1. GIMP
The GNU Image Manipulation Program is a powerful and free piece of software that can handle all basic image editing tasks and much more beyond that. The fact that it’s open source and available for UNIX platforms, Mac and Windows makes it extremely flexible.
2. Paint.NET
This is probably the most powerful free photo editing software on the market. It can complete simple tasks such as red eye correction, resizing, cropping, but it also supports layers. The program is open source and a great collection of user created plugins is available from its online community.
It’s hard to recommend one over the other here, so depending on what you want to do with these programs, Paint.NET and GIMP are probably equally great…given you are a Windows user.
3. Autostitch
This is the perfect tool if you want to create panorama images from a series of photos. It works fully automatic and doesn’t require user input. The program can handle both horizontal and vertical stitching. The demo is fully functional and free. One thing you have to be prepared for though is the amount of system resources this program will occupy, depending on the options you select.
4. Microsoft Reserach Group Shot
If you need to take a photo of a large group of people, chances are that no matter how many shots you take, there won’t be a single photo everyone is happy with. This is where you should give Microsoft Group Shot a chance. With this software you can select your favorite parts in each shot of the series and the program will merge all your photos into the perfect composite image. Unfortunately, it appears the beta software download has expired, however future releases are around the corner.
5. TKexe Kalender
It’s the New Year and maybe you still need a paper calendar. To quickly create a personal and unique edition, try this easy to use software.
6. Opanda PhotoFilter
Filters can make a photo very interesting and special. But it’s tiring to carry around filters for your camera or play with camera or software settings endlessly to yield the desired results. Easier yet, use Opanda PhotoFilter to post process your snapshots. The program comes equipped with more than 100 different settings simulating Kodak, Cokin and Hoya filters.
7. Foto Mosaik
Create a mosaic picture from hundreds or thousands of photos.
The mosaic image is the eagle displayed in the top left, the rest of the image is a zoom into the single tiles, indicated by the red frame.
8. Win Morph
Morph, warp and distort images in a professional and high quality way. This program gives you all the freedom you could possibly ask for from a free package. It works as standalone application or as a plugin for various video editors, it offers advanced keyframing, blending and distortion tools for total control and can even do dynamic morphing with various input (JPEG,BMP,PCX,PNG,PBM,TGA,TIFF) and output (JPEG,BMP,PNG,TGA,TIFF,AVI,MPEG and SWF) file formats. Are you sold, yet? No wait, it’s free!
9. Free Digital Camera Enhancer
This is the tool to give your digital images the final touch. Reduce noise caused by bad light situations, smooth skin in portraits, correct the midtones, and add saturation. Naturally, this will work best on bad images.
10. JPEG Lossless Rotator
With most programs, the simple act of rotating your JPEG photo into the right orientation and saving it causes a loss of quality. JPEG Lossless Rotator does the job without recoding your photo. Rather it performs a special lossless block transformation which leaves the quality of your photo untouched. Yes, this is a tool for freaks…or geeks.
source
Wednesday, January 30, 2008
Archive the Web with Diigo
Del.icio.us was a big discovery for me. The ability to access my bookmarks anywhere, share them with others, and discover my friends’ favorites: Wow!
But I had a moment of truth the day I clicked a months-old bookmark only to discover that one of my favorite pages on Web design had vanished. D’oh! I’d really depended on that material! Suddenly apprehensive, I started going through all of my del.icio.us links one-by-one, discovering that a large percentage had vanished off the face of the Web.
It felt almost like I’d had a hard drive failure. Only then did I realize how much I’d come to depend on Web-based content.
Sure, for finding the odd missing page, there’s always Archive.org, but that saves pages intermittently and it’s a fairly clunky solution for an ongoing problem. What I really needed was a social bookmarking service that cached a full version of each bookmarked page with all the graphics and formatting intact.
Get Digging
Enter Diigo. I’m surprised this excellent social bookmarking service doesn’t have a higher profile online. It’s fast, easy, and it saves a cache of every page by default. I really don’t see how del.icio.us can compete, considering that Diigo looks much nicer and still manages to respond more crisply.
(Yes, there are other social bookmarking sites out there, and were I a true productivity blogger and not a dilettante, I’d give you a point-by-point feature comparison with a nifty chart. In this case, I’m going to fall back on “trust me.” Diigo’s the best I’ve tried, and I’ve tried a bunch.)
But getting the most out of Diigo isn’t as simple as swapping out your del.icio.us quick bookmarks and moving on. Strategy counts.
A Method to the Bookmarking Madness
There are some types of sites you shouldn’t bother archiving. I use Gmail, Google Calendar, and Toodledo constantly, but if any of them goes down, an archived version won’t do me a lick of good. For sites I simply access frequently, I keep a bookmark tab on my Netvibes page.
Use Diigo for static pages with useful content. Here are some suggested uses from my own Diigo love affair:
Best of all, Diigo can automatically post any new links to the other social bookmarking sites of your choice, so there’s no need to re-sync if you try Diigo and end up not liking the experience. Your old account will be up-to-date and ready to roll.
When you sign up, make sure to take a quick tour through the robust tools available on the site, from the browser toolbar to the “diigolet” quick link. With Diigo, capturing Web-based content (and sharing it with others) is quick, easy, and seamless.
source
But I had a moment of truth the day I clicked a months-old bookmark only to discover that one of my favorite pages on Web design had vanished. D’oh! I’d really depended on that material! Suddenly apprehensive, I started going through all of my del.icio.us links one-by-one, discovering that a large percentage had vanished off the face of the Web.
It felt almost like I’d had a hard drive failure. Only then did I realize how much I’d come to depend on Web-based content.
Sure, for finding the odd missing page, there’s always Archive.org, but that saves pages intermittently and it’s a fairly clunky solution for an ongoing problem. What I really needed was a social bookmarking service that cached a full version of each bookmarked page with all the graphics and formatting intact.
Get Digging
Enter Diigo. I’m surprised this excellent social bookmarking service doesn’t have a higher profile online. It’s fast, easy, and it saves a cache of every page by default. I really don’t see how del.icio.us can compete, considering that Diigo looks much nicer and still manages to respond more crisply.
(Yes, there are other social bookmarking sites out there, and were I a true productivity blogger and not a dilettante, I’d give you a point-by-point feature comparison with a nifty chart. In this case, I’m going to fall back on “trust me.” Diigo’s the best I’ve tried, and I’ve tried a bunch.)
But getting the most out of Diigo isn’t as simple as swapping out your del.icio.us quick bookmarks and moving on. Strategy counts.
A Method to the Bookmarking Madness
There are some types of sites you shouldn’t bother archiving. I use Gmail, Google Calendar, and Toodledo constantly, but if any of them goes down, an archived version won’t do me a lick of good. For sites I simply access frequently, I keep a bookmark tab on my Netvibes page.
Use Diigo for static pages with useful content. Here are some suggested uses from my own Diigo love affair:
- Research. Why bother copying and pasting articles you’ll be using in your next paper or presentation when you can add them to a searchable database in one click?
- Publicity. If you have a blog, podcast, or other promotable work, you’ll want to clip all the reviews, blog mentions, etc. Diigo’s perfect for quickly and easily capturing those mentions for posterity and, since it’s shareable, you can show off your best clips in a snap.
- Want List. It’s not really a resolution, but I do plan to cut down on my expenditures in 2008, and one way that’s always worked well for me in the past is creating a “want list.” When I see a nifty notebook or gadget or safety razor I want to buy, I add it to the want list with the date. 30 days later, if it still sounds awesome, I’ll buy it. But often my enthusiasm for that nifty cable wrap I saw on Cool Tools has waned and I’ve saved twenty bucks.
- Lifehacks. Obviously. If you’re like me, you’re constantly gathering tips and advice on productivity and technology from around the Web. Save them here and go over them periodically to see which ones actually worked in practice and which were quickly forgotten.
- Recipes. Several recipe sites let you aggregate your favorites, but if you get your recipes from multiple sites, you can use Diigo to keep them all in the same place.
- Blogging. One of the big advantages of a social bookmarking service is the social part. Diigo makes it easy to share your links, post them to your blog, or even do an automatic daily post of links to your site.
Best of all, Diigo can automatically post any new links to the other social bookmarking sites of your choice, so there’s no need to re-sync if you try Diigo and end up not liking the experience. Your old account will be up-to-date and ready to roll.
When you sign up, make sure to take a quick tour through the robust tools available on the site, from the browser toolbar to the “diigolet” quick link. With Diigo, capturing Web-based content (and sharing it with others) is quick, easy, and seamless.
source
SecurityFocus Newsletter #437
1. X.Org X Server 'EVI' Extension Local Privilege Escalation Vulnerability
BugTraq ID: 27353
Remote: No
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27353
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to execute arbitrary code with superuser privileges or to crash the affected computer.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
2. X.Org X Server 'TOG-CUP' Extension Local Privilege Escalation Vulnerability
BugTraq ID: 27355
Remote: No
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27355
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to execute arbitrary code with superuser privileges or to crash the affected computer.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
3. Numara FootPrints 'MRchat.pl' and 'MRABLoad2.pl' Multiple Remote Command Execution Vulnerabilities
BugTraq ID: 27373
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27373
Summary:
Numara FootPrints is prone to multiple vulnerabilities that attackers can leverage to execute arbitrary commands. These issues occur because the application fails to adequately sanitize user-supplied input.
Successful attacks can compromise the affected application and possibly the underlying computer.
Versions prior to FootPrints 8.1 are vulnerable.
4. Drupal Archive Module Cross-Site Scripting Vulnerabilities
BugTraq ID: 27436
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27436
Summary:
Archive module for Drupal is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
These issues affect versions prior to 5.x-1.8.
5. aconon Mail Template Parameter Directory Traversal Vulnerability
BugTraq ID: 27427
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27427
Summary:
aconon Mail is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
Exploiting this issue may allow an attacker to access sensitive information that could aid in further attacks.
The issue affects aconon Mail 2007 Enterprise SQL 11.7.0 and 2004 Enterprise SQL 11.5.1; other versions may also be vulnerable.
6. SLAED CMS 'index.php' Local File Include Vulnerability
BugTraq ID: 27426
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27426
Summary:
SLAED CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability using directory-traversal strings to execute local script code in the context of the application. This may allow the attacker to access sensitive information that may aid in further attacks.
SLAED CMS 2.5 Lite is vulnerable to this issue; other versions may also be affected.
7. Liquid-Silver CMS 'update/index.php' Local File Include Vulnerability
BugTraq ID: 27425
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27425
Summary:
Liquid-Silver CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability using directory-traversal strings to access potentially sensitive information that may aid in further attacks.
8. Comodo AntiVirus 'ExecuteStr()' ActiveX Control Arbitrary Command Execution Vulnerability
BugTraq ID: 27424
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27424
Summary:
A Comodo AntiVirus ActiveX control is prone to a vulnerability that lets attackers execute arbitrary commands.
Successfully exploiting this issue allows remote attackers to execute arbitrary commands in the context of the application using the ActiveX control (typically Internet Explorer).
Comodo AntiVirus 2.0 is vulnerable to this issue; other versions may also be affected.
9. HFS HTTP File Server Multiple Security Vulnerabilities
BugTraq ID: 27423
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27423
Summary:
HFS HTTP File Server is prone to multiple security vulnerabilities.
These vulnerabilities include cross-site scripting issues, an information-disclosure issue, an arbitrary file-creation issue, a denial-of-service issue, a username spoofing issue and a log file forging issue.
A successful exploit could allow an attacker to deny service to legitimate users, create and execute arbitrary files in the context of the webserver process, falsify log information, or execute arbitrary script code in the browser of an unsuspecting user. Other attacks are also possible.
10. Siteman 'articles.php' File Disclosure Vulnerability
BugTraq ID: 27422
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27422
Summary:
Siteman is prone to a vulnerability that lets attackers obtain potentially sensitive information because it fails to prevent access to arbitrary files.
An attacker can exploit this issue to download arbitrary files with the privileges of the webserver process. Information obtained may aid in further attacks.
This issue affects Siteman 1.1.9; other versions may be vulnerable as well.
11. Cisco Application Velocity System (AVS) Remote Default Account Vulnerabilities
BugTraq ID: 27421
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27421
Summary:
Cisco Application Velocity System (AVS) is prone to multiple default-account vulnerabilities. These issues stem from a design flaw that makes several accounts available to remote attackers.
Successful exploits allow remote attackers to gain administrative access to vulnerable appliances.
Versions of Cisco AVS prior to 5.1.0 are vulnerable.
Cisco is tracking these issues as Cisco Bug ID CSCsd94732.
12. Web Wiz Rich Text Editor Arbitrary HTML File Creation Vulnerability
BugTraq ID: 27420
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27420
Summary:
Web Wiz Rich Text Editor is prone to a vulnerability that permits the creation of an arbitrary HTML file.
An attacker can exploit this issue to place arbitrary HTML code on the vulnerable computer. This may aid in retrieving potentially sensitive information from an unsuspecting victim; other attacks are also possible.
This issue affects Rich Text Editor 4.0; other versions may also be vulnerable.
13. Multiple Web Wiz Products Remote Information Disclosure Vulnerability
BugTraq ID: 27419
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27419
Summary:
Web Wiz Forums, NewsPad, and Rich Text Editor are prone to a remote information-disclosure vulnerability because they fail to properly sanitize user-supplied input.
An attacker can exploit this issue to retrieve arbitrary files in the context of the webserver process. Information obtained may aid in further attacks; other attacks are also possible.
This issue affects Forums 9.07, NewsPad 1.02, and Rich Text Editor 4.0; other versions may also be vulnerable.
14. Lama Software 'MY_CONF[classRoot]' Multiple Remote File Include Vulnerabilities
BugTraq ID: 27380
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27380
Summary:
Lama Software is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
15. Coppermine Photo Gallery 'thumbnails.php' SQL Injection Vulnerability
BugTraq ID: 27372
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27372
Summary:
Coppermine Photo Gallery is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This issue may be related to the vulnerability documented in BID 24710 (Coppermine Photo Gallery Album Password Cookie SQL Injection Vulnerability). We will update this BID as more information emerges.
This issue affects Coppermine Photo Gallery 1.4.10; other versions may also be vulnerable.
16. Alice Gate2 Plus Wi-Fi Router Cross-Site Request Forgery Vulnerability
BugTraq ID: 27374
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27374
Summary:
Alice Gate2 Plus Wi-Fi routers are prone to a cross-site request-forgery vulnerability.
