[CLOSE] OSVDB ID : 89876 - Disclosed: 2010-09-21

Description:

By default, Edimax BR-6428n installs with default user credentials (username/password combination). The 'admin' account has a password of '1234', which is publicly known and documented. This allows remote attackers to trivially access the program or system and gain privileged access.

[CLOSE] OSVDB ID : 68221 - Disclosed: 2010-09-20

Description:

SWiSH Max3 is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a SWI file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

[CLOSE] OSVDB ID : 68222 - Disclosed: 2010-09-20

Description:

Fotobook Editor is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a DTP file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

[CLOSE] OSVDB ID : 68163 - Disclosed: 2010-09-20

Description:

(Description Provided by CVE) : Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a rose_getname function call, related to the rose_bind and rose_connect functions.

[CLOSE] OSVDB ID : 68167 - Disclosed: 2010-09-20

Description:

bzip2 contains an integer overflow condition in the decompress functionality. The issue is due to the 'BZ2_decompress()' function in decompress.c not validating user-supplied input when decompressing files. With a specially crafted compressed file, a context-dependent attacker can cause an integer overflow, resulting in a denial of service or potentially execution of arbitrary code.

[CLOSE] OSVDB ID : 69658 - Disclosed: 2010-09-20

Description:

OpenSSH contains a flaw related to public parameter validation of the J-PAKE protocol. The issue is triggered when a remote attacker uses crafted values for each round of the protocol to avoid the requirement for the shared sacred and bypass authentication.

[CLOSE] OSVDB ID : 70660 - Disclosed: 2010-09-20

Description:

The 'vbd_create' function in Xen allows guest OS users to cause a denial of service when attempting to access a virtual CD-ROM through the blkback driver.

[CLOSE] OSVDB ID : 68162 - Disclosed: 2010-09-20

Description:

(Description Provided by CVE) : Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.c_Patch3 allows remote attackers to execute arbitrary code or cause a denial of service (service crash) via a long request.

[CLOSE] OSVDB ID : 68161 - Disclosed: 2010-09-20

Description:

(Description Provided by CVE) : The default configuration of the CCAgent option before 9.0.8.4 in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition enables maintenance access, which allows remote attackers to monitor or reconfigure Contact Center operations via vectors involving TSA_maintenance.exe.

[CLOSE] OSVDB ID : 68160 - Disclosed: 2010-09-20

Description:

(Description Provided by CVE) : The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition relies on client-side authorization checking, and unconditionally sends the SuperUser password to the client for use during an authorized session, which allows remote attackers to monitor or reconfigure Contact Center operations via a modified client application.

[CLOSE] OSVDB ID : 68152 - Disclosed: 2010-09-20

Description:

LightNEasy contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'LightNEasy.php' script not properly sanitizing user-supplied input to the 'handle' parameter and to the 'userhandle' cookie. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 68194 - Disclosed: 2010-09-20

Description:

Primitive CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'cms_write.php' script not properly sanitizing user-supplied input to the 'title' and 'menutitle' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 68258 - Disclosed: 2010-09-20

Description:

(Description Provided by CVE) : The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

[CLOSE] OSVDB ID : 68259 - Disclosed: 2010-09-20

Description:

(Description Provided by CVE) : The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

[CLOSE] OSVDB ID : 68302 - Disclosed: 2010-09-20

Description:

(Description Provided by CVE) : Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 72658 - Disclosed: 2010-09-20

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 69286 - Disclosed: 2010-09-20

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 68195 - Disclosed: 2010-09-19

Description:

SmarterMail contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the 'FileStorageUpload.ashx' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'name' parameter. This directory traversal attack would allow the attacker to access arbitrary files.

[CLOSE] OSVDB ID : 68193 - Disclosed: 2010-09-19

Description:

BoutikOne contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'list.php' script not properly sanitizing user-supplied input to the 'page' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 68287 - Disclosed: 2010-09-19

Description:

Pluck contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions such as create an arbitrary user. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 91791 - Disclosed: 2010-09-19

Description:

mingetty contains a flaw that allows an attacker to traverse outside of a restricted path. The issue is due to the chdir() function not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../). This directory traversal attack would allow a local attacker to gain access to arbitrary files.

[CLOSE] OSVDB ID : 68402 - Disclosed: 2010-09-18

Description:

(Description Provided by CVE) : The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (database server ABEND) by using the client CLI on Linux, UNIX, or Windows for executing a prepared statement with a large number of parameter markers.

[CLOSE] OSVDB ID : 70607 - Disclosed: 2010-09-18

Description:

PHP contains a flaw that may allow a context-dependent denial of service. The issue is triggered when a use-after-free error in the Zend engine occurs, allowing a context-dependent attacker to use vectors related to the '__set', '__get', '__isset' and '__unset' methods to cause a denial of service, or possibly have other unspecified impact.

[CLOSE] OSVDB ID : 76216 - Disclosed: 2010-09-18

Description:

Restaurant Guide Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 76241 - Disclosed: 2010-09-18

Description:

Restaurant Guide Component for Joomla! contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input placed after the > character. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 76254 - Disclosed: 2010-09-18

Description:

Gambio contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'product_reviews_info.php' script not properly sanitizing user-supplied input to the 'products_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 68087 - Disclosed: 2010-09-17

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 68097 - Disclosed: 2010-09-17

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 68058 - Disclosed: 2010-09-17

Description:

phpmyfamily contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'reason' parameter upon submission to the 'inc/passwdform.inc.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 68057 - Disclosed: 2010-09-17

Description:

phpmyfamily contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'referer' parameter upon submission to the 'mail.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 68056 - Disclosed: 2010-09-17

Description:

phpmyfamily contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'person' parameter upon submission to the 'track.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 68055 - Disclosed: 2010-09-17

Description:

phpmyfamily contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the multiple unspecified functionalities. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 68054 - Disclosed: 2010-09-17

Description:

phpmyfamily contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'my.php' script not properly sanitizing user-supplied input to the 'pwdEmail' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 68053 - Disclosed: 2010-09-17

Description:

phpmyfamily contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'track.php' script not properly sanitizing user-supplied input to the 'email' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 68052 - Disclosed: 2010-09-17

Description:

phpmyfamily contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'passthru.php' script not properly sanitizing user-supplied input to the 'transcript' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 68051 - Disclosed: 2010-09-17

Description:

phpmyfamily contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the 'passthru.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'transcript' parameter. This directory traversal attack would allow the attacker to delete arbitrary files on the system.

[CLOSE] OSVDB ID : 68365 - Disclosed: 2010-09-17

Description:

WebKit contains a typecasting flaw in the 'rendererIsNeeded' function when handling parents that are not SVG elements. With a specially crafted web page, a context-dependent attacker can corrupt memory to cause a denial of service or potentially execute arbitrary code.

[CLOSE] OSVDB ID : 68096 - Disclosed: 2010-09-17

Description:

(Description Provided by CVE) : Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC Client before 1.0.25 allows user-assisted remote attackers to execute arbitrary code via a crafted .csv file, related to a status log message.

[CLOSE] OSVDB ID : 68117 - Disclosed: 2010-09-17

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 68133 - Disclosed: 2010-09-17

Description:

Unknown / Incomplete