Secunia Advisories

August 5, 2005

Below are the Secunia Security Advisories rated as Highly Critical (or higher) from August 5, 2005.

• Secunia Advisory 16330
  Flatnuke Multiple Vulnerabilities
  • Criticality: High
  • Description: rgod has discovered some vulnerabilities in Flatnuke, which can be exploited by malicious people to conduct cross-site scripting attacks, script insertion attacks, or compromise a vulnerable system.
    1. Input passed to the "bodycolor", "backimage", "theme", and "logo" parameters in "structure.php" isn't properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site. Successful exploitation requires that register_globals is enabled.
    2. Posted news articles are not properly sanitised before being displayed to site administrators. This can be exploited to execute arbitrary script code in the site administrator's browser session in context of an affected site when a malicious news posting is viewed.
    3. Input passed to the "firma" parameter isn't properly sanitised when the user's signature is being saved to the user file (with php extension). This can be exploited to inject and execute arbitrary PHP commands.
    It's also possible to disclose path information.
  • Secunia Advisory: http://secunia.com/advisories/16330/

• Secunia Advisory 16331
  Mandriva update for ethereal
  • Criticality: High
  • Description: Mandriva has issued an update for ethereal. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
  • Secunia Advisory: http://secunia.com/advisories/16331/