An attacker can exploit this issue to alter administrative configuration on affected devices. Specifically, altering the wireless encryption settings on devices has been demonstrated. Other attacks may also be possible.
17. IBM WebSphere Application Server serveServletsByClassnameEnabled Unspecified Vulnerability
BugTraq ID: 27371
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27371
Summary:
IBM WebSphere Application Server is prone to an unspecified vulnerability.
Currently, very little is known about this issue. We will update this BID as more information emerges.
WebSphere Application Server 6.0 through 6.0.2.25 and 6.1 through 6.1.0.14 are vulnerable.
18. boastMachine 'mail.php' SQL Injection Vulnerability
BugTraq ID: 27369
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27369
Summary:
boastMachine is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
boastMachine 3.1 is vulnerable to this issue; other versions may also be affected.
19. MediaWiki Search Bar Cross-Site Scripting Vulnerability
BugTraq ID: 27370
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27370
Summary:
MediaWiki is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
20. MegaBBS 'upload.asp' Cross-Site Scripting Vulnerability
BugTraq ID: 27368
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27368
Summary:
MegaBBS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
MegaBBS 1.5.14b is vulnerable; other versions may also be affected.
21. Apache HTTP Server Worker Process Multiple Denial of Service Vulnerabilities
BugTraq ID: 24215
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/24215
Summary:
Apache is prone to multiple denial-of-service vulnerabilities.
An attacker with the ability to execute arbitrary server-side script-code can exploit these issues to stop arbitrary services on the affected computer in the context of the master webserver process; other attacks may also be possible.
22. Apache HTTP Server Mod_Proxy Denial of Service Vulnerability
BugTraq ID: 25489
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/25489
Summary:
The Apache mod_proxy module is prone to a denial-of-service vulnerability.
A remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM).
23. Apache HTTP Server Mod_Cache Denial of Service Vulnerability
BugTraq ID: 24649
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/24649
Summary:
The Apache mod_cache module is prone to a denial-of-service vulnerability.
A remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM).
24. Apache HTTP Server Mod_Status Cross-Site Scripting Vulnerability
BugTraq ID: 24645
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/24645
Summary:
The Apache HTTP Server mod_status module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
25. BalaBit IT Security syslog-ng NULL-Pointer Dereference Denial of Service Vulnerability
BugTraq ID: 26897
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/26897
Summary:
BalaBit IT Security 'syslog-ng' is prone to a denial-of-service vulnerability because it fails to adequately sanitize user-supplied input.
Attackers can leverage this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.
This issue affects versions prior to syslog-ng and syslog-ng-premium-edition 2.0.6 and 2.1.8.
26. Cairo PNG Image Processing Remote Integer Overflow Vulnerability
BugTraq ID: 26650
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/26650
Summary:
Cairo is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to overflow a buffer and to corrupt process memory.
Attackers may be able to execute arbitrary machine code in the context of an affected application. Failed exploit attempts will likely result in a denial-of-service condition.
This issue affects versions prior to Cairo 1.4.12.
27. X.Org X 'Server X:1 -sp' Command Information Disclosure Vulnerability
BugTraq ID: 27356
Remote: No
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27356
Summary:
X.Org X Server is prone to a local information-disclosure vulnerability.
Attackers can exploit this issue to gain access to sensitive information that may lead to further attacks.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
28. X.Org X Server 'PassMessage' Request Local Privilege Escalation Vulnerability
BugTraq ID: 27354
Remote: No
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27354
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to execute arbitrary code with superuser privileges. Successfully exploiting this issue will result in the complete compromise of an affected computer. Failed exploit attempts will likely crash the computer.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
29. X.Org X Server 'Xinput' Extension Local Privilege Escalation Vulnerability
BugTraq ID: 27351
Remote: No
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27351
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to execute arbitrary code with superuser privileges or to crash the affected computer.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
30. X.Org X Server 'MIT-SHM' Local Privilege Escalation Vulnerability
BugTraq ID: 27350
Remote: No
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27350
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to execute arbitrary code with superuser privileges or to crash the affected computer.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
31. Tikiwiki CMS 'tiki-listmovies.php' Directory Traversal Vulnerability
BugTraq ID: 27008
Remote: Yes
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27008
Summary:
Tikiwiki CMS is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
Exploiting this issue may allow an attacker to access sensitive information that could aid in further attacks.
Versions prior to Tikiwiki CMS 1.9.9 are vulnerable.
32. TikiWiki 'tiki-special_chars.php' Cross-Site Scripting Vulnerability
BugTraq ID: 27004
Remote: Yes
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27004
Summary:
TikiWiki is prone a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
TikiWiki 1.9.8.3 is vulnerable; prior versions may also be affected.
33. Cisco PIX and ASA Appliance 'TTL Decrement' Denial of Service Vulnerability
BugTraq ID: 27418
Remote: Yes
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27418
Summary:
Multiple Cisco security appliances are prone to a denial-of-service vulnerability when the Time-To-Live (TTL) decrement feature is enabled for handling IP packets.
An attacker can exploit this issue to cause the affected devices to reload, denying service to legitimate users. Repeat attacks will result in a prolonged denial-of-service condition.
The following devices are affected:
Cisco PIX 500 Series Security Appliance
Cisco 5500 Series Adaptive Security Appliance (ASA)
Devices running software versions from 7.2(2) and up to 7.2(3)006 or 8.0(3) that have the TTL decrement feature enabled are vulnerable to this issue.
NOTE: The TTL decrement feature is not configured by default on the devices listed above. Devices that do not support the TTL decrement feature are not vulnerable.
34. SDL_image Invalid GIF File LWZ Minimum Code Size Remote Buffer Overflow Vulnerability
BugTraq ID: 27417
Remote: Yes
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27417
Summary:
The SDL_image library is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. The issue occurs when handling malformed GIF images.
Attackers can leverage this issue to execute arbitrary code in the context of an application using the library. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.
Versions prior to SDL_image 1.2.7 are vulnerable.
35. PHP cURL 'safe mode' Security Bypass Vulnerability
BugTraq ID: 27413
Remote: Yes
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27413
Summary:
PHP cURL is prone to a 'safe mode' security-bypass vulnerability.
Attackers can use this issue to gain access to restricted files, potentially obtaining sensitive information that may aid in further attacks.
The issue affects PHP 5.2.5 and 5.2.4.
36. LulieBlog 'voircom.php' SQL Injection Vulnerability
BugTraq ID: 27416
Remote: Yes
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27416
Summary:
LulieBlog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
LulieBlog 1.0.2 is vulnerable to this issue; other versions may also be affected.
37. Foojan WMS 'index.php' SQL Injection Vulnerability
BugTraq ID: 27415
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27415
Summary:
Foojan WMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The issue affects Foojan WMS 1.0; other versions may also be vulnerable.
38. Mozilla Firefox chrome:// URI JavaScript File Request Information Disclosure Vulnerability
BugTraq ID: 27406
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27406
Summary:
Mozilla Firefox is prone to an information-disclosure vulnerability because it fails to restrict access to local JavaScript files.
Attackers can exploit this issue to gain access to potentially sensitive information that could aid in further attacks.
Firefox 2.0.0.11 is vulnerable; other versions may also be affected.
NOTE: For an exploit to succeed, a user must have an addon installed that does not store its contents in a '.jar' file.
39. Microsoft Windows TCP/IP ICMP Remote Denial Of Service Vulnerability
BugTraq ID: 27139
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27139
Summary:
Microsoft Windows is prone to a remote denial-of-service vulnerability because it fails to adequately handle specially crafted TCP/IP traffic.
Attackers can exploit this issue to cause affected computers to stop responding and to automatically restart. Successful attacks will deny service to legitimate users. The discoverer of this issue reports that code execution may also be possible, but this has not been confirmed.
NOTE: ICMP RDP (Router Discovery Protocol) must be enabled for this issue to occur. Router Discovery Processing is disabled by default on Microsoft Windows Server 2000. The option is also disabled by default on Microsoft Windows XP and Windows Server 2003, unless the host receives the 'perform router discovery' option from a DHCP server.
40. Microsoft Windows TCP/IP IGMP MLD Remote Buffer Overflow Vulnerability
BugTraq ID: 27100
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27100
Summary:
Microsoft Windows is prone to a remote buffer-overflow vulnerability because it fails to adequately handle specially crafted TCP/IP traffic.
Attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers.
NOTE: A server is vulnerable if an application or a service on the server uses IP multicast. By default, no services use multicast on Microsoft Windows Server 2003.
41. yaSSL Multiple Remote Buffer Overflow Vulnerabilities
BugTraq ID: 27140
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27140
Summary:
yaSSL is prone to multiple remote buffer-overflow vulnerabilities.
Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the library. Failed attacks will cause denial-of-service conditions.
yaSSL 1.7.5 is vulnerable to these issues; other versions are also likely to be affected.
42. PHP 5.2.3 and Prior Versions Multiple Vulnerabilities
BugTraq ID: 25498
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/25498
Summary:
PHP 5.2.3 and prior versions are prone to multiple security vulnerabilities. Successful exploits could allow an attacker to bypass security restrictions, cause a denial-of-service condition, and potentially execute code.
43. Exiv2 EXIF File Handling Integer Overflow Vulnerability
BugTraq ID: 26918
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26918
Summary:
Exiv2 is prone to an integer-overflow vulnerability because it fails to properly verify user-supplied data when handling EXIF files.
Successful exploits of this vulnerability allow remote attackers to execute arbitrary machine code in the context of the affected application. Failed exploits may crash the application.
Exiv2 0.15 is reported vulnerable to this issue; other versions may also be affected.
44. Belong Software Site Builder Administration Pages Authentication Bypass Vulnerability
BugTraq ID: 27402
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27402
Summary:
Belong Software Site Builder is prone to a vulnerability that results in unauthorized administrative access. The application fails to authenticate users when certain pages are accessed.
Attackers can leverage this issue to compromise the application, which could aid in other attacks.
Site Builder 0.1 beta is vulnerable; other versions may also be affected.
45. Linux Kernel CIFS Transport.C Remote Buffer Overflow Vulnerability
BugTraq ID: 26438
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26438
Summary:
The Linux kernel is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code with kernel-level privileges or cause the affected kernel to crash, denying service to legitimate users.
This issue affects version 2.6.23.1; previous versions may also be affected.
46. Linux Kernel SysFS_ReadDir NULL Pointer Dereference Vulnerability
BugTraq ID: 24631
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/24631
Summary:
The Linux kernel is prone to a NULL-pointer dereference vulnerability.
A local attacker can exploit this issue to crash the affected kernel, denying service to legitimate users.
UPDATE (June 26, 2007): Given the nature of this issue, remote code execution may also be possible but has not been confirmed.
47. util-linux mount umount Local Privilege Escalation Vulnerability
BugTraq ID: 25973
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/25973
Summary:
The 'util-linux' package is prone to a local privilege-escalation vulnerability that stems from a design error.
Exploiting this issue could allow attackers to execute arbitrary code with elevated privileges by using mount helpers such as the 'mount.nfs' application.
This vulnerability affects util-linux 2.12r; other versions may also be affected.
48. OpenSSL Montgomery Exponentiation Side-Channel Local Information Disclosure Vulnerability
BugTraq ID: 25163
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/25163
Summary:
OpenSSL is prone to a local information-disclosure vulnerability because of an implementation flaw in the RSA algorithm.
Successfully exploiting this issue allows local attackers to gain access to private key information of other processes that use the affected library. Information harvested may aid in further attacks.
OpenSSL 0.9.8 is vulnerable to this issue; other versions may also be affected.
49. OpenPegasus Management Server PAM Authentication 'cimservera.cpp' Buffer Overflow Vulnerability
BugTraq ID: 27188
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27188
Summary:
OpenPegasus is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
This issue occurs in the PAM (Pluggable Authentication Module) authentication code.
Attackers can leverage this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.
Versions in the OpenPegasus 2.6 series are vulnerable.
50. Perl Unicode Regular Expression Buffer Overflow Vulnerability
BugTraq ID: 26350
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26350
Summary:
Perl is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied input.
Successfully exploiting this issue allows attackers to execute arbitrary machine code in the context of Perl applications using regular expressions in a vulnerable manner. This facilitates the remote compromise of affected computers.
Perl 5.8 is vulnerable to this issue; other versions may also be affected.
51. OpenSSL SSL_Get_Shared_Ciphers Off-by-One Buffer Overflow Vulnerability
BugTraq ID: 25831
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/25831
Summary:
OpenSSL is prone to an off-by-one buffer-overflow vulnerability because the library fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successfully exploiting this issue may allow attackers to execute arbitrary machine code in the context of applications that use the affected library, but this has not been confirmed. Failed exploit attempts may crash applications, denying service to legitimate users.
NOTE: This issue was introduced in the fix for the vulnerability described in BID 20249 (OpenSSL SSL_Get_Shared_Ciphers Buffer Overflow Vulnerability).
52. Samba NMBD Logon Request Remote Buffer Overflow Vulnerability
BugTraq ID: 26454
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26454
Summary:
Samba is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
This issue occurs only when Samba is configured as a Primary or Backup Domain Controller.
Attackers can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to execute remote code, but the vendor doesn't think that this is possible.
Samba 3.0.0 through 3.0.26a are vulnerable.
53. Samba NMBD_Packets.C NetBIOS Replies Stack-Based Buffer Overflow Vulnerability
BugTraq ID: 26455
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26455
Summary:
Samba is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
NOTE: This issue occurs only when Samba is configured with the 'wins support' option enabled in the host's 'smb.conf' file.
An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Successful attacks will completely compromise affected computers. Failed exploit attempts will result in a denial of service.
Samba 3.0.0 through 3.0.26a are vulnerable.
54. YaBB SE Cookie Security Bypass Vulnerability
BugTraq ID: 27414
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27414
Summary:
YaBB SE is prone to a security-bypass vulnerability because it fails to properly validate user credentials before performing certain actions.
Exploiting this issue may allow an attacker to obtain sensitive information, compromise the application, and execute arbitrary script code in the context of webserver process; other attacks are also possible.
This issue affects YaBB SE 1.5.5 and prior versions.
55. Lycos File Upload Component 'FileUploader.dll' ActiveX Control Buffer Overflow Vulnerability
BugTraq ID: 27411
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27411
Summary:
Lycos File Upload Component ActiveX control is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.
This issue affects 'FileUploader.dll' 2.0.0.2; other versions may also be vulnerable.
56. Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
BugTraq ID: 27409
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27409
Summary:
Apache 'mod_negotiation' is prone to an HTML-injection and an HTTP response-splitting vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, and influence or misrepresent how web content is served, cached, or interpreted; other attacks are also possible.
57. SetCMS 'set' Parameter Local File Include Vulnerability
BugTraq ID: 27407
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27407
Summary:
SetCMS is prone to a local file-include vulnerability because the application fails to properly initialize the 'set' parameter.
Exploiting this issue allows attackers to execute arbitrary commands in the context of the user running the application.
A successful exploit could facilitate the compromise of an affected computer; other attacks are also possible.
This issue affects SetCMS 3.6.5; other versions may also be affected.
58. PHP-Nuke Search Module 'sid' Parameter SQL Injection Vulnerability
BugTraq ID: 27408
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27408
Summary:
PHP-Nuke is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query.
Successful exploits could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
59. EasySiteNetwork Recipe Website Script 'list.php' SQL Injection Vulnerability
BugTraq ID: 27405
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27405
Summary:
EasySiteNetwork Recipe Website Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
60. ELOG Cross-Site Scripting Vulnerability and Denial of Service Vulnerability
BugTraq ID: 27399
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27399
Summary:
ELOG is prone to a cross-site scripting vulnerability and a denial-of-service vulnerability because the application fails to properly handle user-supplied input.
An attacker may leverage these issues to cause denial-of-service conditions or to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Versions prior to ELOG 2.7.1 are vulnerable.
61. Linux Kernel DO_COREDUMP Local Information Disclosure Vulnerability
BugTraq ID: 26701
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26701
Summary:
The Linux kernel is prone to an information-disclosure vulnerability.
Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks.
Versions of the Linux kernel prior to 2.6.24-rc4 are vulnerable.
62. Linux Kernel VFS Unauthorized File Access Vulnerability
BugTraq ID: 27280
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27280
Summary:
The Linux kernel is prone to an unauthorized file-access vulnerability affecting the VFS (Virtual Filesystem) module.
A local attacker can exploit this issue to access arbitrary files on the affected computer. Successfully exploiting this issue may grant the attacker elevated privileges on affected computers. Other attacks are also possible.
This issue affects kernel versions prior to 2.6.23.14.
63. Xen 'copy_to_user()' Local Security Bypass Vulnerability
BugTraq ID: 26954
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26954
Summary:
Xen is prone to a local security-bypass vulnerability that affects PAL emulation.
Local attackers can leverage this issue to access arbitrary memory regions from HVM guest systems. This could allow attackers to obtain potentially sensitive information that could aid in further attacks.
This issue affects Xen 3.1.2 on IA64 platforms; other versions may also be vulnerable.
64. Microsoft Excel Header Parsing Remote Code Execution Vulnerability
BugTraq ID: 27305
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27305
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.
An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Reportedly, the issue affects the following versions:
Microsoft Office Excel 2003 Service Pack 2
Microsoft Office Excel Viewer 2003
Microsoft Office Excel 2002
Microsoft Office Excel 2000
Microsoft Excel 2004 for Mac.
The following versions are not affected:
Microsoft Office Excel 2007
Microsoft Office Excel 2007 Service Pack 1
Microsoft Excel 2008 for Mac
Microsoft Office Excel 2003 Service Pack 3.
Few details regarding this vulnerability are available. The vendor is investigating the issue and will be releasing updates. We will update this BID when more information emerges.
65. aflog Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
BugTraq ID: 27398
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27398
Summary:
The 'aflog' program is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
These issues affect aflog 1.01; other versions may also be affected.
66. IBM WebSphere Prior to 6.0.2.25 Multiple Remote Vulnerabilities
BugTraq ID: 27400
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27400
Summary:
IBM WebSphere Application Server is prone to multiple remote vulnerabilities, including a buffer-handling vulnerability, multiple information-disclosure vulnerabilities, and several vulnerabilities with unknown impact.
Very little information is known about these issues. We will update this BID as more information emerges.
Versions prior to IBM WebSphere Application Server 6.0.2.25 are vulnerable.
67. DeluxeBB 'attachments_header.php' Cross-Site Scripting Vulnerability
BugTraq ID: 27401
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27401
Summary:
DeluxeBB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This issue affects DeluxeBB 1.1; other versions may also be vulnerable.
68. MoinMoin MOIN_ID Cookie Remote Authentication Bypass Vulnerability
BugTraq ID: 27404
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27404
Summary:
MoinMoin is prone to an authentication-bypass vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to gain unauthorized access to the affected application, which may lead to further attacks.
Versions in the MoinMoin 1.5 series are vulnerable.
69. SAP MaxDB 'cons.exe' Remote Command Injection Vulnerability
BugTraq ID: 27206
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27206
Summary:
SAP MaxDB is prone to a remote command-injection vulnerability because the application fails to properly sanitize user-supplied input.
Successfully exploiting this issue allows remote attackers to execute arbitrary shell commands with the privileges of the database server. Multiple database commands expose this issue, including one that is available prior to authentication.
MaxDB 7.6.03 build 007 is vulnerable to this issue; other versions may also be affected.
70. HP-UX ARPA Transport Unspecified Remote Denial Of Service Vulnerability
BugTraq ID: 25147
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/25147
Summary:
HP-UX running ARPA Transport software is prone to a remote denial-of-service vulnerability.
Exploiting this issue allows attackers to cause denial-of-service conditions.
71. LulieBlog 'id' Parameter Multiple SQL Injection Vulnerabilities
BugTraq ID: 27290
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27290
Summary:
LulieBlog is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
These issues affect LulieBlog 1.0.1; other versions may also be affected.
NOTE: To exploit these issues, the attacker may require administrative access.
72. Multiple Vendors BIND 'inet_network()' Off-by-One Buffer Overflow Vulnerability
BugTraq ID: 27283
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27283
Summary:
Multiple applications that use the 'libbind' BIND library are prone to an off-by-one buffer-overflow vulnerability because the 'inet_network()' function fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successfully exploiting this issue may allow attackers to execute arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users.
73. ClamAV BZ_GET_FAST Bzip2 Decompression Vulnerability
BugTraq ID: 27063
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27063
Summary:
ClamAV is prone to a vulnerability due to a flaw in its Bzip2 decompression support.
Successful exploits of this vulnerability may potentially allow remote attackers to execute arbitrary code in the context of the vulnerable application or to trigger denial-of-service conditions. These effects have not been confirmed.
No further technical details are currently available. We will update this BID as more information emerges.
ClamAV 0.91.2 is vulnerable to this issue; other versions may also be affected.
74. Boost Library Regular Expression Remote Denial of Service Vulnerabilities
BugTraq ID: 27325
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27325
Summary:
The Boost library is prone to a remote denial-of-service vulnerability because it fails to adequately verify user-supplied input on regular expressions.
Successful exploits may allow remote attackers to cause denial-of-service conditions on applications that use the affected library.
This issue affects Boost 1.33.1 and 1.34.1; other versions may also be affected.
75. Mantis 'Most Active Bugs' Summary Cross Site Scripting Vulnerability
BugTraq ID: 27367
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27367
Summary:
Mantis is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker can leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Versions prior to Mantis 1.1.1 are vulnerable.
76. ClamAV 'libclamav/pe.c' MEW Packed PE File Integer Overflow Vulnerability
BugTraq ID: 26927
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26927
Summary:
ClamAV is prone to an integer-overflow vulnerability because it fails to properly verify user-supplied data.
Successful exploits of this vulnerability can allow remote attackers to execute arbitrary machine code in the context of applications using the 'libclamav' library. Failed exploits may crash the application.
ClamAV 0.91.2 is vulnerable to this issue; other versions may also be affected.
77. X.Org X Server PCF Font Parser Buffer Overflow Vulnerability
BugTraq ID: 27352
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27352
Summary:
X.Org X Server is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers can exploit this issue to execute arbitrary code with the privileges of the server. Failed attacks will cause denial-of-service conditions.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
78. ClamAV 'mspack.c' Off-By-One Buffer Overflow Vulnerability
BugTraq ID: 26946
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26946
Summary:
ClamAV is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers.
Successful exploits of this vulnerability can allow remote attackers to execute arbitrary machine code in the context of applications using the 'libclamav' library. Failed exploits may crash the application.
ClamAV 0.91.2 is vulnerable to this issue; other versions may also be affected.
79. xine-lib 'rmff_dump_cont()' Remote Heap Buffer Overflow Vulnerability
BugTraq ID: 27198
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27198
Summary:
The xine-lib library is prone to a remote heap-based buffer-overflow vulnerability. This issue occurs because the software fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.
This issue affects xine-lib 1.1.9 and prior versions.
80. Citrix Presentation Server IMA Service Buffer Overflow Vulnerability
BugTraq ID: 27329
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27329
Summary:
Citrix Presentation Server is prone to a buffer-overflow vulnerability because the IMA service fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successfully exploiting this issue may allow attackers to execute arbitrary machine code in the context of the IMA server process. Failed exploit attempts will likely result in denial-of-service conditions.
The issue affects the following versions:
Citrix MetaFrame and Presentation Server 4.5 (and earlier)
Citrix Access Essentials 2.0 (and earlier)
Citrix Desktop Server 1.0 (and earlier)
81. PHP-Nuke News Module Index.PHP SQL Injection Vulnerability
BugTraq ID: 21277
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/21277
Summary:
The PHP-Nuke News module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
PHP-Nuke 7.9 and prior versions are vulnerable.
82. Invision Gallery Index.PHP SQL Injection Vulnerability
BugTraq ID: 20327
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/20327
Summary:
Invision Gallery is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
83. Novemberborn sIFR 'txt' Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 27394
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27394
Summary:
Novemberborn sIFR is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Versions prior to sIFR 2.0.3 and 3r278 are vulnerable.
84. GlobalLink 'GLChat.ocx' ActiveX Control 'ChatRoom()' Buffer Overflow Vulnerability
BugTraq ID: 27393
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27393
Summary:
GlobalLink 'GLChat.ocx' ActiveX control is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.
GlobalLink 'GLChat.ocx' ActiveX control 2.5.1.33 is reported affected by this issue; other versions may also be vulnerable.
85. F5 BIG-IP 'SearchString' Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 27272
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27272
Summary:
F5 BIG-IP is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
BIG-IP firmware version 9.4.3 is vulnerable; other versions may also be affected.
86. PacerCMS 'id' Parameter Multiple SQL Injection Vulnerabilities
BugTraq ID: 27397
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27397
Summary:
PacerCMS is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
These issues affect versions prior to PacerCMS 0.6.1.
NOTE: To exploit these issues, the attacker may require 'staff member' access.
87. PacerCMS 'submit.php' Multiple HTML Injection Vulnerabilities
BugTraq ID: 27386
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27386
Summary:
PacerCMS is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.
Exploiting these issues may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.
Versions prior to PacerCMS 0.6.1 are vulnerable.
NOTE: This BID was originally published under the title 'PacerCMS 'submit.php' Cross-Site Scripting Vulnerability'. Further analysis reveals that these issues are HTML-injection vulnerabilities.
88. IBM WebSphere Business Modeler Repository Arbitrary File Deletion Vulnerability
BugTraq ID: 27389
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27389
Summary:
IBM WebSphere Business Modeler is prone to a vulnerability that allows users to delete arbitrary files from repositories.
Attackers can use this issue to delete arbitrary files from repositories, making the resources unavailable for legitimate users.
This issue affects IBM WebSphere Business Modeler Basic 6.0.2.1 and Advanced 6.0.2.1.
89. Fujitsu Interstage HTTP Server Multiple Unspecified Denial Of Service Vulnerabilities
BugTraq ID: 27391
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27391
Summary:
Fujitsu Interstage HTTP Server is prone to multiple unspecified denial-of-service vulnerabilities.
Remote attackers can exploit these issues to deny service to legitimate users.
Currently, very little is known about these issues. We will update this BID as more information emerges.
90. Frimousse 'explorerdir.php' File Disclosure Vulnerability
BugTraq ID: 27385
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27385
Summary:
Frimousse is prone to a vulnerability that lets attackers obtain potentially sensitive information because it fails to prevent access to arbitrary files.
An attacker can exploit this issue to download arbitrary files with the privileges of the webserver process. Information obtained may aid in further attacks.
This issue affects Frimousse 0.0.2; other versions may be vulnerable as well.
91. Small Axe Weblog 'ffile' Parameter Remote File Include Vulnerability
BugTraq ID: 27383
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27383
Summary:
Small Axe Weblog is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
This issue affects Small Axe Weblog 0.3.1; other versions may also be vulnerable.
92. IBM Tivoli Provisioning Manager for OS Deployment Denial of Service Vulnerability
BugTraq ID: 27387
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27387
Summary:
IBM Tivoli Provisioning Manager for OS Deployment is prone to a denial-of-service vulnerability.
A remote attacker may be able to exploit this issue to crash the server process, which could lead to denial-of-service conditions.
Versions prior to IBM Tivoli Provisioning Manager for OS Deployment 5.1.0.3 are vulnerable.
93. IBM Tivoli Business Service Manager Password Disclosure Vulnerability
BugTraq ID: 27388
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27388
Summary:
IBM Tivoli Business Service Manager is prone to a local password-disclosure vulnerability due to a design error.
Exploiting this issue may allow a local attacker to access certain unencrypted passwords, potentially allowing them to access the application in an unauthorized manner. This may aid in further attacks.
This issue affects IBM Tivoli Business Service Manager 4.1.1.
94. singapore Modern Template 'gallery' Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 27382
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27382
Summary:
singapore Modern template is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Modern 1.3.2 and prior versions are reported vulnerable. Reports indicate that Modern 1.3.2 ships with singapore 0.10.1 by default.
95. Mooseguy Blog System 'blog.php' SQL Injection Vulnerability
BugTraq ID: 27377
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27377
Summary:
Mooseguy Blog System (MGBS) is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Mooseguy Blog System 1.0 is vulnerable to this issue; other versions may also be affected.
96. OZ Journals 'printpreview' Local File Disclosure Vulnerability
BugTraq ID: 27375
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27375
Summary:
OZ Journals is prone to a local file-disclosure vulnerability because it fails to properly sanitize user-supplied input.
Exploiting this issue may allow an unauthorized user to retrieve potentially sensitive information that may aid in further attacks.
