Monthly Archive: January 2006

membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with...

Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier has (1) world-readable permissions for ipn/logs/ipn_success.txt, which allows local users to view sensitive information (payment data), and (2) world-writable...

Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php....

Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages. Date published...

SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter. Date published : 2006-01-13 http://www.securityfocus.com/archive/1/421727/100/0/threaded http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html

Cross-site scripting (XSS) vulnerability in a certain module, possibly poll or Pool, for XOOPS allows remote attackers to inject arbitrary web script or HTML via JavaScript in the SRC attribute of an IMG element...

The XClientMessageEvent struct used in certain components of X.Org 6.8.2 and earlier, possibly including (1) the X server and (2) Xlib, uses a "long" specifier for elements of the l array, which results in...

Unspecified vulnerability in Serial line sniffer (aka slsnif) 0.4.4 allows local users to gain privileges via a long value of the HOME environment variable, possibly because of a buffer overflow. Date published : 2006-01-13...

Cross-site scripting (XSS) vulnerability in default.asp in FogBugz 4.029, and other versions before 4.0.33, allows remote attackers to inject arbitrary web script or HTML via the dest parameter in the pgLogon page. Date published...

Cross-site scripting (XSS) vulnerability in the Hosting Control Panel (psoft.hsphere.CP) in Positive Software H-Sphere 2.4.3 Patch 8 and earlier allows remote attackers to inject arbitrary web script or HTML via the login parameter in...

SQL injection vulnerability in Login_Validate.asp in ASPSurvey 1.10 allows remote attackers to execute arbitrary SQL commands via the Password parameter to login.asp. Date published : 2006-01-13 http://www.securityfocus.com/bid/16496 http://www.securityfocus.com/archive/1/423949/100/0/threaded

Unspecified vulnerability in Sun Solaris 10 allows local users to cause a denial of service (null dereference) via unspecified vectors involving the use of the find command on the "/proc" filesystem. NOTE: due to...

Unspecified vulnerability in Sun Solaris 9 and 10 for the x86 platform allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors, possibly involving functions from the mm...

Buffer overflow in eStara Softphone 3.0.1.14 through 3.0.1.46 allows remote attackers to execute arbitrary code via a long attribute (aka "a") field in the SDP data of a SIP packet on UDP port 5060....