Monthly Archive: March 2008

DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (system crash) via a certain ZERO_MEM DLMFENC_IOCTL request to \.DLKPFSD_Device, aka the "ring0 link list zero" vulnerability. Date...

SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php....

The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through 0.10.0 in SynCE (SynCE-dccm) allows remote attackers to execute arbitrary commands via shell metacharacters in a certain string to TCP port 5679. Date published :...

OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 generates different responses depending on whether or not a username is valid in a failed login attempt, which allows remote attackers to enumerate valid usernames. Date published :...

OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 supports authentication with a cookie that lacks a shared secret, which allows remote attackers to login as an arbitrary user via a modified cookie. Date published : 2008-03-04...

The Drupal.checkPlain function in Drupal 6.0 only escapes the first instance of a character in ECMAScript, which allows remote attackers to conduct cross-site scripting (XSS) attacks. Date published : 2008-03-04 http://www.securityfocus.com/bid/28026 http://drupal.org/node/227608

mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information. Date published : 2008-03-04...

The outboxWriteUnsent function in FTPThread.class in SendFile.jar for Beehive Software SendFile.NET uses hard-coded credentials for an FTP server, which allows remote attackers to gain privileges. Date published : 2008-03-04 http://www.securityfocus.com/bid/28060 http://www.securityfocus.com/archive/1/488947/100/0/threaded

Multiple stack-based buffer overflows in the Learn2 Corporation STRunner (aka Street Technologies) ActiveX control in iestm32.dll allow remote attackers to execute arbitrary code via unspecified vectors. Date published : 2008-03-03 http://www.securityfocus.com/bid/28058 http://www.kb.cert.org/vuls/id/524857

Untrusted search path vulnerability in src/mainwindow.c in Net Activity Viewer 0.2.1 allows local users with Net Activity Viewer privileges to execute arbitrary code via a malicious gksu program, which is invoked during the Restart...

Cross-site scripting (XSS) vulnerability in Drupal 6.0 allows remote authenticated users to inject arbitrary web script or HTML via titles in content edit forms. Date published : 2008-03-03 http://www.securityfocus.com/bid/28026 http://drupal.org/node/227608

Unspecified vulnerability in IBM WebSphere MQ 6.0.x before 6.0.2.2 and 5.3 before Fix Pack 14 allows attackers to bypass access restrictions for a queue manager via a SVRCONN (MQ client) channel. Date published :...

Cross-site scripting (XSS) vulnerability in admin/users/self.php in XRMS CRM allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: some of these details are obtained from third party information....

PHP remote file inclusion vulnerability in tourney/index.php in phpMyTourney 2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. Date published : 2008-03-03 http://www.securityfocus.com/bid/28057 http://www.securityfocus.com/archive/1/488951/100/0/threaded