This issue affects OZ Journals 2.1.1; other versions may also be affected.
97. AlstraSoft Forum Pay Per Post Exchange 'index.php' SQL Injection Vulnerability
BugTraq ID: 27381
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27381
Summary:
Forum Pay Per Post Exchange is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
98. IDMOS CMS 'download.php' Local File Include Vulnerability
BugTraq ID: 27379
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27379
Summary:
IDMOS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability using directory-traversal strings to access potentially sensitive information that may aid in further attacks.
IDMOS 1.0 is vulnerable to this issue; other versions may also be affected.
99. MyBB 'private.php' SQL Injection Vulnerability
BugTraq ID: 27378
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27378
Summary:
MyBB is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This issue affects MyBB 1.2.11; earlier versions may also be vulnerable.
100. Citadel SMTP RCPT TO Remote Buffer Overflow Vulnerability
BugTraq ID: 27376
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27376
Summary:
Citadel is prone to a buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer.
Attackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Versions prior to Citadel 7.11 are vulnerable to this issue.
SECURITYFOCUS NEWS ARTICLES
1. Legitimate sites serving up stealthy attacks
By: Robert Lemos
The Random JS infection kit serves up malicious code that hides itself by attempting to compromise each visitor only once and using a different file name each time.
http://www.securityfocus.com/news/11501
2. Malware hitches a ride on digital devices
By: Robert Lemos
Some consumers reported that their holiday gifts came with an unwelcome passenger, a Trojan horse. Infections at the factory and in retail stores will likely become more common.
http://www.securityfocus.com/news/11499
3. Senate delays vote on spy bill
By: Robert Lemos
A bill that would modernize the United States' legal framework for eavesdropping and grant telecommunications companies retroactive immunity for wiretapping customers will have to wait until January.
http://www.securityfocus.com/news/11498
4. Researchers reverse Netflix anonymization
By: Robert Lemos
Two computer scientists show that a large set of transactional data poses privacy risks by finding a way to link movie ratings from the Netflix Prize dataset to publicly available information.
http://www.securityfocus.com/news/11497
source
BugTraq ID: 27353
Remote: No
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27353
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to execute arbitrary code with superuser privileges or to crash the affected computer.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
2. X.Org X Server 'TOG-CUP' Extension Local Privilege Escalation Vulnerability
BugTraq ID: 27355
Remote: No
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27355
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to execute arbitrary code with superuser privileges or to crash the affected computer.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
3. Numara FootPrints 'MRchat.pl' and 'MRABLoad2.pl' Multiple Remote Command Execution Vulnerabilities
BugTraq ID: 27373
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27373
Summary:
Numara FootPrints is prone to multiple vulnerabilities that attackers can leverage to execute arbitrary commands. These issues occur because the application fails to adequately sanitize user-supplied input.
Successful attacks can compromise the affected application and possibly the underlying computer.
Versions prior to FootPrints 8.1 are vulnerable.
4. Drupal Archive Module Cross-Site Scripting Vulnerabilities
BugTraq ID: 27436
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27436
Summary:
Archive module for Drupal is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
These issues affect versions prior to 5.x-1.8.
5. aconon Mail Template Parameter Directory Traversal Vulnerability
BugTraq ID: 27427
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27427
Summary:
aconon Mail is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
Exploiting this issue may allow an attacker to access sensitive information that could aid in further attacks.
The issue affects aconon Mail 2007 Enterprise SQL 11.7.0 and 2004 Enterprise SQL 11.5.1; other versions may also be vulnerable.
6. SLAED CMS 'index.php' Local File Include Vulnerability
BugTraq ID: 27426
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27426
Summary:
SLAED CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability using directory-traversal strings to execute local script code in the context of the application. This may allow the attacker to access sensitive information that may aid in further attacks.
SLAED CMS 2.5 Lite is vulnerable to this issue; other versions may also be affected.
7. Liquid-Silver CMS 'update/index.php' Local File Include Vulnerability
BugTraq ID: 27425
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27425
Summary:
Liquid-Silver CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability using directory-traversal strings to access potentially sensitive information that may aid in further attacks.
8. Comodo AntiVirus 'ExecuteStr()' ActiveX Control Arbitrary Command Execution Vulnerability
BugTraq ID: 27424
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27424
Summary:
A Comodo AntiVirus ActiveX control is prone to a vulnerability that lets attackers execute arbitrary commands.
Successfully exploiting this issue allows remote attackers to execute arbitrary commands in the context of the application using the ActiveX control (typically Internet Explorer).
Comodo AntiVirus 2.0 is vulnerable to this issue; other versions may also be affected.
9. HFS HTTP File Server Multiple Security Vulnerabilities
BugTraq ID: 27423
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27423
Summary:
HFS HTTP File Server is prone to multiple security vulnerabilities.
These vulnerabilities include cross-site scripting issues, an information-disclosure issue, an arbitrary file-creation issue, a denial-of-service issue, a username spoofing issue and a log file forging issue.
A successful exploit could allow an attacker to deny service to legitimate users, create and execute arbitrary files in the context of the webserver process, falsify log information, or execute arbitrary script code in the browser of an unsuspecting user. Other attacks are also possible.
10. Siteman 'articles.php' File Disclosure Vulnerability
BugTraq ID: 27422
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27422
Summary:
Siteman is prone to a vulnerability that lets attackers obtain potentially sensitive information because it fails to prevent access to arbitrary files.
An attacker can exploit this issue to download arbitrary files with the privileges of the webserver process. Information obtained may aid in further attacks.
This issue affects Siteman 1.1.9; other versions may be vulnerable as well.
11. Cisco Application Velocity System (AVS) Remote Default Account Vulnerabilities
BugTraq ID: 27421
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27421
Summary:
Cisco Application Velocity System (AVS) is prone to multiple default-account vulnerabilities. These issues stem from a design flaw that makes several accounts available to remote attackers.
Successful exploits allow remote attackers to gain administrative access to vulnerable appliances.
Versions of Cisco AVS prior to 5.1.0 are vulnerable.
Cisco is tracking these issues as Cisco Bug ID CSCsd94732.
12. Web Wiz Rich Text Editor Arbitrary HTML File Creation Vulnerability
BugTraq ID: 27420
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27420
Summary:
Web Wiz Rich Text Editor is prone to a vulnerability that permits the creation of an arbitrary HTML file.
An attacker can exploit this issue to place arbitrary HTML code on the vulnerable computer. This may aid in retrieving potentially sensitive information from an unsuspecting victim; other attacks are also possible.
This issue affects Rich Text Editor 4.0; other versions may also be vulnerable.
13. Multiple Web Wiz Products Remote Information Disclosure Vulnerability
BugTraq ID: 27419
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27419
Summary:
Web Wiz Forums, NewsPad, and Rich Text Editor are prone to a remote information-disclosure vulnerability because they fail to properly sanitize user-supplied input.
An attacker can exploit this issue to retrieve arbitrary files in the context of the webserver process. Information obtained may aid in further attacks; other attacks are also possible.
This issue affects Forums 9.07, NewsPad 1.02, and Rich Text Editor 4.0; other versions may also be vulnerable.
14. Lama Software 'MY_CONF[classRoot]' Multiple Remote File Include Vulnerabilities
BugTraq ID: 27380
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27380
Summary:
Lama Software is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
15. Coppermine Photo Gallery 'thumbnails.php' SQL Injection Vulnerability
BugTraq ID: 27372
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27372
Summary:
Coppermine Photo Gallery is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This issue may be related to the vulnerability documented in BID 24710 (Coppermine Photo Gallery Album Password Cookie SQL Injection Vulnerability). We will update this BID as more information emerges.
This issue affects Coppermine Photo Gallery 1.4.10; other versions may also be vulnerable.
16. Alice Gate2 Plus Wi-Fi Router Cross-Site Request Forgery Vulnerability
BugTraq ID: 27374
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27374
Summary:
Alice Gate2 Plus Wi-Fi routers are prone to a cross-site request-forgery vulnerability.
An attacker can exploit this issue to alter administrative configuration on affected devices. Specifically, altering the wireless encryption settings on devices has been demonstrated. Other attacks may also be possible.
17. IBM WebSphere Application Server serveServletsByClassnameEnabled Unspecified Vulnerability
BugTraq ID: 27371
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27371
Summary:
IBM WebSphere Application Server is prone to an unspecified vulnerability.
Currently, very little is known about this issue. We will update this BID as more information emerges.
WebSphere Application Server 6.0 through 6.0.2.25 and 6.1 through 6.1.0.14 are vulnerable.
18. boastMachine 'mail.php' SQL Injection Vulnerability
BugTraq ID: 27369
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27369
Summary:
boastMachine is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
boastMachine 3.1 is vulnerable to this issue; other versions may also be affected.
19. MediaWiki Search Bar Cross-Site Scripting Vulnerability
BugTraq ID: 27370
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27370
Summary:
MediaWiki is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
20. MegaBBS 'upload.asp' Cross-Site Scripting Vulnerability
BugTraq ID: 27368
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/27368
Summary:
MegaBBS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
MegaBBS 1.5.14b is vulnerable; other versions may also be affected.
21. Apache HTTP Server Worker Process Multiple Denial of Service Vulnerabilities
BugTraq ID: 24215
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/24215
Summary:
Apache is prone to multiple denial-of-service vulnerabilities.
An attacker with the ability to execute arbitrary server-side script-code can exploit these issues to stop arbitrary services on the affected computer in the context of the master webserver process; other attacks may also be possible.
22. Apache HTTP Server Mod_Proxy Denial of Service Vulnerability
BugTraq ID: 25489
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/25489
Summary:
The Apache mod_proxy module is prone to a denial-of-service vulnerability.
A remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM).
23. Apache HTTP Server Mod_Cache Denial of Service Vulnerability
BugTraq ID: 24649
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/24649
Summary:
The Apache mod_cache module is prone to a denial-of-service vulnerability.
A remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM).
24. Apache HTTP Server Mod_Status Cross-Site Scripting Vulnerability
BugTraq ID: 24645
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/24645
Summary:
The Apache HTTP Server mod_status module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
25. BalaBit IT Security syslog-ng NULL-Pointer Dereference Denial of Service Vulnerability
BugTraq ID: 26897
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/26897
Summary:
BalaBit IT Security 'syslog-ng' is prone to a denial-of-service vulnerability because it fails to adequately sanitize user-supplied input.
Attackers can leverage this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.
This issue affects versions prior to syslog-ng and syslog-ng-premium-edition 2.0.6 and 2.1.8.
26. Cairo PNG Image Processing Remote Integer Overflow Vulnerability
BugTraq ID: 26650
Remote: Yes
Last Updated: 2008-01-22
Relevant URL: http://www.securityfocus.com/bid/26650
Summary:
Cairo is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to overflow a buffer and to corrupt process memory.
Attackers may be able to execute arbitrary machine code in the context of an affected application. Failed exploit attempts will likely result in a denial-of-service condition.
This issue affects versions prior to Cairo 1.4.12.
27. X.Org X 'Server X:1 -sp' Command Information Disclosure Vulnerability
BugTraq ID: 27356
Remote: No
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27356
Summary:
X.Org X Server is prone to a local information-disclosure vulnerability.
Attackers can exploit this issue to gain access to sensitive information that may lead to further attacks.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
28. X.Org X Server 'PassMessage' Request Local Privilege Escalation Vulnerability
BugTraq ID: 27354
Remote: No
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27354
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to execute arbitrary code with superuser privileges. Successfully exploiting this issue will result in the complete compromise of an affected computer. Failed exploit attempts will likely crash the computer.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
29. X.Org X Server 'Xinput' Extension Local Privilege Escalation Vulnerability
BugTraq ID: 27351
Remote: No
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27351
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to execute arbitrary code with superuser privileges or to crash the affected computer.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
30. X.Org X Server 'MIT-SHM' Local Privilege Escalation Vulnerability
BugTraq ID: 27350
Remote: No
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27350
Summary:
X.Org X Server is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to execute arbitrary code with superuser privileges or to crash the affected computer.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
31. Tikiwiki CMS 'tiki-listmovies.php' Directory Traversal Vulnerability
BugTraq ID: 27008
Remote: Yes
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27008
Summary:
Tikiwiki CMS is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
Exploiting this issue may allow an attacker to access sensitive information that could aid in further attacks.
Versions prior to Tikiwiki CMS 1.9.9 are vulnerable.
32. TikiWiki 'tiki-special_chars.php' Cross-Site Scripting Vulnerability
BugTraq ID: 27004
Remote: Yes
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27004
Summary:
TikiWiki is prone a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
TikiWiki 1.9.8.3 is vulnerable; prior versions may also be affected.
33. Cisco PIX and ASA Appliance 'TTL Decrement' Denial of Service Vulnerability
BugTraq ID: 27418
Remote: Yes
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27418
Summary:
Multiple Cisco security appliances are prone to a denial-of-service vulnerability when the Time-To-Live (TTL) decrement feature is enabled for handling IP packets.
An attacker can exploit this issue to cause the affected devices to reload, denying service to legitimate users. Repeat attacks will result in a prolonged denial-of-service condition.
The following devices are affected:
Cisco PIX 500 Series Security Appliance
Cisco 5500 Series Adaptive Security Appliance (ASA)
Devices running software versions from 7.2(2) and up to 7.2(3)006 or 8.0(3) that have the TTL decrement feature enabled are vulnerable to this issue.
NOTE: The TTL decrement feature is not configured by default on the devices listed above. Devices that do not support the TTL decrement feature are not vulnerable.
34. SDL_image Invalid GIF File LWZ Minimum Code Size Remote Buffer Overflow Vulnerability
BugTraq ID: 27417
Remote: Yes
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27417
Summary:
The SDL_image library is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. The issue occurs when handling malformed GIF images.
Attackers can leverage this issue to execute arbitrary code in the context of an application using the library. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.
Versions prior to SDL_image 1.2.7 are vulnerable.
35. PHP cURL 'safe mode' Security Bypass Vulnerability
BugTraq ID: 27413
Remote: Yes
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27413
Summary:
PHP cURL is prone to a 'safe mode' security-bypass vulnerability.
Attackers can use this issue to gain access to restricted files, potentially obtaining sensitive information that may aid in further attacks.
The issue affects PHP 5.2.5 and 5.2.4.
36. LulieBlog 'voircom.php' SQL Injection Vulnerability
BugTraq ID: 27416
Remote: Yes
Last Updated: 2008-01-24
Relevant URL: http://www.securityfocus.com/bid/27416
Summary:
LulieBlog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
LulieBlog 1.0.2 is vulnerable to this issue; other versions may also be affected.
37. Foojan WMS 'index.php' SQL Injection Vulnerability
BugTraq ID: 27415
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27415
Summary:
Foojan WMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The issue affects Foojan WMS 1.0; other versions may also be vulnerable.
38. Mozilla Firefox chrome:// URI JavaScript File Request Information Disclosure Vulnerability
BugTraq ID: 27406
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27406
Summary:
Mozilla Firefox is prone to an information-disclosure vulnerability because it fails to restrict access to local JavaScript files.
Attackers can exploit this issue to gain access to potentially sensitive information that could aid in further attacks.
Firefox 2.0.0.11 is vulnerable; other versions may also be affected.
NOTE: For an exploit to succeed, a user must have an addon installed that does not store its contents in a '.jar' file.
39. Microsoft Windows TCP/IP ICMP Remote Denial Of Service Vulnerability
BugTraq ID: 27139
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27139
Summary:
Microsoft Windows is prone to a remote denial-of-service vulnerability because it fails to adequately handle specially crafted TCP/IP traffic.
Attackers can exploit this issue to cause affected computers to stop responding and to automatically restart. Successful attacks will deny service to legitimate users. The discoverer of this issue reports that code execution may also be possible, but this has not been confirmed.
NOTE: ICMP RDP (Router Discovery Protocol) must be enabled for this issue to occur. Router Discovery Processing is disabled by default on Microsoft Windows Server 2000. The option is also disabled by default on Microsoft Windows XP and Windows Server 2003, unless the host receives the 'perform router discovery' option from a DHCP server.
40. Microsoft Windows TCP/IP IGMP MLD Remote Buffer Overflow Vulnerability
BugTraq ID: 27100
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27100
Summary:
Microsoft Windows is prone to a remote buffer-overflow vulnerability because it fails to adequately handle specially crafted TCP/IP traffic.
Attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers.
NOTE: A server is vulnerable if an application or a service on the server uses IP multicast. By default, no services use multicast on Microsoft Windows Server 2003.
41. yaSSL Multiple Remote Buffer Overflow Vulnerabilities
BugTraq ID: 27140
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27140
Summary:
yaSSL is prone to multiple remote buffer-overflow vulnerabilities.
Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the library. Failed attacks will cause denial-of-service conditions.
yaSSL 1.7.5 is vulnerable to these issues; other versions are also likely to be affected.
42. PHP 5.2.3 and Prior Versions Multiple Vulnerabilities
BugTraq ID: 25498
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/25498
Summary:
PHP 5.2.3 and prior versions are prone to multiple security vulnerabilities. Successful exploits could allow an attacker to bypass security restrictions, cause a denial-of-service condition, and potentially execute code.
43. Exiv2 EXIF File Handling Integer Overflow Vulnerability
BugTraq ID: 26918
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26918
Summary:
Exiv2 is prone to an integer-overflow vulnerability because it fails to properly verify user-supplied data when handling EXIF files.
Successful exploits of this vulnerability allow remote attackers to execute arbitrary machine code in the context of the affected application. Failed exploits may crash the application.
Exiv2 0.15 is reported vulnerable to this issue; other versions may also be affected.
44. Belong Software Site Builder Administration Pages Authentication Bypass Vulnerability
BugTraq ID: 27402
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27402
Summary:
Belong Software Site Builder is prone to a vulnerability that results in unauthorized administrative access. The application fails to authenticate users when certain pages are accessed.
Attackers can leverage this issue to compromise the application, which could aid in other attacks.
Site Builder 0.1 beta is vulnerable; other versions may also be affected.
45. Linux Kernel CIFS Transport.C Remote Buffer Overflow Vulnerability
BugTraq ID: 26438
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26438
Summary:
The Linux kernel is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code with kernel-level privileges or cause the affected kernel to crash, denying service to legitimate users.
This issue affects version 2.6.23.1; previous versions may also be affected.
46. Linux Kernel SysFS_ReadDir NULL Pointer Dereference Vulnerability
BugTraq ID: 24631
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/24631
Summary:
The Linux kernel is prone to a NULL-pointer dereference vulnerability.
A local attacker can exploit this issue to crash the affected kernel, denying service to legitimate users.
UPDATE (June 26, 2007): Given the nature of this issue, remote code execution may also be possible but has not been confirmed.
47. util-linux mount umount Local Privilege Escalation Vulnerability
BugTraq ID: 25973
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/25973
Summary:
The 'util-linux' package is prone to a local privilege-escalation vulnerability that stems from a design error.
Exploiting this issue could allow attackers to execute arbitrary code with elevated privileges by using mount helpers such as the 'mount.nfs' application.
This vulnerability affects util-linux 2.12r; other versions may also be affected.
48. OpenSSL Montgomery Exponentiation Side-Channel Local Information Disclosure Vulnerability
BugTraq ID: 25163
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/25163
Summary:
OpenSSL is prone to a local information-disclosure vulnerability because of an implementation flaw in the RSA algorithm.
Successfully exploiting this issue allows local attackers to gain access to private key information of other processes that use the affected library. Information harvested may aid in further attacks.
OpenSSL 0.9.8 is vulnerable to this issue; other versions may also be affected.
49. OpenPegasus Management Server PAM Authentication 'cimservera.cpp' Buffer Overflow Vulnerability
BugTraq ID: 27188
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27188
Summary:
OpenPegasus is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
This issue occurs in the PAM (Pluggable Authentication Module) authentication code.
Attackers can leverage this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.
Versions in the OpenPegasus 2.6 series are vulnerable.
50. Perl Unicode Regular Expression Buffer Overflow Vulnerability
BugTraq ID: 26350
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26350
Summary:
Perl is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied input.
Successfully exploiting this issue allows attackers to execute arbitrary machine code in the context of Perl applications using regular expressions in a vulnerable manner. This facilitates the remote compromise of affected computers.
Perl 5.8 is vulnerable to this issue; other versions may also be affected.
51. OpenSSL SSL_Get_Shared_Ciphers Off-by-One Buffer Overflow Vulnerability
BugTraq ID: 25831
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/25831
Summary:
OpenSSL is prone to an off-by-one buffer-overflow vulnerability because the library fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successfully exploiting this issue may allow attackers to execute arbitrary machine code in the context of applications that use the affected library, but this has not been confirmed. Failed exploit attempts may crash applications, denying service to legitimate users.
NOTE: This issue was introduced in the fix for the vulnerability described in BID 20249 (OpenSSL SSL_Get_Shared_Ciphers Buffer Overflow Vulnerability).
52. Samba NMBD Logon Request Remote Buffer Overflow Vulnerability
BugTraq ID: 26454
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26454
Summary:
Samba is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
This issue occurs only when Samba is configured as a Primary or Backup Domain Controller.
Attackers can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to execute remote code, but the vendor doesn't think that this is possible.
Samba 3.0.0 through 3.0.26a are vulnerable.
53. Samba NMBD_Packets.C NetBIOS Replies Stack-Based Buffer Overflow Vulnerability
BugTraq ID: 26455
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26455
Summary:
Samba is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
NOTE: This issue occurs only when Samba is configured with the 'wins support' option enabled in the host's 'smb.conf' file.
An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Successful attacks will completely compromise affected computers. Failed exploit attempts will result in a denial of service.
Samba 3.0.0 through 3.0.26a are vulnerable.
54. YaBB SE Cookie Security Bypass Vulnerability
BugTraq ID: 27414
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27414
Summary:
YaBB SE is prone to a security-bypass vulnerability because it fails to properly validate user credentials before performing certain actions.
Exploiting this issue may allow an attacker to obtain sensitive information, compromise the application, and execute arbitrary script code in the context of webserver process; other attacks are also possible.
This issue affects YaBB SE 1.5.5 and prior versions.
55. Lycos File Upload Component 'FileUploader.dll' ActiveX Control Buffer Overflow Vulnerability
BugTraq ID: 27411
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27411
Summary:
Lycos File Upload Component ActiveX control is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.
This issue affects 'FileUploader.dll' 2.0.0.2; other versions may also be vulnerable.
56. Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
BugTraq ID: 27409
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27409
Summary:
Apache 'mod_negotiation' is prone to an HTML-injection and an HTTP response-splitting vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, and influence or misrepresent how web content is served, cached, or interpreted; other attacks are also possible.
57. SetCMS 'set' Parameter Local File Include Vulnerability
BugTraq ID: 27407
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27407
Summary:
SetCMS is prone to a local file-include vulnerability because the application fails to properly initialize the 'set' parameter.
Exploiting this issue allows attackers to execute arbitrary commands in the context of the user running the application.
A successful exploit could facilitate the compromise of an affected computer; other attacks are also possible.
This issue affects SetCMS 3.6.5; other versions may also be affected.
58. PHP-Nuke Search Module 'sid' Parameter SQL Injection Vulnerability
BugTraq ID: 27408
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27408
Summary:
PHP-Nuke is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query.
Successful exploits could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
59. EasySiteNetwork Recipe Website Script 'list.php' SQL Injection Vulnerability
BugTraq ID: 27405
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27405
Summary:
EasySiteNetwork Recipe Website Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
60. ELOG Cross-Site Scripting Vulnerability and Denial of Service Vulnerability
BugTraq ID: 27399
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27399
Summary:
ELOG is prone to a cross-site scripting vulnerability and a denial-of-service vulnerability because the application fails to properly handle user-supplied input.
An attacker may leverage these issues to cause denial-of-service conditions or to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Versions prior to ELOG 2.7.1 are vulnerable.
61. Linux Kernel DO_COREDUMP Local Information Disclosure Vulnerability
BugTraq ID: 26701
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26701
Summary:
The Linux kernel is prone to an information-disclosure vulnerability.
Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks.
Versions of the Linux kernel prior to 2.6.24-rc4 are vulnerable.
62. Linux Kernel VFS Unauthorized File Access Vulnerability
BugTraq ID: 27280
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27280
Summary:
The Linux kernel is prone to an unauthorized file-access vulnerability affecting the VFS (Virtual Filesystem) module.
A local attacker can exploit this issue to access arbitrary files on the affected computer. Successfully exploiting this issue may grant the attacker elevated privileges on affected computers. Other attacks are also possible.
This issue affects kernel versions prior to 2.6.23.14.
63. Xen 'copy_to_user()' Local Security Bypass Vulnerability
BugTraq ID: 26954
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26954
Summary:
Xen is prone to a local security-bypass vulnerability that affects PAL emulation.
Local attackers can leverage this issue to access arbitrary memory regions from HVM guest systems. This could allow attackers to obtain potentially sensitive information that could aid in further attacks.
This issue affects Xen 3.1.2 on IA64 platforms; other versions may also be vulnerable.
64. Microsoft Excel Header Parsing Remote Code Execution Vulnerability
BugTraq ID: 27305
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27305
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.
An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Reportedly, the issue affects the following versions:
Microsoft Office Excel 2003 Service Pack 2
Microsoft Office Excel Viewer 2003
Microsoft Office Excel 2002
Microsoft Office Excel 2000
Microsoft Excel 2004 for Mac.
The following versions are not affected:
Microsoft Office Excel 2007
Microsoft Office Excel 2007 Service Pack 1
Microsoft Excel 2008 for Mac
Microsoft Office Excel 2003 Service Pack 3.
Few details regarding this vulnerability are available. The vendor is investigating the issue and will be releasing updates. We will update this BID when more information emerges.
65. aflog Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
BugTraq ID: 27398
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27398
Summary:
The 'aflog' program is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
These issues affect aflog 1.01; other versions may also be affected.
66. IBM WebSphere Prior to 6.0.2.25 Multiple Remote Vulnerabilities
BugTraq ID: 27400
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27400
Summary:
IBM WebSphere Application Server is prone to multiple remote vulnerabilities, including a buffer-handling vulnerability, multiple information-disclosure vulnerabilities, and several vulnerabilities with unknown impact.
Very little information is known about these issues. We will update this BID as more information emerges.
Versions prior to IBM WebSphere Application Server 6.0.2.25 are vulnerable.
67. DeluxeBB 'attachments_header.php' Cross-Site Scripting Vulnerability
BugTraq ID: 27401
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27401
Summary:
DeluxeBB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This issue affects DeluxeBB 1.1; other versions may also be vulnerable.
68. MoinMoin MOIN_ID Cookie Remote Authentication Bypass Vulnerability
BugTraq ID: 27404
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27404
Summary:
MoinMoin is prone to an authentication-bypass vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to gain unauthorized access to the affected application, which may lead to further attacks.
Versions in the MoinMoin 1.5 series are vulnerable.
69. SAP MaxDB 'cons.exe' Remote Command Injection Vulnerability
BugTraq ID: 27206
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27206
Summary:
SAP MaxDB is prone to a remote command-injection vulnerability because the application fails to properly sanitize user-supplied input.
Successfully exploiting this issue allows remote attackers to execute arbitrary shell commands with the privileges of the database server. Multiple database commands expose this issue, including one that is available prior to authentication.
MaxDB 7.6.03 build 007 is vulnerable to this issue; other versions may also be affected.
70. HP-UX ARPA Transport Unspecified Remote Denial Of Service Vulnerability
BugTraq ID: 25147
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/25147
Summary:
HP-UX running ARPA Transport software is prone to a remote denial-of-service vulnerability.
Exploiting this issue allows attackers to cause denial-of-service conditions.
71. LulieBlog 'id' Parameter Multiple SQL Injection Vulnerabilities
BugTraq ID: 27290
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27290
Summary:
LulieBlog is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
These issues affect LulieBlog 1.0.1; other versions may also be affected.
NOTE: To exploit these issues, the attacker may require administrative access.
72. Multiple Vendors BIND 'inet_network()' Off-by-One Buffer Overflow Vulnerability
BugTraq ID: 27283
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27283
Summary:
Multiple applications that use the 'libbind' BIND library are prone to an off-by-one buffer-overflow vulnerability because the 'inet_network()' function fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successfully exploiting this issue may allow attackers to execute arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts may crash applications, denying service to legitimate users.
73. ClamAV BZ_GET_FAST Bzip2 Decompression Vulnerability
BugTraq ID: 27063
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27063
Summary:
ClamAV is prone to a vulnerability due to a flaw in its Bzip2 decompression support.
Successful exploits of this vulnerability may potentially allow remote attackers to execute arbitrary code in the context of the vulnerable application or to trigger denial-of-service conditions. These effects have not been confirmed.
No further technical details are currently available. We will update this BID as more information emerges.
ClamAV 0.91.2 is vulnerable to this issue; other versions may also be affected.
74. Boost Library Regular Expression Remote Denial of Service Vulnerabilities
BugTraq ID: 27325
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27325
Summary:
The Boost library is prone to a remote denial-of-service vulnerability because it fails to adequately verify user-supplied input on regular expressions.
Successful exploits may allow remote attackers to cause denial-of-service conditions on applications that use the affected library.
This issue affects Boost 1.33.1 and 1.34.1; other versions may also be affected.
75. Mantis 'Most Active Bugs' Summary Cross Site Scripting Vulnerability
BugTraq ID: 27367
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27367
Summary:
Mantis is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker can leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Versions prior to Mantis 1.1.1 are vulnerable.
76. ClamAV 'libclamav/pe.c' MEW Packed PE File Integer Overflow Vulnerability
BugTraq ID: 26927
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26927
Summary:
ClamAV is prone to an integer-overflow vulnerability because it fails to properly verify user-supplied data.
Successful exploits of this vulnerability can allow remote attackers to execute arbitrary machine code in the context of applications using the 'libclamav' library. Failed exploits may crash the application.
ClamAV 0.91.2 is vulnerable to this issue; other versions may also be affected.
77. X.Org X Server PCF Font Parser Buffer Overflow Vulnerability
BugTraq ID: 27352
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27352
Summary:
X.Org X Server is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers can exploit this issue to execute arbitrary code with the privileges of the server. Failed attacks will cause denial-of-service conditions.
NOTE: This vulnerability was previously covered in BID 27336 (X.Org X Server Multiple Local Privilege Escalation and Information Disclosure Vulnerabilities), but has been given its own record to better document the issue.
78. ClamAV 'mspack.c' Off-By-One Buffer Overflow Vulnerability
BugTraq ID: 26946
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/26946
Summary:
ClamAV is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers.
Successful exploits of this vulnerability can allow remote attackers to execute arbitrary machine code in the context of applications using the 'libclamav' library. Failed exploits may crash the application.
ClamAV 0.91.2 is vulnerable to this issue; other versions may also be affected.
79. xine-lib 'rmff_dump_cont()' Remote Heap Buffer Overflow Vulnerability
BugTraq ID: 27198
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27198
Summary:
The xine-lib library is prone to a remote heap-based buffer-overflow vulnerability. This issue occurs because the software fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.
This issue affects xine-lib 1.1.9 and prior versions.
80. Citrix Presentation Server IMA Service Buffer Overflow Vulnerability
BugTraq ID: 27329
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27329
Summary:
Citrix Presentation Server is prone to a buffer-overflow vulnerability because the IMA service fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successfully exploiting this issue may allow attackers to execute arbitrary machine code in the context of the IMA server process. Failed exploit attempts will likely result in denial-of-service conditions.
The issue affects the following versions:
Citrix MetaFrame and Presentation Server 4.5 (and earlier)
Citrix Access Essentials 2.0 (and earlier)
Citrix Desktop Server 1.0 (and earlier)
81. PHP-Nuke News Module Index.PHP SQL Injection Vulnerability
BugTraq ID: 21277
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/21277
Summary:
The PHP-Nuke News module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
PHP-Nuke 7.9 and prior versions are vulnerable.
82. Invision Gallery Index.PHP SQL Injection Vulnerability
BugTraq ID: 20327
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/20327
Summary:
Invision Gallery is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
83. Novemberborn sIFR 'txt' Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 27394
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27394
Summary:
Novemberborn sIFR is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Versions prior to sIFR 2.0.3 and 3r278 are vulnerable.
84. GlobalLink 'GLChat.ocx' ActiveX Control 'ChatRoom()' Buffer Overflow Vulnerability
BugTraq ID: 27393
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27393
Summary:
GlobalLink 'GLChat.ocx' ActiveX control is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.
GlobalLink 'GLChat.ocx' ActiveX control 2.5.1.33 is reported affected by this issue; other versions may also be vulnerable.
85. F5 BIG-IP 'SearchString' Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 27272
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27272
Summary:
F5 BIG-IP is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
BIG-IP firmware version 9.4.3 is vulnerable; other versions may also be affected.
86. PacerCMS 'id' Parameter Multiple SQL Injection Vulnerabilities
BugTraq ID: 27397
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27397
Summary:
PacerCMS is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
These issues affect versions prior to PacerCMS 0.6.1.
NOTE: To exploit these issues, the attacker may require 'staff member' access.
87. PacerCMS 'submit.php' Multiple HTML Injection Vulnerabilities
BugTraq ID: 27386
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27386
Summary:
PacerCMS is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.
Exploiting these issues may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.
Versions prior to PacerCMS 0.6.1 are vulnerable.
NOTE: This BID was originally published under the title 'PacerCMS 'submit.php' Cross-Site Scripting Vulnerability'. Further analysis reveals that these issues are HTML-injection vulnerabilities.
88. IBM WebSphere Business Modeler Repository Arbitrary File Deletion Vulnerability
BugTraq ID: 27389
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27389
Summary:
IBM WebSphere Business Modeler is prone to a vulnerability that allows users to delete arbitrary files from repositories.
Attackers can use this issue to delete arbitrary files from repositories, making the resources unavailable for legitimate users.
This issue affects IBM WebSphere Business Modeler Basic 6.0.2.1 and Advanced 6.0.2.1.
89. Fujitsu Interstage HTTP Server Multiple Unspecified Denial Of Service Vulnerabilities
BugTraq ID: 27391
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27391
Summary:
Fujitsu Interstage HTTP Server is prone to multiple unspecified denial-of-service vulnerabilities.
Remote attackers can exploit these issues to deny service to legitimate users.
Currently, very little is known about these issues. We will update this BID as more information emerges.
90. Frimousse 'explorerdir.php' File Disclosure Vulnerability
BugTraq ID: 27385
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27385
Summary:
Frimousse is prone to a vulnerability that lets attackers obtain potentially sensitive information because it fails to prevent access to arbitrary files.
An attacker can exploit this issue to download arbitrary files with the privileges of the webserver process. Information obtained may aid in further attacks.
This issue affects Frimousse 0.0.2; other versions may be vulnerable as well.
91. Small Axe Weblog 'ffile' Parameter Remote File Include Vulnerability
BugTraq ID: 27383
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27383
Summary:
Small Axe Weblog is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
This issue affects Small Axe Weblog 0.3.1; other versions may also be vulnerable.
92. IBM Tivoli Provisioning Manager for OS Deployment Denial of Service Vulnerability
BugTraq ID: 27387
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27387
Summary:
IBM Tivoli Provisioning Manager for OS Deployment is prone to a denial-of-service vulnerability.
A remote attacker may be able to exploit this issue to crash the server process, which could lead to denial-of-service conditions.
Versions prior to IBM Tivoli Provisioning Manager for OS Deployment 5.1.0.3 are vulnerable.
93. IBM Tivoli Business Service Manager Password Disclosure Vulnerability
BugTraq ID: 27388
Remote: No
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27388
Summary:
IBM Tivoli Business Service Manager is prone to a local password-disclosure vulnerability due to a design error.
Exploiting this issue may allow a local attacker to access certain unencrypted passwords, potentially allowing them to access the application in an unauthorized manner. This may aid in further attacks.
This issue affects IBM Tivoli Business Service Manager 4.1.1.
94. singapore Modern Template 'gallery' Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 27382
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27382
Summary:
singapore Modern template is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Modern 1.3.2 and prior versions are reported vulnerable. Reports indicate that Modern 1.3.2 ships with singapore 0.10.1 by default.
95. Mooseguy Blog System 'blog.php' SQL Injection Vulnerability
BugTraq ID: 27377
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27377
Summary:
Mooseguy Blog System (MGBS) is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Mooseguy Blog System 1.0 is vulnerable to this issue; other versions may also be affected.
96. OZ Journals 'printpreview' Local File Disclosure Vulnerability
BugTraq ID: 27375
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27375
Summary:
OZ Journals is prone to a local file-disclosure vulnerability because it fails to properly sanitize user-supplied input.
Exploiting this issue may allow an unauthorized user to retrieve potentially sensitive information that may aid in further attacks.
This issue affects OZ Journals 2.1.1; other versions may also be affected.
97. AlstraSoft Forum Pay Per Post Exchange 'index.php' SQL Injection Vulnerability
BugTraq ID: 27381
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27381
Summary:
Forum Pay Per Post Exchange is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
98. IDMOS CMS 'download.php' Local File Include Vulnerability
BugTraq ID: 27379
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27379
Summary:
IDMOS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability using directory-traversal strings to access potentially sensitive information that may aid in further attacks.
IDMOS 1.0 is vulnerable to this issue; other versions may also be affected.
99. MyBB 'private.php' SQL Injection Vulnerability
BugTraq ID: 27378
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27378
Summary:
MyBB is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This issue affects MyBB 1.2.11; earlier versions may also be vulnerable.
100. Citadel SMTP RCPT TO Remote Buffer Overflow Vulnerability
BugTraq ID: 27376
Remote: Yes
Last Updated: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27376
Summary:
Citadel is prone to a buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer.
Attackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Versions prior to Citadel 7.11 are vulnerable to this issue.
SECURITYFOCUS NEWS ARTICLES
1. Legitimate sites serving up stealthy attacks
By: Robert Lemos
The Random JS infection kit serves up malicious code that hides itself by attempting to compromise each visitor only once and using a different file name each time.
http://www.securityfocus.com/news/11501
2. Malware hitches a ride on digital devices
By: Robert Lemos
Some consumers reported that their holiday gifts came with an unwelcome passenger, a Trojan horse. Infections at the factory and in retail stores will likely become more common.
http://www.securityfocus.com/news/11499
3. Senate delays vote on spy bill
By: Robert Lemos
A bill that would modernize the United States' legal framework for eavesdropping and grant telecommunications companies retroactive immunity for wiretapping customers will have to wait until January.
http://www.securityfocus.com/news/11498
4. Researchers reverse Netflix anonymization
By: Robert Lemos
Two computer scientists show that a large set of transactional data poses privacy risks by finding a way to link movie ratings from the Netflix Prize dataset to publicly available information.
http://www.securityfocus.com/news/11497
source
Wednesday, January 23, 2008
Forefox Vulnerabilities
1. Multiple Browser URI Handlers Command Injection Vulnerabilities
Remote: Yes
Summary: Multiple browsers are prone to vulnerabilities that let attackers inject commands through various protocol handlers.
Exploiting these issues allows remote attackers to pass and execute arbitrary commands and arguments through processes such as 'cmd.exe' by employing various URI handlers.
An attacker can exploit these issues to carry out various attacks by executing arbitrary commands on a vulnerable computer.
Exploiting these issues would permit remote attackers to influence command options that can be called through protocol handlers and to execute commands with the privileges of a user running the application. Successful attacks may result in a variety of consequences, including remote unauthorized access.
Mozilla Firefox 2.0.0.5, 3.0a6 and Netscape Navigator 9 are reported vulnerable to these issues. Other versions of these browsers and other vendors' browsers may also be affected.
more
2. Multiple Web Browsers Digest Authentication HTTP Response Splitting Vulnerability
Remote: Yes
Summary: Multiple browsers are prone to an HTTP-response-splitting vulnerability because the software fails to properly sanitize user-supplied input.
A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.
This issue affects Microsoft Internet Explorer 7.0.5730.11 and Mozilla Firefox 2.0.0.3; other versions and browsers may also be affected.
more
3. Multiple Vendor Web Browser JavaScript Key Filtering Vulnerability
Remote: Yes
Summary: Multiple web browsers are prone to a JavaScript key-filtering vulnerability because the browsers fail to securely handle keystroke input from users.
This issue is demonstrated to allow attackers to divert keystrokes from one input form in a webpage to a hidden file-upload dialog in the same page. This may allow remote attackers to initiate file uploads from unsuspecting users. Other attacks may also be possible.
Exploiting this issue requires that users manually type the full path of files that attackers wish to download. This may require substantial typing from targeted users, so attackers will likely use keyboard-based games, blogs, or other similar pages to entice users to enter the required keyboard input to exploit this issue.
Reportedly, Mozilla Suite, Mozilla Firefox, Mozilla SeaMonkey, Netscape Navigator, and Microsoft Internet Explorer are all vulnerable to this issue.
more
4. Mozilla Firefox OnKeyDown Event File Upload Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to an information-disclosure vulnerability that can allow an attacker to access sensitive files.
This issue stems from a design error resulting from the improper handling of form fields.
All versions of Firefox are considered vulnerable.
more
5. Mozilla Firefox OnUnload Javascript Browser Entrapment Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to a vulnerability that allows attackers to trap users at a particular webpage and spoof page transitions.
Attackers may exploit this via a malicious page to spoof the contents and origin of a page that the victim may trust. This vulnerability may be useful in phishing or other attacks that rely on content spoofing.
more
6. Mozilla Firefox WYCIWYG:// URI Cache Zone Bypass Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to a cache-zone-bypass vulnerability because the application fails to properly block remote access to special internally generated URIs containing cached data.
Exploiting this issue allows remote attackers to access potentially sensitive information and to place markers with similar functionality to cookies onto targeted users' computers, regardless of cookie security settings. Information harvested in successful exploits may aid in further attacks.
Attackers may also potentially exploit this issue to perform cache-poisoning or URL-spoofing attacks.
more
7. Mozilla Firefox 2.0.0.7 Multiple Remote Vulnerabilities
Remote: Yes
Summary: The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox 2.0.0.7 and prior versions.
These vulnerabilities allow attackers to:
- Execute arbitrary code due to memory corruption.
- Carry out content spoofing and phishing attacks.
- Gain unauthorized access to files on a user's computer running the Linux operating system.
- Execute script code with elevated privileges.
Other attacks may also be possible.
These issues are present in Firefox 2.0.0.7 and prior versions. Mozilla Thunderbird 2.0.0.7 and prior versions as well as SeaMonkey 1.1.4 and prior versions are also affected by many of these vulnerabilities.
more
8. Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution Vulnerability
Remote: Yes
Summary: Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a vulnerability that allows JavaScript to execute with unintended privileges.
