Weekly Vulnerabilities Reports > August 18 to 24, 2008

Overview

69 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 34 high severity vulnerabilities. This weekly summary report vulnerabilities in 60 products from 43 vendors including Yourfreeworld, Turnkeywebtools, Microworld Technologies, Lussumo, and Hotscripts. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Code Injection", "Path Traversal", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 65 reported vulnerabilities are remotely exploitables.
  • 33 reported vulnerabilities have public exploit available.
  • 42 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 65 reported vulnerabilities are exploitable by an anonymous user.
  • Yourfreeworld has the most reported vulnerabilities, with 10 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

6 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-08-18 CVE-2008-3703 Symantec Improper Authentication vulnerability in Symantec Veritas Storage Foundation 5.0/5.1

The management console in the Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation for Windows (SFW) 5.0, 5.0 RP1a, and 5.1 accepts NULL NTLMSSP authentication, which allows remote attackers to execute arbitrary code via requests to the service socket that create "snapshots schedules" registry values specifying future command execution.

10.0
2008-08-18 CVE-2008-3533 Gnome USE of Externally-Controlled Format String vulnerability in Gnome and Yelp

Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs.

10.0
2008-08-20 CVE-2008-3734 Ipswitch USE of Externally-Controlled Format String vulnerability in Ipswitch WS FTP Home and WS FTP PRO

Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in a connection greeting (response).

9.3
2008-08-20 CVE-2008-3733 EO Video Buffer Errors vulnerability in Eo-Video 1.36

Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element.

9.3
2008-08-20 CVE-2008-3732 Videolan Numeric Errors vulnerability in Videolan VLC Media Player 0.8.6I

Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow.

9.3
2008-08-18 CVE-2008-3704 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers to execute arbitrary code via a long Mask parameter, related to not "validating property values with boundary checks," as exploited in the wild in August 2008, aka "Masked Edit Control Memory Corruption Vulnerability." Additional advisory information from Secunia: http://secunia.com/advisories/31498/ "Visual Studio 6 was last updated June 2000, a Microsoft spokeswoman told SCMagazineUS.com.

9.3

34 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-08-18 CVE-2008-3324 Party Gaming Code Injection vulnerability in Party Gaming Party Poker Client 121120

The PartyGaming PartyPoker client program 121/120 does not properly verify the authenticity of updates, which allows remote man-in-the-middle attackers to execute arbitrary code via a Trojan horse update.

7.6
2008-08-22 CVE-2008-3774 Simasy SQL Injection vulnerability in Simasy CMS

SQL injection vulnerability in index.php in Simasy CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-08-22 CVE-2008-3772 Pars4U SQL Injection vulnerability in Pars4U Videosharing 1

SQL injection vulnerability in categories_portal.php in Pars4u Videosharing 1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.

7.5
2008-08-22 CVE-2008-3768 Turnkeywebtools SQL Injection vulnerability in Turnkeywebtools Sunshop Shopping Cart

Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey Web Tools SunShop Shopping Cart before 4.1.5 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in an edit_registry action to index.php, (2) a vector involving the check_email function, and other vectors.

7.5
2008-08-22 CVE-2008-3767 Smartisoft SQL Injection vulnerability in Smartisoft PHPbazar 2.0.2

SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter.

7.5
2008-08-21 CVE-2008-3765 Discountedscripts SQL Injection vulnerability in Discountedscripts Quick Poll Script

SQL injection vulnerability in code.php in Quick Poll Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-08-21 CVE-2008-3764 Turnkeywebtools Code Injection vulnerability in Turnkeywebtools PHP Live Helper 2.0

Eval injection vulnerability in globalsoff.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary PHP code via the test parameter, and probably arbitrary parameters, to chat.php.

7.5
2008-08-21 CVE-2008-3762 Turnkeywebtools SQL Injection vulnerability in Turnkeywebtools PHP Live Helper 2.0

SQL injection vulnerability in onlinestatus_html.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the dep parameter, related to lack of input sanitization in the get function in global.php.

7.5
2008-08-21 CVE-2008-3759 Lussumo Cross-Site Request Forgery (CSRF) vulnerability in Lussumo Vanilla

Cross-site request forgery (CSRF) vulnerability in ajax/UpdateCheck.php in Vanilla 1.1.4 and earlier has unknown impact and remote attack vectors.

7.5
2008-08-21 CVE-2008-3757 Yourfreeworld SQL Injection vulnerability in Yourfreeworld Forced Matrix Script

SQL injection vulnerability in tr1.php in YourFreeWorld Forced Matrix Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-08-21 CVE-2008-3756 Yourfreeworld SQL Injection vulnerability in Yourfreeworld Viral Marketing Script

SQL injection vulnerability in tr.php in YourFreeWorld Viral Marketing Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-08-21 CVE-2008-3755 Yourfreeworld SQL Injection vulnerability in Yourfreeworld Classifieds

SQL injection vulnerability in view.php in YourFreeWorld Classifieds Script allows remote attackers to execute arbitrary SQL commands via the category parameter.

7.5
2008-08-21 CVE-2008-3754 Yourfreeworld SQL Injection vulnerability in Yourfreeworld Stylish Text ADS Script

SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-08-21 CVE-2008-3753 Yourfreeworld SQL Injection vulnerability in Yourfreeworld Programs Rating Script

SQL injection vulnerability in details.php in YourFreeWorld Programs Rating Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-08-21 CVE-2008-3752 Yourfreeworld SQL Injection vulnerability in Yourfreeworld Ad-Exchange Script

SQL injection vulnerability in tr.php in YourFreeWorld Ad-Exchange Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-08-21 CVE-2008-3751 Yourfreeworld SQL Injection vulnerability in Yourfreeworld Short URL and URL Tracker Script

SQL injection vulnerability in tr.php in YourFreeWorld Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-08-21 CVE-2008-3750 Yourfreeworld SQL Injection vulnerability in Yourfreeworld URL Rotator Script

SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-08-21 CVE-2008-3749 Yourfreeworld SQL Injection vulnerability in Yourfreeworld Banner Management Script

SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-08-21 CVE-2008-3748 Lbstone SQL Injection vulnerability in Lbstone Active PHP Bookmarks and APB

SQL injection vulnerability in view_group.php in Active PHP Bookmarks (APB) 1.1.02 and 1.2.06 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-08-20 CVE-2008-3729 Microworld Technologies Improper Authentication vulnerability in Microworld Technologies Mailscan 5.6.A

Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to bypass authentication and obtain administrative access via a direct request with (1) an IsAdmin=true cookie value or (2) no cookie.

7.5
2008-08-20 CVE-2008-3725 Yourfreeworld SQL Injection vulnerability in Yourfreeworld AD Board Script

SQL injection vulnerability in trr.php in YourFreeWorld Ad Board Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-08-20 CVE-2008-3724 Papoo SQL Injection vulnerability in Papoo

SQL injection vulnerability in index.php in Papoo before 3.7.2 allows remote attackers to execute arbitrary SQL commands via the suchanzahl parameter.

7.5
2008-08-20 CVE-2008-3722 Fipsasp SQL Injection vulnerability in Fipsasp Fipscms 2.1

SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter.

7.5
2008-08-20 CVE-2008-3721 Deeemm Code Injection vulnerability in Deeemm Dmcms 0.7.4

PHP remote file inclusion vulnerability in user_language.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary PHP code via a URL in the language_dir parameter.

7.5
2008-08-20 CVE-2008-3720 Deeemm SQL Injection vulnerability in Deeemm Dmcms 0.7.4

SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary SQL commands via the page parameter.

7.5
2008-08-20 CVE-2008-3719 Scripts FOR Sites SQL Injection vulnerability in Scripts-For-Sites Affiliate Directory

SQL injection vulnerability in directory.php in SFS Affiliate Directory allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action.

7.5
2008-08-19 CVE-2008-3713 Phpbasket SQL Injection vulnerability in PHPbasket

SQL injection vulnerability in product.php in PHPBasket allows remote attackers to execute arbitrary SQL commands via the pro_id parameter.

7.5
2008-08-19 CVE-2008-3711 Phparcadescript SQL Injection vulnerability in PHParcadescript 4.0

SQL injection vulnerability in index.php in PHPArcadeScript (PHP Arcade Script) 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a browse action.

7.5
2008-08-19 CVE-2008-3707 Hotscripts Code Injection vulnerability in Hotscripts Cyboards PHP Lite 1.21

Multiple PHP remote file inclusion vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to execute arbitrary PHP code via a URL in the script_path parameter to (1) flat_read.php, (2) post.php, (3) process_post.php, (4) process_search.php, (5) forum.php, (6) process_subscribe.php, (7) read.php, (8) search.php, (9) subscribe.php in path/; and (10) add_ban.php, (11) add_ban_form.php, (12) add_board.php, (13) add_vip.php, (14) add_vip_form.php, (15) copy_ban.php, (16) copy_vip.php, (17) delete_ban.php, (18) delete_board.php, (19) delete_messages.php, (20) delete_vip.php, (21) edit_ban.php, (22) edit_board.php, (23) edit_vip.php, (24) index.php, (25) lock_messages.php, (26) login.php, (27) modify_ban_list.php, (28) modify_vip_list.php, (29) move_messages.php, (30) process_add_board.php, (31) process_ban.php, (32) process_delete_ban.php, (33) process_delete_board.php, (34) process_delete_messages.php, (35) process_delete_vip.php, (36) process_edit_board.php, (37) process_lock_messages.php, (38) process_login.php, (39) process_move_messages.php, (40) process_sticky_messages.php, (41) process_vip.php, and (42) sticky_messages.php in path/adminopts.

7.5
2008-08-19 CVE-2008-3706 Zeeways SQL Injection vulnerability in Zeeways Zeejobsite 2.0

SQL injection vulnerability in bannerclick.php in ZEEJOBSITE 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.

7.5
2008-08-19 CVE-2008-3705 Echovnc Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Echovnc

Stack-based buffer overflow in the CLogger::WriteFormated function in echoware/Logger.cpp in EchoVNC Linux before 1.1.2 allows remote echoServers to execute arbitrary code via a large (1) group or (2) user list, aka a "very crowded echoServer" attack.

7.5
2008-08-18 CVE-2008-2234 Openwsman Buffer Errors vulnerability in Openwsman 1.2.0/2.0.0

Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote attackers to execute arbitrary code via a crafted "Authorization: Basic" HTTP header.

7.5
2008-08-18 CVE-2008-2233 Openwsman Code Injection vulnerability in Openwsman 1.2.0/2.0.0

The client in Openwsman 1.2.0 and 2.0.0, in unknown configurations, allows remote Openwsman servers to replay SSL sessions via unspecified vectors.

7.5
2008-08-18 CVE-2008-3276 Linux Numeric Errors vulnerability in Linux Kernel

Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field.

7.1

24 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-08-22 CVE-2008-3770 Openfreeway Path Traversal vulnerability in Openfreeway Freeway 1.4.1.171

Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a ..

6.8
2008-08-22 CVE-2008-3769 Openfreeway Code Injection vulnerability in Openfreeway Freeway 1.4.1.171

PHP remote file inclusion vulnerability in admin/create_order_new.php in Freeway 1.4.1.171, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the include_page parameter.

6.8
2008-08-21 CVE-2008-3763 Turnkeywebtools Improper Input Validation vulnerability in Turnkeywebtools PHP Live Helper 2.0

Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when register_globals is enabled, allows remote attackers to overwrite arbitrary variables related to the db config file.

