15. CGIScript.net Information Disclosure Vulnerability
BugTraq ID: 4764
Remote: Yes
Date Published: May 17 2002 12:00A
Relevant URL:
http://www.securityfocus.com/bid/4764
Summary: CGIScript.net provides various webmaster related tools and is maintained
by Mike Barone and Andy Angrick.
It is possible to cause numerous scripts provided by CGIScript.net to
disclose sensitive system information.
A malformed POST request will cause the host to display debug data in an
error page. As a result, server path information, form input, and
environment variables could be revealed to remote users.
Other types of malformed web requests may also cause this condition to occur.
Path, form input, and environment variable information may aid the
attacker in making further attacks against the host.
16. LevCGI NetPad Unauthorized File Access Vulnerability
BugTraq ID: 4741
Remote: Yes
Date Published: May 14 2002 12:00A
Relevant URL:
http://www.securityfocus.com/bid/4741
Summary: LevCGI NetPad is a web-based text editor. It is available for Linux and
Unix variants as well as Microsoft Windows operating systems.
Write access to NetPad documents is password-protected. However,
authentication is not required to read the contents of NetPad documents.
Arbitrary web users may request existing documents and view their
contents, causing sensitive information in the documents to be disclosed.
17. Swatch Throttled Event Reporting Vulnerability
BugTraq ID: 4746
Remote: Yes
Date Published: May 15 2002 12:00A
Relevant URL:
http://www.securityfocus.com/bid/4746
Summary: Swatch is a freely available, open source log watching utility.
It is available for the Unix and Linux platforms.
Swatch may fail to report activities. The problem is in the design of the
program.
This problem could allow an attacker with knowledge of an event that has
previously occurred and been throttled on a system to reproduce the event
without being noticed by swatch.
22. Phorum Remote Command Execution Vulnerability
BugTraq ID: 4763
Remote: Yes
Date Published: May 17 2002 12:00A
Relevant URL:
http://www.securityfocus.com/bid/4763
Summary: Phorum is a PHP based web forums package designed for most UNIX variants,
Linux, and Microsoft Windows operating systems.
A vulnerability has been reported in Phorum that will allow remote
attackers to specify external PHP scripts and potentially execute
commands.
The vulnerability exists in 'plugin.php', 'admin.php' and 'del.php' files
found in the distribution of Phorum version 3.3.2a.
As a consequence, the vulnerable system will interpret the arbitrary
attacker-supplied remote file (such as a PHP script). The remote file may
potentially contain destructive commands that will be executed by the
vulnerable system.
25. GRSecurity Linux Kernel Memory Protection Weakness
BugTraq ID: 4762
Remote: No
Date Published: May 17 2002 12:00A
Relevant URL:
http://www.securityfocus.com/bid/4762
Summary: The grsecurity Linux Kernel patch is a source-code patch developed and
maintained by the grsecurity development team.
A design error may allow for attackers to bypass the protection of the
patch.
The patch operates by redirecting the write() system call when it is being
used to write to a memory device. Unfortunately, there are other methods
that can be used to write to system memory (such as mapping the device to
memory using mmap()).
Local attackers with root access may exploit this weakness to modify
kernel data structures or inject backdoor code, evading the protection of
the patch.
26. Gaim Sensitive World Readable Temporary File Vulnerability
BugTraq ID: 4730
Remote: No
Date Published: May 13 2002 12:00A
Relevant URL:
http://www.securityfocus.com/bid/4730
Summary: Gaim is a chat client which supports AOL Instant Messenger, ICQ, MSN
Instant Messenger, Yahoo Instant Messenger, Jabber and IRC. Gaim runs on a
number of Unix-based platforms, including Linux.
An issue has been reported in versions of Gaim, which could enable an
unauthorized user to gain access to sensitive files.
A feature exists which enables a user to configure Gaim to check for new
email messages from configured web mail services. This feature runs when
Gaim is started, and creates two /tmp files which are world readable.
Reportedly, these temporary files may include sensitive information,
including authentication credentials for the specified mail service.
This issue has been known to specifically affect Hotmail accounts,
although other configured email web services may be affected. There may be
a limited time window in which this information may be used to
authenticate to Hotmail, possibly based on timeout mechanisms inherent in
Hotmail.
27. NetWin DNews Remote Access Vulnerability
BugTraq ID: 4737
Remote: Yes
Date Published: May 14 2002 12:00A
Relevant URL:
http://www.securityfocus.com/bid/4737
Summary: DNews is a commercially available NNTP server. It is available for
various operating systems, including Linux, Unix, and Microsoft Windows.
A vulnerability has been announced by the distributors of DNews.
Information concerning this vulnerability is not readily available. It
is, however, possible that this vulnerability is remotely exploitable, as
the distributors of DNews recommend the placement of access control
entries in dnews.conf configuration file.
Successful exploitation may allow for remote attackers to gain access to
target servers. It has been suggested that this vulnerability affects the
management interface on port 7119, and could result in DNews system
reconfiguration. This is yet unconfirmed.