PHP-post Web Forum 0.x.1.0 - pm.php?replyuser Cross-Site Scripting

PHP-post Web Forum 0.x.1.0 - pm.php?replyuser Cross-Site Scripting source: https://www.securityfocus.com/bid/20061/info PHP-Post is prone to multiple input-validation vulnerabilities, including multiple cross-site scripting, SQL-injection, and remote file-include issues, because the application...

Jupiter CMS 1.1.41.1.5 - galleryuploadfunction.php Arbitrary File Upload

Jupiter CMS 1.1.41.1.5 - galleryuploadfunction.php Arbitrary File Upload source: https://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, because the applicatio...

RSA Signature Forgery — Mozilla

Philip Mackenzie and Marius Schilder of Google informed us of Daniel Bleichenbacher's recent presentation of a common implementation error in RSA signature verification, a failure to account for extra data in the signature. For signatures with a small exponent such as 3 it is possible for an...

Multiple RSA implementations fail to properly handle signatures

Overview Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Description RSA signatures are used to authenticate the source of a message. To prevent RSA signatures from being forged, messages are padded with data t...

Autentificator 2.01 - 'Aut_Verifica.Inc.php' SQL Injection

source: https://www.securityfocus.com/bid/19813/info Autentificator is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access...

kernel security update

CentOS Errata and Security Advisory CESA-2006:0575 Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel...

RHEL 4 : kernel (RHSA-2006:0575)

Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system...

Sending multipart/form-data requests from Flash (with arbitrary headers)

Hello lists, In my original "Forging HTTP request headers with Flash" paper http://www.securityfocus.com/archive/1/441014, I mentioned forcing multipart/form-data input format to ensure that Flash's LoadVars isn't used to forge the request. However, there's a work-around for the attacker - using...

CLUB Nuke 2.0 - Multiple SQL Injections

CLUB Nuke 2.0 - Multiple SQL Injections source: https://www.securityfocus.com/bid/19442/info CLUB-Nuke is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

CVE-2006-4023

CVE-2006-4023 : The issue concerns the ip2long function in PHP 5.1.4 and earlier, which may incorrectly validate an arbitrary string and return a valid network IP address. This can enable remote attackers to obtain network information and facilitate other attacks, as demonstrated via SQL injectio...

security flaw

Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...

CVE-2006-3920

The CVE affects Sun Solaris TCP implementation (Solaris 8/9/10) prior to 20060726, where a TCP packet with an incorrect sequence number can trigger an ACK storm and cause remote DoS (resource exhaustion). Root cause: improper TCP sequence handling leading to ACK storm. Affected components: Solari...

phpBB-Auction 1.x - auction_room.php?ar SQL Injection

phpBB-Auction 1.x - auctionroom.php?ar SQL Injection source: https://www.securityfocus.com/bid/19179/info PHPBB-Auction is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. These vulnerabilities...

CVE-2006-3825

The IPv4 implementation in Sun Solaris 10 before 20060721 allows local users to select routes that differ from the routing table, possibly facilitating firewall bypass or unauthorized network communication...

LinksCaffe 3.0 - 'links.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/19149/info LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successf...

LinksCaffe 3.0 - links.php?newdays Cross-Site Scripting

LinksCaffe 3.0 - links.php?newdays Cross-Site Scripting source: https://www.securityfocus.com/bid/19149/info LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the...

PHP Pro Bid 5.2.4 - categories.php?orderType SQL Injection

PHP Pro Bid 5.2.4 - categories.php?orderType SQL Injection source: https://www.securityfocus.com/bid/19158/info PHP Pro Bid is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize...

LinksCaffe 2.0/3.0 - Authentication Bypass

source: https://www.securityfocus.com/bid/19763/info LinksCaffe is prone to an authentication-bypass vulnerability because of a lack of required authentication on the application's administrative script. An attacker can use administrative functions simply by knowing the script's name and location...

kernel security update

CentOS Errata and Security Advisory CESA-2006:0579-01 Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 32 bit architectures This security advisory has been rated as having important security impact by the Red Hat...

Invision Power Board 2.1.x IPSClass.PHP SQL Injection Vulnerability 1

Invision Power Board 2.1.x IPSClass.PHP SQL Injection Vulnerability 1. Webapps exploit for php platform source: http://www.securityfocus.com/bid/18984/info Invision Power Board is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize...