Internet / Network Security

  1. Home
  2. Computing & Technology
  3. Internet / Network Security

Secunia Advisories

September 4, 2006

By Tony Bradley, CISSP-ISSAP, About.com

Below are the Secunia Security Advisories rated as Highly Critical (or higher) from September 4, 2006.

  • Secunia Advisory 21738
    php-revista Multiple Vulnerabilities
    • Criticality: High
    • Description: Sirdarckcat has reported some vulnerabilities in php-revista, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, bypass certain security restrictions, and compromise a vulnerable system.
    • Secunia Advisory: http://secunia.com/advisories/21738/

  • Secunia Advisory 21743
    CR64Loader ActiveX Control Buffer Overflow Vulnerability
    • Criticality: High
    • Description: CERT/CC has reported a vulnerability in CR64Loader ActiveX Control, which can be exploited by malicious people to compromise a user's system.

      The vulnerability is caused due to an unspecified boundary error and can be exploited to cause a buffer overflow when e.g. visiting a malicious website.

    • Secunia Advisory: http://secunia.com/advisories/21743/

  • Secunia Advisory 21746
    MyBace Light Skript File Inclusion Vulnerabilities
    • Criticality: High
    • Description: Philipp Niedziela has discovered some vulnerabilities in MyBace Light, which can be exploited by malicious people to compromise a vulnerable system.

      Input passed to the "hauptverzeichniss" parameter in includes/login_check.php and "template_back" parameter in admin/login/content/user_daten.php is not properly verified before being used to include files. This can be exploited to execute arbitrary PHP code by including files from local or external resources.

    • Secunia Advisory: http://secunia.com/advisories/21746/

  • Secunia Advisory 21749
    SUSE Update for Multiple Packages
    • Criticality: High
    • Description: SUSE has issued an update for multiple packages. These fix some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, or by malicious people to conduct SQL injections attacks, cause a DoS (Denial of Service), bypass certain security restrictions, and compromise a vulnerable system.
    • Secunia Advisory: http://secunia.com/advisories/21749/

  • Secunia Advisory 21756
    FlashChat "dir[inc]" File Inclusion Vulnerabilities
    • Criticality: High
    • Description: NeXtMaN has reported some vulnerabilities in FlashChat, which can be exploited by malicious people to compromise a vulnerable system.

      Input passed to the "dir[inc]" parameter in inc/cmses/aedatingCMS2.php and inc/cmses/aedating4CMS.php is not properly verified before being used to include files. This can be exploited to include files from local or external resources.

    • Secunia Advisory: http://secunia.com/advisories/21756/

Explore Internet / Network Security

More from About.com

Browse All About.com

Internet / Network Security

  1. Home
  2. Computing & Technology
  3. Internet / Network Security
  4. Security Bulletins
  5. Secunia Advisories
  6. Secunia Advisories - September 4, 2006

©2008 About.com, a part of The New York Times Company.

All rights reserved.