6.8
2008-08-20 CVE-2008-3718 Cyberbb SQL Injection vulnerability in Cyberbb 0.6

Multiple SQL injection vulnerabilities in cyberBB 0.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) id parameter to show_topic.php and the (2) user parameter to profile.php.

6.5
2008-08-20 CVE-2008-3723 Phpizabi Path Traversal vulnerability in PHPizabi 0.848B

Directory traversal vulnerability in index.php in PHPizabi 0.848b C1 HFP3 allows remote authenticated administrators to read arbitrary files via (1) a ..

6.3
2008-08-18 CVE-2008-2936 Postfix Permissions, Privileges, and Access Controls vulnerability in Postfix

Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message.

6.2
2008-08-19 CVE-2008-3716 Harmoni Cross-Site Request Forgery (CSRF) vulnerability in Harmoni

Cross-site request forgery (CSRF) vulnerability in Harmoni before 1.6.0 allows remote attackers to make administrative modifications via a (1) save or (2) delete action to an unspecified component.

6.0
2008-08-19 CVE-2008-3710 Hotscripts Path Traversal vulnerability in Hotscripts Cyboards PHP Lite 1.21

Multiple directory traversal vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) script_path parameter to (a) options.php and the (2) lang_code parameter to (b) copy_vip.php and (c) process_edit_board.php in adminopts/.

5.1
2008-08-22 CVE-2008-3766 Realtime Internet Band Rehearsal Improper Input Validation vulnerability in Realtime Internet Band Rehearsal LOW Latency Internet Connection Tool 0.9.4/0.9.9/2.0.0

Realtime Internet Band Rehearsal Low-Latency (Internet) Connection tool (llcon) before 2.1.2 allows remote attackers to cause a denial of service (application crash) via malformed protocol messages.

5.0
2008-08-20 CVE-2008-3728 Microworld Technologies Permissions, Privileges, and Access Controls vulnerability in Microworld Technologies Mailscan 5.6.A

Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to determine the installation path, IP addresses, and error messages via direct requests to files under LOG/.

5.0
2008-08-20 CVE-2008-3727 Microworld Technologies Path Traversal vulnerability in Microworld Technologies Mailscan 5.6.A

Directory traversal vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to read arbitrary files via a ..

5.0
2008-08-19 CVE-2008-3717 Harmoni Permissions, Privileges, and Access Controls vulnerability in Harmoni

Harmoni before 1.6.0 does not require administrative privileges to list (1) user names or (2) asset ids, which allows remote attackers to obtain sensitive information.

5.0
2008-08-21 CVE-2008-3761 Vmware Improper Input Validation vulnerability in VMWare Workstation 6.0.0.45731

hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 uses the METHOD_NEITHER communication method for IOCTLs, which allows local users to cause a denial of service via a crafted IOCTL request.

4.9
2008-08-22 CVE-2008-3773 Vbulletin Cross-Site Scripting vulnerability in Vbulletin 3.6.10/3.7.2

Cross-site scripting (XSS) vulnerability in vBulletin 3.7.2 PL1 and 3.6.10 PL3, when "Show New Private Message Notification Pop-Up" is enabled, allows remote authenticated users to inject arbitrary web script or HTML via a private message subject (aka newpm[title]).

4.3
2008-08-22 CVE-2008-3771 Pars4U Cross-Site Scripting vulnerability in Pars4U Videosharing 1

Cross-site scripting (XSS) vulnerability in members.php in Pars4u Videosharing 1 allows remote attackers to inject arbitrary web script or HTML via the PageNo parameter.

4.3
2008-08-21 CVE-2008-3760 Lussumo Cross-Site Request Forgery (CSRF) vulnerability in Lussumo Vanilla

Cross-site request forgery (CSRF) vulnerability in the sign-out page in Vanilla 1.1.4 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout via a SignOutNow action to people.php.

4.3
2008-08-21 CVE-2008-3758 Lussumo Cross-Site Scripting vulnerability in Lussumo Vanilla

Multiple cross-site scripting (XSS) vulnerabilities in Lussumo Vanilla 1.1.4 and earlier (1) allow remote attackers to inject arbitrary web script or HTML via the NewPassword parameter to people.php, and allow remote authenticated users to inject arbitrary web script or HTML via the (2) Account picture and (3) Icon fields in account.php.

4.3
2008-08-20 CVE-2008-3735 Phpizabi Cross-Site Scripting vulnerability in PHPizabi 0.848B

Cross-site scripting (XSS) vulnerability in index.php in PHPizabi before 848 Core HotFix Pack 3 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a blogs.search action.

4.3
2008-08-20 CVE-2008-3730 Nordicwind Cross-Site Scripting vulnerability in Nordicwind Noah and Nordicwind Document Management System

Cross-site scripting (XSS) vulnerability in Nordicwind Document Management System (NOAH) before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2008-08-20 CVE-2008-3726 Microworld Technologies Cross-Site Scripting vulnerability in Microworld Technologies Mailscan 5.6.A

Cross-site scripting (XSS) vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to inject arbitrary web script or HTML via the URI.

4.3
2008-08-19 CVE-2008-3714 Awstats Cross-Site Scripting vulnerability in Awstats 6.8

Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inject arbitrary web script or HTML via the query_string, a different vulnerability than CVE-2006-3681 and CVE-2006-1945.

4.3
2008-08-19 CVE-2008-3709 Hotscripts Cross-Site Scripting vulnerability in Hotscripts Cyboards PHP Lite 1.21

Multiple cross-site scripting (XSS) vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to inject arbitrary web script or HTML via the (1) lOptionsOptions, (2) lNavAdminOptions, or (3) lNavReturn parameter to options.php; or the (4) lNavReturn parameter to subscribe.php.

4.3
2008-08-19 CVE-2008-3708 Dotcms Path Traversal vulnerability in Dotcms 1.6.0.9

Multiple directory traversal vulnerabilities in dotCMS 1.6.0.9 allow remote attackers to read arbitrary files via a ..

4.3
2008-08-20 CVE-2008-3731 Solarwinds Remote Denial of Service vulnerability in RhinoSoft Serv-U SFTP

Unspecified vulnerability in Serv-U File Server 7.0.0.1, and other versions before 7.2.0.1, allows remote authenticated users to cause a denial of service (daemon crash) via an SSH session with SFTP commands for directory creation and logging.

4.0

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-08-19 CVE-2008-3715 Flexcms Cross-Site Scripting vulnerability in Flexcms 2.0/2.5

Cross-site scripting (XSS) vulnerability in inc-core-admin-editor-previouscolorsjs.php in the FlexCMS 2.5 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the PreviousColorsString parameter.

2.6
2008-08-19 CVE-2008-3712 Mambo Cross-Site Scripting vulnerability in Mambo 4.6.2/4.6.5

Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and 4.6.5, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) query string to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php and the (2) mosConfig_sitename parameter to administrator/popups/index3pop.php.

2.6
2008-08-18 CVE-2008-3270 Redhat Cryptographic Issues vulnerability in Redhat Enterprise Linux 5.0

yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify the SSL certificate for a file download from a Red Hat Network (RHN) server, which makes it easier for remote man-in-the-middle attackers to cause a denial of service (loss of updates) or force the download and installation of official Red Hat packages that were not requested.

2.6
2008-08-22 CVE-2008-3775 Folder Lock Cryptographic Issues vulnerability in Folder Lock Folder Lock

Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the password, which allows local administrators to obtain sensitive information by reading and decrypting the QualityControl\_pack registry value.

2.1
2008-08-18 CVE-2008-2937 Postfix Information Exposure vulnerability in Postfix

Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.

1.9