Monthly Archive: July 2006

Symantec pcAnywhere 12.5 uses weak default permissions for the "SymantecpcAnywhereHosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using...

Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors involving (1) the /net mount point and (2) the "-hosts" map in a mount point. Date published :...

Unspecified vulnerability in the kernel debugger (kmdb) in Sun Solaris 10, when running on x86, allows local users to cause a denial of service (system hang) via unspecified vectors. Date published : 2006-07-21 http://www.securityfocus.com/bid/19080...

Unspecified vulnerability in Sun Solaris 10 allows context-dependent attackers to cause a denial of service (panic) via unspecified vectors involving the event port API. Date published : 2006-07-21 http://www.securityfocus.com/bid/19081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2078

Keyifweb Keyif Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) ANKET/anket.mdb, (2) HABER/keyifweb.mdb, (3) ASP/download.mdb,...

Citrix MetaFrame up to XP 1.0 Feature 1, except when running on Windows Server 2003, installs a registry key with an insecure ACL, which allows remote authenticated users to gain privileges. Date published :...

IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) "Save As Draft" option is used or (2) a "," (comma) is...

PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. Date published : 2006-07-21 http://www.securityfocus.com/bid/19083 http://pridels0.blogspot.com/2006/07/phplinkexchange-remote-file-inclusion.html

PHP remote file inclusion vulnerability in order/index.php in IDevSpot (1) PhpHostBot 1.0 and (2) AutoHost 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. Date published :...

SQL injection vulnerability in the init function in class_session.php in MyBB (aka MyBulletinBoard) 1.1.5 allows remote attackers to execute arbitrary SQL commands via the CLIENT-IP HTTP header ($_SERVER[‘HTTP_CLIENT_IP’] variable), as utilized by index.php. Date...

PHP remote file inclusion vulnerability in performs.php in the perForms component (com_performs) 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. Date published...

PHP remote file inclusion vulnerability in smf.php in the SMF-Forum 1.3.1.3 Bridge Component (com_smf) For Joomla! and Mambo 4.5.3+ allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter....

PHP-Post 0.21 and 1.0, and possibly earlier versions, when auto-login is enabled, allows remote attackers to bypass security restrictions and obtain administrative privileges by modifying the logincookie[user] setting in the login cookie. Date published...

Multiple PHP remote file inclusion vulnerabilities in component.php in iManage CMS 4.0.12 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) articles.php, (2) contact.php,...