[CLOSE] OSVDB ID : 74369 - Disclosed: 2011-07-27

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 74364 - Disclosed: 2011-07-27

Description:

TYPO3 contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the RemoveXSS function does not validate an unspecified attack vector in Internet Explorer 6. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 74370 - Disclosed: 2011-07-27

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 74493 - Disclosed: 2011-07-27

Description:

Plone contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'type_name' parameter upon submission to the 'Members/ipa/createObject' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 76148 - Disclosed: 2011-07-27

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 91169 - Disclosed: 2011-07-27

Description:

XFree86 x11perf is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows a local attacker to inject custom code that will be run with the privilege of the program or user executing the program. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source. This can be done by tricking a user into opening a x11perfcomp file from the local file system or a USB drive in some cases. This attack scenario is certainly possible, but rare.

[CLOSE] OSVDB ID : 74661 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

[CLOSE] OSVDB ID : 74660 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : The Network Lock Manager (NLM) protocol implementation in the NFS client functionality in the Linux kernel before 3.0 allows local users to cause a denial of service (system hang) via a LOCK_UN flock system call.

[CLOSE] OSVDB ID : 74051 - Disclosed: 2011-07-26

Description:

Virtual Money Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'catid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 74181 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations.

[CLOSE] OSVDB ID : 74174 - Disclosed: 2011-07-26

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 74169 - Disclosed: 2011-07-26

Description:

ManageEngine ServiceDesk Plus contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'siteName' parameter upon submission to the SiteDef.do script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 74170 - Disclosed: 2011-07-26

Description:

ManageEngine ServiceDesk Plus contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'wsName' parameter upon submission to the ManualNodeAddition.do script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 74171 - Disclosed: 2011-07-26

Description:

ManageEngine ServiceDesk Plus contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'fullName' parameter upon submission to the TechnicianDef.do script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 74172 - Disclosed: 2011-07-26

Description:

ManageEngine ServiceDesk Plus contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'groupName' parameter upon submission to the GroupResourcesDef.do script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 74173 - Disclosed: 2011-07-26

Description:

ManageEngine ServiceDesk Plus contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'agreementNumber' parameter upon submission to the LicenseAgreement.do script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 74071 - Disclosed: 2011-07-26

Description:

Samba contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of Samba daemons, and the addition or removal of shares, printers and user accounts . By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 74052 - Disclosed: 2011-07-26

Description:

Microsoft IE contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input passed via EUC-JP encoded characters. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 74152 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request.

[CLOSE] OSVDB ID : 74072 - Disclosed: 2011-07-26

Description:

Samba contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'user' field upon submission to the 'Change password' page. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 74264 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via two unspecified ActiveX controls.

[CLOSE] OSVDB ID : 74523 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 supports weak SSL ciphers, which makes it easier for remote attackers to obtain access via a brute-force attack.

[CLOSE] OSVDB ID : 74524 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching of HTTPS responses, which makes it easier for remote attackers to obtain sensitive information by leveraging an unattended workstation.

[CLOSE] OSVDB ID : 80269 - Disclosed: 2011-07-26

Description:

Corpse botnet C&C contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'states' and 'countrys' parameters upon submission to the index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 74658 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value.

[CLOSE] OSVDB ID : 74182 - Disclosed: 2011-07-26

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 74519 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecified vectors.

[CLOSE] OSVDB ID : 74520 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors.

[CLOSE] OSVDB ID : 74521 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

[CLOSE] OSVDB ID : 74522 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

[CLOSE] OSVDB ID : 76136 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.

[CLOSE] OSVDB ID : 76137 - Disclosed: 2011-07-26

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 76816 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) frames, aka Bug ID CSCtq36327.

[CLOSE] OSVDB ID : 76817 - Disclosed: 2011-07-26

Description:

(Description Provided by CVE) : The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many unicast EAPoL Protocol Data Units (PDUs), aka Bug ID CSCtq36336.

[CLOSE] OSVDB ID : 74872 - Disclosed: 2011-07-25

Description:

(Description Provided by CVE) : smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

[CLOSE] OSVDB ID : 74752 - Disclosed: 2011-07-25

Description:

(Description Provided by CVE) : The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.

[CLOSE] OSVDB ID : 80717 - Disclosed: 2011-07-25

Description:

Mac OS X contains a flaw related to the LDAP authentication. When connecting to an OpenLDAP server Mac OS X Lion allows the user to enter any credentials, bypassing authentication.

[CLOSE] OSVDB ID : 74031 - Disclosed: 2011-07-25

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 74162 - Disclosed: 2011-07-25

Description:

(Description Provided by CVE) : BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors.

[CLOSE] OSVDB ID : 74180 - Disclosed: 2011-07-25

Description:

KDE kdeutils Ark contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the program not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via .ZIP files. This directory traversal attack would allow the attacker to access and delete arbitrary files.