Monthly Archive: July 2005

Stack-based buffer overflow in pads.c in Passive Asset Detection System (Pads) might allow local users to execute arbitrary code via a long report file name argument. NOTE: since Pads is not normally installed setuid,...

PimenGest2 before 1.1.1 allows remote attackers to obtain the database password via debug information in rowLatex.inc.php. Date published : 2005-07-19 http://www.securityfocus.com/bid/10408 ftp://ftp.pimentech.net/src/pimengest2/debian/changelog

Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name. Date published : 2005-07-19 http://www.securityfocus.com/bid/11824 http://secunia.com/secunia_research/2004-17/advisory/

SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter. Date published : 2005-07-19 http://www.securityfocus.com/bid/11824 http://secunia.com/secunia_research/2004-17/advisory/

UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact. Date published : 2005-07-19 http://www.securityfocus.com/bid/9857

** DISPUTED ** Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code...

SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and earlier allows remote attackers to modify SQL statements via the vc2 cookie. Date published : 2005-07-19 http://www.securityfocus.com/bid/10970 http://sourceforge.net/project/shownotes.php?release_id=254915

ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to images.php. Date...

Cross-site scripting (XSS) vulnerability in e107 allows remote attackers to inject arbitrary script or HTML via the "login name/author" field in the (1) news submit or (2) article submit functions. Date published : 2005-07-19...

Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute. Date...

vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant. Date published : 2005-07-19...

Xconfig in Hummingbird Exceed before 9.0.0.1, when the Screen Definition is password-protected, allows local users to access certain options by switching to another tab, then switching back to the original tab. Date published :...

Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a allows remote attackers to inject arbitrary web script or HTML via the yr parameter to calendar.php. Date published : 2005-07-19 http://lostmon.blogspot.com/2005/07/clever-copy-calendarphp-yr-variable.html

Clever Copy 2.0 and 2.0a allows remote attackers to obtain the full path of the web root via a direct request to (1) ticker.php, (2) menu.php, (3) banned.php, (4) endlayout.php, (5) randomhlinesblock.php, (6) showlast.php,...