Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:01.04.2009
Source:
SecurityVulns ID:9781
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. RotaBanner: crossite scripting.
Affected:ZABBIX : Zabbix 1.6
 SUN : Calendar Server 6.0
 SUN : Calendar Server 6.3
 WEVEDITION : webEdition 6.0
 JOBHUT : JobHut 1.2
 COMMUNITYCMS : Community CMS 0.5
 FAMILYCMS : Family Connection 1.8
 GLFUSION : glFusion 1.1
 MAPSERVER : MapServer 5.2
 MAPSERVER : MapServer 4.10
CVE:CVE-2009-0843 (The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to determine the existence of arbitrary files via a full pathname in the queryfile parameter, which triggers different error messages depending on whether this pathname exists.)
 CVE-2009-0842 (mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to read arbitrary invalid .map files via a full pathname in the map parameter, which triggers the display of partial file contents within an error message, as demonstrated by a /tmp/sekrut.map symlink.)
 CVE-2009-0841 (Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter.)
 CVE-2009-0840 (Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header.)
 CVE-2009-0839 (Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action.)
Original documentdocumentPositron Security, Positron Security Advisory #2009-000: Multiple Vulnerabilities in MapServer v5.2.1 and v4.10.3 (01.04.2009)
 documentrgod, glFusion <= 1.1.2 COM_applyFilter()/order sql injection exploit (01.04.2009)
 documentSalvatore "drosophila" Fresta, Family Connections 1.8.1 Multiple Remote Vulnerabilities (01.04.2009)
 documentSalvatore "drosophila" Fresta, Community CMS 0.5 Multiple SQL Injection Vulnerabilities (01.04.2009)
 documentAdam Baldwin, Zabbix Multiple Frontend CSRF (Password reset & command execution) (01.04.2009)
 documentvuln_(at)_e-rdc.org, [ECHO_ADV_108$2009] JobHut <= 1.2 (pk) Remote Sql Injection Vulnerability (01.04.2009)
 documentjoseph.giron13_(at)_gmail.com, aspWebCalendar Free Edition bug (01.04.2009)
 documentSalvatore "drosophila" Fresta, webEdition 6.0.0.4 Local File Inclusion (01.04.2009)
 documentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server (01.04.2009)
 documentMustLive, New vulnerabilities in RotaBanner (01.04.2009)
Files:glFusion <= 1.1.2 COM_applyFilter()/order sql injection exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod