss of integrity.

[CLOSE] OSVDB ID : 28227 - Disclosed: 2006-08-24

Description:

Sun Java System Content Delivery Server contains a flaw that may allow a malicious user to read data from arbitrary file. No further details have been provided.

[CLOSE] OSVDB ID : 30339 - Disclosed: 2006-08-24

Description:

(Description Provided by CVE) : ftpd in linux-ftpd 0.17, and possibly other versions, performs a chdir before setting the UID, which allows local users to bypass intended access restrictions by redirecting their home directory to a restricted directory.

[CLOSE] OSVDB ID : 28178 - Disclosed: 2006-08-24

Description:

A remote overflow exists in Streamripper. The product fails to check for boundary errors while processing certain HTTP headers resulting in a buffer overflow. With a specially crafted request, an attacker can cause execute arbitrary code resulting in a loss of integrity.

[CLOSE] OSVDB ID : 28159 - Disclosed: 2006-08-24

Description:

SSH Communications Security SSH Tectia Manager contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the legitimate sshd process has stopped, and a malicious user runs a separate program named sshd. When "Restart" is selected in the management server, the illegitimate sshd process is discovered via a process listing, and the binary is restarted with root privileges, leading to a loss of integrity.

[CLOSE] OSVDB ID : 28218 - Disclosed: 2006-08-24

Description:

phpCOIN contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to constants.php not properly sanitizing user input supplied to the '_CCFG[_PKG_PATH_INCL]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 28219 - Disclosed: 2006-08-24

Description:

phpCOIN contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to api.php not properly sanitizing user input supplied to the '_CCFG[_PKG_PATH_INCL]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 28220 - Disclosed: 2006-08-24

Description:

phpCOIN contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to common.php not properly sanitizing user input supplied to the '_CCFG[_PKG_PATH_INCL]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 28221 - Disclosed: 2006-08-24

Description:

phpCOIN contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to core.php not properly sanitizing user input supplied to the '_CCFG[_PKG_PATH_INCL]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 28222 - Disclosed: 2006-08-24

Description:

phpCOIN contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to custom.php not properly sanitizing user input supplied to the '_CCFG[_PKG_PATH_INCL]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 28223 - Disclosed: 2006-08-24

Description:

phpCOIN contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to db.php not properly sanitizing user input supplied to the '_CCFG[_PKG_PATH_INCL]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 28224 - Disclosed: 2006-08-24

Description:

phpCOIN contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to redirect.php not properly sanitizing user input supplied to the '_CCFG[_PKG_PATH_INCL]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 28225 - Disclosed: 2006-08-24

Description:

phpCOIN contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to session_set.php not properly sanitizing user input supplied to the '_CCFG[_PKG_PATH_INCL]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 28140 - Disclosed: 2006-08-24

Description:

VistaBB contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'functions_mod_user.php' not properly sanitizing user input supplied to the 'phpbb_root_path' variable. This may allow an attacker to include a file from a remote host or the local system of the target that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 28141 - Disclosed: 2006-08-24

Description:

VistaBB contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to functions_portal.php not properly sanitizing user input supplied to the 'phpbb_root_path' variable. This may allow an attacker to include a file from a remote host or the local system of the target that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 28177 - Disclosed: 2006-08-24

Description:

Wikepage contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to index.php not properly sanitizing user input supplied to the 'lng' variable. This may allow an attacker to include a local file that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 28138 - Disclosed: 2006-08-24

Description:

VPN 3000 Concentrator contains a flaw that may allow a malicious user to bypass certain security restrictions. The issue is triggered due to unspecified errors when using FTP as a management protocol and can be exploited to run the 'CWD', 'MKD', 'CDUP', 'RNFR', 'SIZE', and 'RMD' commands without being authenticated. It is possible that the flaw may allow deleting configuration files and certificates resulting in a loss of integrity.

[CLOSE] OSVDB ID : 28139 - Disclosed: 2006-08-24

Description:

VPN 3000 Concentrator contains a flaw that may allow a malicious user to bypass certain security restrictions. The issue is triggered due to unspecified errors when using FTP as a management protocol and can be exploited to run the 'CWD', 'MKD', 'CDUP', 'RNFR', 'SIZE', and 'RMD' commands without being authenticated. It is possible that the flaw may allow deleting configuration files and certificates resulting in a loss of integrity.

[CLOSE] OSVDB ID : 28135 - Disclosed: 2006-08-24

Description:

Cscope contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a boundary error occurs within the parsing of file lists or the expansion of environment variables. It is possible that the flaw may allow the attacker to cause stack-based buffer overflow by using specially crafted 'cscope.lists' files or directories resulting in a loss of integrity.

[CLOSE] OSVDB ID : 28136 - Disclosed: 2006-08-24

Description:

Cscope contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a boundary error occurs within the parsing of command line arguments. It is possible that the flaw may allow the attacker to cause stack-based buffer overflow by supplying a very long 'reffile' argument resulting in a loss of integrity.

[CLOSE] OSVDB ID : 30713 - Disclosed: 2006-08-24

Description:

(Description Provided by CVE) : Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the probe settings," which has unknown impact and attack vectors.

[CLOSE] OSVDB ID : 28249 - Disclosed: 2006-08-24

Description:

Fuji Xerox Printing Systems (FXPS) contains a flaw that may lead to an information disclosure. The problem is that the FTP server does not validate IP addresses supplied via the PORT command while in passive(PASV) mode. It is possible for a remote attacker to establish a connection between the FTP server and an arbitrary port on a third-party system, essentially conducting a port-scan. This can be used to obscure the the source of the port-scan, as well as scan internal systems that may be protected by a screening device.

[CLOSE] OSVDB ID : 30745 - Disclosed: 2006-08-23

Description:

SSH Tectia applications contain a flaw that may allow a malicious user to gain access to the privileges of the running Tectia application. The issue can be triggered by a user that creates certain paths below the paths in a system call when Tectia launches a application. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 48890 - Disclosed: 2006-08-23

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 28121 - Disclosed: 2006-08-23

Description:

Cisco 11000 series Content Service Switches contain a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the device injects an ArrowPoint cookie for user tracking and management. If no value is explicitly set by an administrator for the string option, the device will insert the internal IP address instead. When a cookie is sent to the end user, this will disclose the internal IP address scheme for the protected or internal network.

[CLOSE] OSVDB ID : 28120 - Disclosed: 2006-08-23

Description:

The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered when an application provides an incorrect %ds or %es register to the path in arch/i386/kernel/entry.S:restore_all, and will result in kernel panic.

[CLOSE] OSVDB ID : 28196 - Disclosed: 2006-08-23

Description:

(Description Provided by CVE) : Unspecified vulnerability in the SCSI dissector in Wireshark (formerly Ethereal) 0.99.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors.

[CLOSE] OSVDB ID : 28197 - Disclosed: 2006-08-23

Description:

(Description Provided by CVE) : Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark (formerly Ethereal) 0.99.2 allow remote attackers to cause a denial of service (crash) via unspecified vectors.

[CLOSE] OSVDB ID : 28176 - Disclosed: 2006-08-23

Description:

(Description Provided by CVE) : Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver.

[CLOSE] OSVDB ID : 30312 - Disclosed: 2006-08-23

Description:

(Description Provided by CVE) : SQL injection vulnerability in alltopics.php in the All Topics Hack 1.5.0 and earlier for phpBB 2.0.21 allows remote attackers to execute arbitrary SQL commands via the start parameter.