Monthly Archive: January 2006

Avaya VPNRemote before 4.2.33 stores credentials in cleartext in process memory, which allows attackers to obtain the VPN user’s credentials. Date published : 2006-01-09 http://support.avaya.com/elmodocs2/security/ASA-2005-230.pdf

The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics...

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158. Date published : 2006-01-09 http://www.securityfocus.com/bid/16184 http://www.debian.org/security/2006/dsa-946

Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1.6.0 and earlier allows remote attackers to execute arbitrary code via various vectors, including the username. Date published : 2006-01-09 http://www.securityfocus.com/bid/16177 http://www.securityfocus.com/archive/1/421286/100/0/threaded

Cross-site scripting (XSS) vulnerability in SimpBook 1.0, with html_enable on (the default), allows remote attackers to inject arbitrary web script or HTML via the message field. Date published : 2006-01-09 http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041127.html http://securitytracker.com/id?1015451

NetSarang Xlpd 2.1 allows remote attackers to cause a denial of service (crash) via a large number of connections from the same IP address. Date published : 2006-01-09 http://www.securityfocus.com/bid/16164 http://www.ipomonis.com/advisories/xlpd.txt

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7)...

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez,...

The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users...

The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified...

Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with...

Cross-site scripting (XSS) vulnerability in andromeda.php in Andromeda 1.9.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the s parameter. NOTE: the provenance of this information is unknown; the...

Qualcomm Eudora Internet Mail Server (EIMS) before 3.2.8 allows remote attackers to cause a denial of service (crash) via (1) malformed NTLM authentication requests, or a malformed (2) Incoming Mail X or (3) Temporary...

Cross-site scripting (XSS) vulnerability in post.php in NavBoard V16 Stable(2.6.0) and V17beta2 allows remote attackers to inject arbitrary web script or HTML via the (1) b, (2) textlarge, and (3) url bbcode tags. Date...