A malicious site may be able to cause the execution of a script with Chrome privileges. Attackers could exploit this issue to execute hostile script code with privileges that exceed those that were intended. Certain Firefox extensions may not intend 'about:blank' to execute script code with Chrome privileges.
NOTE: This issue was introduced by the fix for MFSA 2007-20.
more
9. Mozilla Firefox 2.0.0.4 Multiple Remote Vulnerabilities
Remote: Yes
Summary: The Mozilla Foundation has released four security advisories specifying multiple vulnerabilities in Firefox 2.0.0.4.
These vulnerabilities allow attackers to:
- Execute arbitrary code
- Execute code with chrome privileges
- Perform cross-site scripting attacks
- Crash Firefox in a myriad of ways, with evidence of memory corruption.
Other attacks may also be possible.
more
10. Mozilla Firefox URLBar Null Byte File Remote Code Execution Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to a remote code-execution vulnerability because it fails to adequately sanitize user-supplied input.
Attackers may exploit this issue by enticing victims into visiting a malicious site and followings links with improper file extensions.
Successful exploits may allow an attacker to crash the application or execute arbitrary code in the context of the affected application. Other attacks are also possible.
more
11. Mozilla Firefox About:Blank IFrame Cross Domain Information Disclosure Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to a cross-domain information-disclosure vulnerability because scripts may persist across navigations.
A malicious site may be able to modify the iframe of a site in an arbitrary external domain. Attackers could exploit this to gain access to sensitive information that is associated with the external domain. Other attacks are also possible, such as executing script code in other browser security zones.
This issue is being tracked by Bugzilla Bug 382686 and is reportedly related to Bug 343168.
Firefox 2.0.0.4 and prior versions are vulnerable.
more
12. Microsoft Internet Explorer and Mozilla Firefox URI Handler Command Injection Vulnerability
Remote: Yes
Summary: Microsoft Internet Explorer, Mozilla Firefox and Netscape Navigator are prone to a vulnerability that lets attackers inject commands through the 'firefoxurl' and 'navigatorurl' protocol handlers.
Exploiting these issues allows remote attackers to pass and execute arbitrary commands and arguments through the 'firefox.exe' and 'navigator.exe' processes by employing the 'firefoxurl' and 'navigatorurl' handlers.
An attacker can also employ these issues to carry out cross-browser scripting attacks by using the '-chrome' argument. This can allow the attacker to run JavaScript code with the privileges of trusted Chrome context and gain full access to Firefox and Netscape Navigator's resources.
Exploiting these issues would permit remote attackers to influence command options that can be called through the 'firefoxurl' and 'navigatorurl' handlers and therefore execute commands and script code with the privileges of a user running the applications. Successful attacks may result in a variety of consequences, including remote unauthorized access.
more
13. Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to an unspecified vulnerability that lets remote attackers inject commands through the 'mailto', 'nntp', 'news', and 'snews' protocol handlers.
Remote attackers may influence command options that can be called through the various handlers and therefore execute commands and script code with the privileges of a user running the applications. Successful attacks may result in various consequences, including remote unauthorized access.
more
source
Remote: Yes
Summary: Multiple browsers are prone to vulnerabilities that let attackers inject commands through various protocol handlers.
Exploiting these issues allows remote attackers to pass and execute arbitrary commands and arguments through processes such as 'cmd.exe' by employing various URI handlers.
An attacker can exploit these issues to carry out various attacks by executing arbitrary commands on a vulnerable computer.
Exploiting these issues would permit remote attackers to influence command options that can be called through protocol handlers and to execute commands with the privileges of a user running the application. Successful attacks may result in a variety of consequences, including remote unauthorized access.
Mozilla Firefox 2.0.0.5, 3.0a6 and Netscape Navigator 9 are reported vulnerable to these issues. Other versions of these browsers and other vendors' browsers may also be affected.
more
2. Multiple Web Browsers Digest Authentication HTTP Response Splitting Vulnerability
Remote: Yes
Summary: Multiple browsers are prone to an HTTP-response-splitting vulnerability because the software fails to properly sanitize user-supplied input.
A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.
This issue affects Microsoft Internet Explorer 7.0.5730.11 and Mozilla Firefox 2.0.0.3; other versions and browsers may also be affected.
more
3. Multiple Vendor Web Browser JavaScript Key Filtering Vulnerability
Remote: Yes
Summary: Multiple web browsers are prone to a JavaScript key-filtering vulnerability because the browsers fail to securely handle keystroke input from users.
This issue is demonstrated to allow attackers to divert keystrokes from one input form in a webpage to a hidden file-upload dialog in the same page. This may allow remote attackers to initiate file uploads from unsuspecting users. Other attacks may also be possible.
Exploiting this issue requires that users manually type the full path of files that attackers wish to download. This may require substantial typing from targeted users, so attackers will likely use keyboard-based games, blogs, or other similar pages to entice users to enter the required keyboard input to exploit this issue.
Reportedly, Mozilla Suite, Mozilla Firefox, Mozilla SeaMonkey, Netscape Navigator, and Microsoft Internet Explorer are all vulnerable to this issue.
more
4. Mozilla Firefox OnKeyDown Event File Upload Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to an information-disclosure vulnerability that can allow an attacker to access sensitive files.
This issue stems from a design error resulting from the improper handling of form fields.
All versions of Firefox are considered vulnerable.
more
5. Mozilla Firefox OnUnload Javascript Browser Entrapment Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to a vulnerability that allows attackers to trap users at a particular webpage and spoof page transitions.
Attackers may exploit this via a malicious page to spoof the contents and origin of a page that the victim may trust. This vulnerability may be useful in phishing or other attacks that rely on content spoofing.
more
6. Mozilla Firefox WYCIWYG:// URI Cache Zone Bypass Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to a cache-zone-bypass vulnerability because the application fails to properly block remote access to special internally generated URIs containing cached data.
Exploiting this issue allows remote attackers to access potentially sensitive information and to place markers with similar functionality to cookies onto targeted users' computers, regardless of cookie security settings. Information harvested in successful exploits may aid in further attacks.
Attackers may also potentially exploit this issue to perform cache-poisoning or URL-spoofing attacks.
more
7. Mozilla Firefox 2.0.0.7 Multiple Remote Vulnerabilities
Remote: Yes
Summary: The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox 2.0.0.7 and prior versions.
These vulnerabilities allow attackers to:
- Execute arbitrary code due to memory corruption.
- Carry out content spoofing and phishing attacks.
- Gain unauthorized access to files on a user's computer running the Linux operating system.
- Execute script code with elevated privileges.
Other attacks may also be possible.
These issues are present in Firefox 2.0.0.7 and prior versions. Mozilla Thunderbird 2.0.0.7 and prior versions as well as SeaMonkey 1.1.4 and prior versions are also affected by many of these vulnerabilities.
more
8. Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution Vulnerability
Remote: Yes
Summary: Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a vulnerability that allows JavaScript to execute with unintended privileges.
A malicious site may be able to cause the execution of a script with Chrome privileges. Attackers could exploit this issue to execute hostile script code with privileges that exceed those that were intended. Certain Firefox extensions may not intend 'about:blank' to execute script code with Chrome privileges.
NOTE: This issue was introduced by the fix for MFSA 2007-20.
more
9. Mozilla Firefox 2.0.0.4 Multiple Remote Vulnerabilities
Remote: Yes
Summary: The Mozilla Foundation has released four security advisories specifying multiple vulnerabilities in Firefox 2.0.0.4.
These vulnerabilities allow attackers to:
- Execute arbitrary code
- Execute code with chrome privileges
- Perform cross-site scripting attacks
- Crash Firefox in a myriad of ways, with evidence of memory corruption.
Other attacks may also be possible.
more
10. Mozilla Firefox URLBar Null Byte File Remote Code Execution Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to a remote code-execution vulnerability because it fails to adequately sanitize user-supplied input.
Attackers may exploit this issue by enticing victims into visiting a malicious site and followings links with improper file extensions.
Successful exploits may allow an attacker to crash the application or execute arbitrary code in the context of the affected application. Other attacks are also possible.
more
11. Mozilla Firefox About:Blank IFrame Cross Domain Information Disclosure Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to a cross-domain information-disclosure vulnerability because scripts may persist across navigations.
A malicious site may be able to modify the iframe of a site in an arbitrary external domain. Attackers could exploit this to gain access to sensitive information that is associated with the external domain. Other attacks are also possible, such as executing script code in other browser security zones.
This issue is being tracked by Bugzilla Bug 382686 and is reportedly related to Bug 343168.
Firefox 2.0.0.4 and prior versions are vulnerable.
more
12. Microsoft Internet Explorer and Mozilla Firefox URI Handler Command Injection Vulnerability
Remote: Yes
Summary: Microsoft Internet Explorer, Mozilla Firefox and Netscape Navigator are prone to a vulnerability that lets attackers inject commands through the 'firefoxurl' and 'navigatorurl' protocol handlers.
Exploiting these issues allows remote attackers to pass and execute arbitrary commands and arguments through the 'firefox.exe' and 'navigator.exe' processes by employing the 'firefoxurl' and 'navigatorurl' handlers.
An attacker can also employ these issues to carry out cross-browser scripting attacks by using the '-chrome' argument. This can allow the attacker to run JavaScript code with the privileges of trusted Chrome context and gain full access to Firefox and Netscape Navigator's resources.
Exploiting these issues would permit remote attackers to influence command options that can be called through the 'firefoxurl' and 'navigatorurl' handlers and therefore execute commands and script code with the privileges of a user running the applications. Successful attacks may result in a variety of consequences, including remote unauthorized access.
more
13. Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to an unspecified vulnerability that lets remote attackers inject commands through the 'mailto', 'nntp', 'news', and 'snews' protocol handlers.
Remote attackers may influence command options that can be called through the various handlers and therefore execute commands and script code with the privileges of a user running the applications. Successful attacks may result in various consequences, including remote unauthorized access.
more
source
Ubuntu security announce: OpenSSH vulnerability (Kees Cook)
A security issue affects the following Ubuntu releases:
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Jan Pechanec discovered that ssh would forward trusted X11 cookies when untrusted cookie generation failed. This could lead to unintended privileges being forwarded to a remote host.
more
source:windows-center.blogspot.com
- Ubuntu 6.06 LTS
- Ubuntu 6.10
- Ubuntu 7.04
- Ubuntu 7.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
- Ubuntu 6.06 LTS: openssh-client 1:4.2p1-7ubuntu3.2
- Ubuntu 6.10: openssh-client 1:4.3p2-5ubuntu1.1
- Ubuntu 7.04: openssh-client 1:4.3p2-8ubuntu1.1
- Ubuntu 7.10: openssh-client 1:4.6p1-5ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Jan Pechanec discovered that ssh would forward trusted X11 cookies when untrusted cookie generation failed. This could lead to unintended privileges being forwarded to a remote host.
more
source:windows-center.blogspot.com
59 Cool Websites
All listed websites are FREE (or come with a decent free account option).
(1) Doodle - Next time you need to schedule a meeting, try Doodle: it’s smart, simple, fast, and doesn’t require any sign-up.
(2) MyVoipProvider - Compare VoIP calling rates to any country worldwide. MyVoipProvider looks through hundreds of popular VoIP providers (Skype, VoipBuster, Jajah etc.) and lists them based on the calling rates.
(3) PhoneSpell - Ever wonder what the letters that are associated with your phone number spell out. This is the place to find it out.
(4) phpForm - Great online form creator for those who aren’t sure of HTML. Create forms quickly and efficiently.
(5) Pingie - Free RSS to SMS service that allows users to forward RSS feeds to mobile phones.
(6) SwarmSketch - Online sketch board where 1000s of people collaborate on all kinds of sketches. Each week SwarmSketch randomly chooses some popular search term and makes it the sketch subject for the week.
(7) SubwayMaps - Find and print subway and metro maps for almost any city that has a subway. In addition to maps you can also get such info as hours of operation, ticket price, related subway images, etc.
(8) WebFormFactory - Every online form needs a backend code, something that grabs the input data and processes it. WFF is an open source online form generator which automatically generates the necessary backend code to tie your form to a database. Combine it with above phpForm, and you have everything you need to design and place forms on your website.
(9) WhatTheFont - Online font recognition tool that identifes the font type (Arial, Helvetica, Time New Roman, Tahoma etc.) by scanning font image.
(10) YouTorrent - Newly launched torrent search site that enables users to search and compare torrents from 12 popular torrent engines (Mininova, The Pirate Bay … ) simultaneously.
(11) ATMLocator - Instantly locate and get address details for nearby ATM Cash Machines in almost any country worldwide.
(12) BrowserShots - Web-based browser combatibility check tool that allows designers to preview website look in all popular browsers at the same time.
(13) Digby - Use your BlackBerry to find, browse and buy popular merchandise including books, music, DVDs, flowers etc.
(14) Meemix - Online music recommendation service that serves you custom playlists (aka ‘Mee stations’) based on selected songs or artists. Create stations, share stations with friends, tune-in to stations created by other members, etc.
(15) MobSaver - Lookup (compare) product prices on Amazon and eBay via text messaging. Just text UPC or ISBN number of any item to ’save@mobsaver.com’ and shortly after you should receive a text message with the item prices on Amazon and eBay.
(16) PDFHammer - Extremely useful online tool that lets you merge and rearrange PDF documents online.
(17) PriceHub - If you are in the market for a new car, or want to sell one, you can use PriceHub to get a fairly good idea about how much other people have paid for a similar car.
(18) PrintFreeGraphPaper - Create and print custom graph paper sheets. Perfect for science and math students, craft projects etc.
(19) ScrubIT - Free DNS service that offers a bunch of useful improvements to your internet connection. These include better connection speed, automatic blocking of malicious websites and domain typo fixer.
(20) toRead - Tiny browser bookmarklet that sends current webpage to your email address. Just click on ‘toread’ button on yout toolbar and the page will be forwarded to your email.
(21) Bodocus - Love to watch documentaries ? Bodocus is a documentary movie directory where you can freely access and stream over 650 documenatary movies.
(22) CanYouRunIt - One-click web utility that inspects your computer’s hardware and configuration settings to determine whether or not your system can run a particular game. Must-have bookmark for any gamer.
(23) CoverItLive - Stream live commentary onto your web pages or blog so your readers can follow you in real time. Extremely useful for live coverage of events, conferences, interviews etc. In addition to commentary you can also post polls, youtube videos, images from Google, accept questions from viewers, etc.
(24) IM-History - Desktop application that lets your save and sync your IM conversations for multiple instant messengers in one place. Whether you’re on Skype, MSN, AIM, ICQ, at work or at home, you can have all chat conversations securely stored in one place.
(25) InstaSaver - Free web-based screensaver maker that lets you transform your favorite photos into a Windows screensaver.
(26) PixDrop - Easily send pictures from a computer to your mobile phone. If you need a new wallpaper for your phone PixDrop is one of the faster and free ways to get it.
(27) SendMeRSS - Simple ‘RSS to email service’ that allows you to receive latest posts from your favorite blogs or websites by email. SendMeRSS checks each of the websites you’ve selected at least once in every two hours. If there is something new it gets instantly forwarded to your email.
(28) SurfTheChannel - Yet another online destination for streaming popular TV content for free. Stream TV shows, movies, documentaries, anime shows, etc.
(29) Taskado - Online project manager and collaboration tool for teams: collaborate on projects, delegate tasks to others, assign different priviledges to each collaborator, etc.
(30) TimeBridge - Fully automated meeting manager that can schedule and organize meetings for you. It’s free, takes less than a minute to sign-up and fully integrable with M. Outlook and Google Calendar.
(31) Adobe Share - Online document storage and sharing service from Adobe. Store and share office files from one centralized location and access it from any PC.
(32) Clip2Net - Must-have for anyone who frequently deals with screenshots. It’s a small desktop client that lets you easily capture and annotate screenshots (add highlights, arrows, …) and embed ready screenshots on any webpage. It’s also an excellent file sharing client.
(33) MeBeam - The simplest way to setup informal video / audio conference calls with with up to 18 people simultaneously. No sign-up or download required.
(34) Keybr - Quick and easy online training tool to practice your touch typing skills.
(35) Morale-O-Meter - Keep track of your morale, health, sleep, alcohol and caffeine consumption on a daily basis. Plot everything on a graph, share graphs with friends, compare your stats against others, and so on.
(36) Nymbler - Smart baby name guide to help you find the ideal name for your newborn.
(37) OhDontForget - Free mobile text messaging service with the option to schedule SMS delivery on any date and time you want. No registration required.
(38) reQall - reQall helps you remember stuff when you’re on the go - ideas, appointments, phone numbers, anything. Just dial provided toll-free number and ask reqall to remember it.
(39) Visual Dictionary - Visual dictionary from Merriam-Webster.
(40) Web-Alerts - Watches your favorite blogs or websites for updates and texts you as soon as there is something new.
(41) AirlineMeals - “The world’s first and leading site about nothing but airline food”. Excellent community where travelers submit, review and discuss airline meals.
(42) CameraSummary - Web-based image data extractor that extracts additional information from the JPEG images. Just upload your picture and it will instantly tell you what model of digicam was used, image creation date, camera resolution settings and lots of other details.
(43) CuePrompter - First of a kind, online teleprompter (autocue) service. Copy ‘n paste some text to CuePromter and it will run an enlarged line-by-line copy of it.
(44) Google Mobilizer - Free tool to mobilize any website and make it accessible from your mobile phone or PDA.
(45) Kwout - Handy web-based quote maker that allows you to quote a webpage (or part of it) as an image with an image map (screenshots that can have links in them).
(46) MoDazzle - This service allows you to access Facebook, LinkedIn and dozens of other web services (local directory services, weather, stock quotes, etc.) via email or mobile text messaging (sms): Update your Facebook ’status’, get ‘un-read’ messages from your Facebook inbox, get someone’s profile info from LinkedIn, request driving directions, read restaurant reviews, get location of the nearest Starbucks, and more.
(47) NetworkText - Free texting service for groups. Upload your contacts, organize contacts into groups, and send free group text messages both from web or mobile phone.
(48) OSLiving - Nicely organized collection of best open source software package in one place.
(49) PicMarkr - Finally, free online service to watermark your images. PicMarkr allows you to protect and brand your images by adding a custom image or text watermarks.
(50) Resolio - Free service to create and publish professionally looking resumes online.
(51) StumbleUpon - StumbleUpon’s service lets users bookmark and discover new sites they love.
(52) Twitter - Twitter, the new addictive microblogging platform.
(53) Netvibes - Based in London, Tariq Karim and Freddy Mini’s Netvibes has made waves in the U.S. as a top personalized web portal.
(54) Meebo - Meebo made instant messaging ubiquitous by bringing it online. They then developed it into a platform where anyone could add chat to their applications.
(55) Zoho - Zoho’s comprehensive online suite of 14 business applications ranging from document editing to CRM continues to lead the way in the move away from desktop computing to working in the cloud.
(56) iMedix - iMedix combines search and social networking to change the way people find health information online. Users are encouraged to help each other by sharing health experiences and links from around the web.
(57) ZapTXT - Get RSS feed updates in your IM program with ZapTXT.
(58) MetrO - Métro is a free worldwide public transport guide can be used on the web and on most existing smart phones. Download the program for over 250 cities wordlwide and have an easy subway, bus and tram station guide rite on your phone. It lets you calculate travel time, major landmarks (in major cities), shortest distances and of-course travel direction between any stations.
(59) TripIt - TripIt is a handy itinerary planner for those going on an independent trip. Simply forward your individual booking confirmations, reservation emails etc. TripIt recognizes these emails and creates a master itinerary that puts together all the individual pieces, provides extra information where appropriate (maps, weather information etc), enables the user to add notes and ultimately share and collaborate on this master itinerary with others.
sources:
Makeuseof
Techcrunch
(1) Doodle - Next time you need to schedule a meeting, try Doodle: it’s smart, simple, fast, and doesn’t require any sign-up.
(2) MyVoipProvider - Compare VoIP calling rates to any country worldwide. MyVoipProvider looks through hundreds of popular VoIP providers (Skype, VoipBuster, Jajah etc.) and lists them based on the calling rates.
(3) PhoneSpell - Ever wonder what the letters that are associated with your phone number spell out. This is the place to find it out.
(4) phpForm - Great online form creator for those who aren’t sure of HTML. Create forms quickly and efficiently.
(5) Pingie - Free RSS to SMS service that allows users to forward RSS feeds to mobile phones.
(6) SwarmSketch - Online sketch board where 1000s of people collaborate on all kinds of sketches. Each week SwarmSketch randomly chooses some popular search term and makes it the sketch subject for the week.
(7) SubwayMaps - Find and print subway and metro maps for almost any city that has a subway. In addition to maps you can also get such info as hours of operation, ticket price, related subway images, etc.
(8) WebFormFactory - Every online form needs a backend code, something that grabs the input data and processes it. WFF is an open source online form generator which automatically generates the necessary backend code to tie your form to a database. Combine it with above phpForm, and you have everything you need to design and place forms on your website.
(9) WhatTheFont - Online font recognition tool that identifes the font type (Arial, Helvetica, Time New Roman, Tahoma etc.) by scanning font image.
(10) YouTorrent - Newly launched torrent search site that enables users to search and compare torrents from 12 popular torrent engines (Mininova, The Pirate Bay … ) simultaneously.
(11) ATMLocator - Instantly locate and get address details for nearby ATM Cash Machines in almost any country worldwide.
(12) BrowserShots - Web-based browser combatibility check tool that allows designers to preview website look in all popular browsers at the same time.
(13) Digby - Use your BlackBerry to find, browse and buy popular merchandise including books, music, DVDs, flowers etc.
(14) Meemix - Online music recommendation service that serves you custom playlists (aka ‘Mee stations’) based on selected songs or artists. Create stations, share stations with friends, tune-in to stations created by other members, etc.
(15) MobSaver - Lookup (compare) product prices on Amazon and eBay via text messaging. Just text UPC or ISBN number of any item to ’save@mobsaver.com’ and shortly after you should receive a text message with the item prices on Amazon and eBay.
(16) PDFHammer - Extremely useful online tool that lets you merge and rearrange PDF documents online.
(17) PriceHub - If you are in the market for a new car, or want to sell one, you can use PriceHub to get a fairly good idea about how much other people have paid for a similar car.
(18) PrintFreeGraphPaper - Create and print custom graph paper sheets. Perfect for science and math students, craft projects etc.
(19) ScrubIT - Free DNS service that offers a bunch of useful improvements to your internet connection. These include better connection speed, automatic blocking of malicious websites and domain typo fixer.
(20) toRead - Tiny browser bookmarklet that sends current webpage to your email address. Just click on ‘toread’ button on yout toolbar and the page will be forwarded to your email.
(21) Bodocus - Love to watch documentaries ? Bodocus is a documentary movie directory where you can freely access and stream over 650 documenatary movies.
(22) CanYouRunIt - One-click web utility that inspects your computer’s hardware and configuration settings to determine whether or not your system can run a particular game. Must-have bookmark for any gamer.
(23) CoverItLive - Stream live commentary onto your web pages or blog so your readers can follow you in real time. Extremely useful for live coverage of events, conferences, interviews etc. In addition to commentary you can also post polls, youtube videos, images from Google, accept questions from viewers, etc.
(24) IM-History - Desktop application that lets your save and sync your IM conversations for multiple instant messengers in one place. Whether you’re on Skype, MSN, AIM, ICQ, at work or at home, you can have all chat conversations securely stored in one place.
(25) InstaSaver - Free web-based screensaver maker that lets you transform your favorite photos into a Windows screensaver.
(26) PixDrop - Easily send pictures from a computer to your mobile phone. If you need a new wallpaper for your phone PixDrop is one of the faster and free ways to get it.
(27) SendMeRSS - Simple ‘RSS to email service’ that allows you to receive latest posts from your favorite blogs or websites by email. SendMeRSS checks each of the websites you’ve selected at least once in every two hours. If there is something new it gets instantly forwarded to your email.
(28) SurfTheChannel - Yet another online destination for streaming popular TV content for free. Stream TV shows, movies, documentaries, anime shows, etc.
(29) Taskado - Online project manager and collaboration tool for teams: collaborate on projects, delegate tasks to others, assign different priviledges to each collaborator, etc.
(30) TimeBridge - Fully automated meeting manager that can schedule and organize meetings for you. It’s free, takes less than a minute to sign-up and fully integrable with M. Outlook and Google Calendar.
(31) Adobe Share - Online document storage and sharing service from Adobe. Store and share office files from one centralized location and access it from any PC.
(32) Clip2Net - Must-have for anyone who frequently deals with screenshots. It’s a small desktop client that lets you easily capture and annotate screenshots (add highlights, arrows, …) and embed ready screenshots on any webpage. It’s also an excellent file sharing client.
(33) MeBeam - The simplest way to setup informal video / audio conference calls with with up to 18 people simultaneously. No sign-up or download required.
(34) Keybr - Quick and easy online training tool to practice your touch typing skills.
(35) Morale-O-Meter - Keep track of your morale, health, sleep, alcohol and caffeine consumption on a daily basis. Plot everything on a graph, share graphs with friends, compare your stats against others, and so on.
(36) Nymbler - Smart baby name guide to help you find the ideal name for your newborn.
(37) OhDontForget - Free mobile text messaging service with the option to schedule SMS delivery on any date and time you want. No registration required.
(38) reQall - reQall helps you remember stuff when you’re on the go - ideas, appointments, phone numbers, anything. Just dial provided toll-free number and ask reqall to remember it.
(39) Visual Dictionary - Visual dictionary from Merriam-Webster.
(40) Web-Alerts - Watches your favorite blogs or websites for updates and texts you as soon as there is something new.
(41) AirlineMeals - “The world’s first and leading site about nothing but airline food”. Excellent community where travelers submit, review and discuss airline meals.
(42) CameraSummary - Web-based image data extractor that extracts additional information from the JPEG images. Just upload your picture and it will instantly tell you what model of digicam was used, image creation date, camera resolution settings and lots of other details.
(43) CuePrompter - First of a kind, online teleprompter (autocue) service. Copy ‘n paste some text to CuePromter and it will run an enlarged line-by-line copy of it.
(44) Google Mobilizer - Free tool to mobilize any website and make it accessible from your mobile phone or PDA.
(45) Kwout - Handy web-based quote maker that allows you to quote a webpage (or part of it) as an image with an image map (screenshots that can have links in them).
(46) MoDazzle - This service allows you to access Facebook, LinkedIn and dozens of other web services (local directory services, weather, stock quotes, etc.) via email or mobile text messaging (sms): Update your Facebook ’status’, get ‘un-read’ messages from your Facebook inbox, get someone’s profile info from LinkedIn, request driving directions, read restaurant reviews, get location of the nearest Starbucks, and more.
(47) NetworkText - Free texting service for groups. Upload your contacts, organize contacts into groups, and send free group text messages both from web or mobile phone.
(48) OSLiving - Nicely organized collection of best open source software package in one place.
(49) PicMarkr - Finally, free online service to watermark your images. PicMarkr allows you to protect and brand your images by adding a custom image or text watermarks.
(50) Resolio - Free service to create and publish professionally looking resumes online.
(51) StumbleUpon - StumbleUpon’s service lets users bookmark and discover new sites they love.
(52) Twitter - Twitter, the new addictive microblogging platform.
(53) Netvibes - Based in London, Tariq Karim and Freddy Mini’s Netvibes has made waves in the U.S. as a top personalized web portal.
(54) Meebo - Meebo made instant messaging ubiquitous by bringing it online. They then developed it into a platform where anyone could add chat to their applications.
(55) Zoho - Zoho’s comprehensive online suite of 14 business applications ranging from document editing to CRM continues to lead the way in the move away from desktop computing to working in the cloud.
(56) iMedix - iMedix combines search and social networking to change the way people find health information online. Users are encouraged to help each other by sharing health experiences and links from around the web.
(57) ZapTXT - Get RSS feed updates in your IM program with ZapTXT.
(58) MetrO - Métro is a free worldwide public transport guide can be used on the web and on most existing smart phones. Download the program for over 250 cities wordlwide and have an easy subway, bus and tram station guide rite on your phone. It lets you calculate travel time, major landmarks (in major cities), shortest distances and of-course travel direction between any stations.
(59) TripIt - TripIt is a handy itinerary planner for those going on an independent trip. Simply forward your individual booking confirmations, reservation emails etc. TripIt recognizes these emails and creates a master itinerary that puts together all the individual pieces, provides extra information where appropriate (maps, weather information etc), enables the user to add notes and ultimately share and collaborate on this master itinerary with others.
sources:
Makeuseof
Techcrunch
Subscribe to:
Posts (Atom)