Computer Security
[EN] securityvulns.ru
no-pyccku

  


31.01.2006
Detailed
 git content tracker buffer overflow
document Buffer overflow on oversized symbolic link name.
 perl Mail::Audit library symbolic links problem
document Insecure creation of log file.
 bzip2 bzgrep and gzip zgrep shell characters problem
document Unfiltered characters in filename allow code execution.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 unalz archiver buffer overflow
updated since 28.11.2005
document Buffer overflow on oversized archived file name.
 NetDSL-1000 DSL router telnet server DoS
document Request flood causes telnet service to hang
  


30.01.2006
Detailed
 Pioneers game server DoS
document Oversized chat message causes game server to crash.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Cross Site Cooking attack
document There are few possibilities to set cookie for different site.
  


29.01.2006
Detailed
6!Multiple PHP vulnerabilities
updated since 31.10.2005
document phpinfo() crossite scripting, parse_str() register_globals activisation possibility, $GLOBALS variable modification witrh HTTP POST form 'fileupload' field. It's also possible to modify any variable with GLOBALS[variable].
 Mozilla CSS crossite scripting
document -moz-binding: CSS allows to bind XBL with element and XBL may contains scripts. It may lead to crossite sripting within e.g. webmail.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


28.01.2006
Detailed
 Shareaza peeer-to-peer network client multiple integer overflows
document Multiple integer overflows in different functions.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 libAST buffer overflow
updated since 26.01.2006
document conf_find_file() buffer overflow
  


27.01.2006
Detailed
 net-snmp SNMP package fixproc utility symbolic link problem
document Symbolic links problem on temporary files creation.
 Weak Net::SSLeay perl module encryption
document /tmp/entropy file is used for entropy gathering if no entropy source is specified with EGD_PATH envoronment variable. Attacker can fille file with known data.
 Microsoft Windows MS-DOS applications uninitilized memory access information leak
document Memory is not initialized then allocated for MS-DOS virtual machine. It allows to read data from physical memory.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


26.01.2006
Detailed
6!nfs-server NFS rpc.mountd buffer overflow
document realpath() function buffer overflow. Kernel-level nfs-utils package is not vulnerable.
6!FreeBSD ipfw /pf IP firewall packet filter DoS
updated since 11.01.2006
document Problem with fragmented packets handling.
 exiv2 IPTC library DoS
document sscanf() is used for data wich is not NULL-terminated.
 Sun StorEdge Enterprise Backup / Solstice Backup privilege escalation
   
 Cisco routers IOS TCL privilege escalation
document User can execute any command by switching to TCL (Tool Command Language) mode.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 FreeBSD ioctl kernal memory access
updated since 25.01.2006
document Two vulnerabilities allow to read kernel memory.
 Crossite browsing tracing attacks
updated since 23.01.2003
document Multiple browsing components allow to trace user browsing and to gather different information about user.
  


25.01.2006
Detailed
7!Red Hat Certificate Server / Directory server buffer overflow
   
6!Multiple E-Post Mail Servers vulnerabilities
document SMTP authentication buffer overflow, POP3 APOP authentication buffer overflow, LDAP buffer overflow, IMAP directory traversal and multiple DoS conditions.
6!Kerio WinRoute FireWall multiple DoS conditions
updated since 19.01.2006
document DoS on HTML documents parsing and on oversized Active Directory server reply.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 SquirrelMail Web mail Change Passwd plugin buffer overflow
document Buffer overflow on parsing command line arguments.
  


24.01.2006
Detailed
6!BEA Weblogic application server multiple vulnerabilities
document Database passwords are stored unencrypted in cleartext, log files access, unauthorized MBean access, cleartext password logged on password change, etc.
 OpenSSH scp client unfiltered shell characters
document Unsafe argument (filename) usage in system() call.
 Sun Grid Engine rsh client privilege escalation
   
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 FetchMail mail processor DoS
updated since 23.01.2006
document Error on bounce message generation cause uninitialized memory reference.
  


23.01.2006
Detailed
 lsh SSH server file descriptor leak
document Random generator's seed file is not closed before executing command processor.
 libTIFF TIFF library NULL pointer dereference
document tif_dir.c NULL pointer dereference.
 tor hidden services information disclosure
document It's possible to discover location of hidden service by setting up malicious tor server, accessing hidden service repeatedly and tracking who builds circuits.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


22.01.2006
Detailed
6!KDE libraries / Konqueror buffer overflow
updated since 20.01.2006
document Buffer overflow on Unicode URL parsing within JavaScript processor.
 Hitachi NetInsight II DoS
   
 Hitachi HITSENSER Data Mart Server SQL injection
   
 FileCOPA FTP Server directory traversal
document Directory traversal with Store and Retr commands.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 MySQL information_schema view information leak
document User can discover request used for view regardless of permissions with SELECT * FROM information_schema.views.
  


20.01.2006
Detailed
7!FreeBSD IEEE 802.11 wireless network buffer overflow
updated since 19.01.2006
document Buffer overflow on parsing IEEE 802.11 control frames.
6!Unauthorized ecartis mailing lists manager access
document Attachment sent to -request address is saved to web accessible folder, allowing to put files on the Web server.
 Multiple RockLife MailSite mail server vulnerabilities
document Crossite scripting and DoS.
 tftpd32 TFTP server format string vulnerability
document SEND and GET TFTP commands format string bug.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


19.01.2006
Detailed
6!TippingPoint IPS intrusion prevention system DoS
document Large CPU consumption on HTML documents parsing.
6!F-Secure Antivirus buffer overflow
document Buffer overflow on ZIP archives parsing.
6!Multiple Cisco Call Manager vulnerabilites
document DoS by creating multiple TCP/2000, TCP/2001, TCP/2002, TCP/7727 connections. Administrative Web interface privilege escalation.
 MyDNS DNS server DoS
   
 Dual DHCP DNS Server buffer overflow
document Oversized DHCP option buffer overflow.
 BitCoet peer-to-peer client buffer overflow
document Oversized .torrent file URI buffer overflow.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Cisco IOS Stack Group Bidding Protocol (SGBP) DoS
document Invalid SGBP (UDP/9900) packet can cause router to hang if sgbp group is defined
 Cerberus FTP Server DoS
updated since 23.11.2005
document Request flood causes server to crash.
  


18.01.2006
Detailed
 Linux kernel multiple vulnerabilities
document TwinHan DST Frontend/Card DVB driver buffer overflow, dm-crypt module doesn't clear memory.
 Cisco IOS CDP protocol crossite scripting
document Crossite scripting is possible with CDP status.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Legato Networker multiple vulnerabilities
updated since 18.08.2005
document Security bypass, DoS, information leak, code execution.
  


17.01.2006
Detailed
7!CMU SNMP snmptrapd format string vulnerability
document Format string vulnerability in snmp_input() function.
 AntiWord symbolic links problem
document Word to Postscript document convertation insecure temporary file creation.
 AOL buffer overflow
document Buffer overflow in You've Got Pictures ActiveX Control.
 ZyXel P2000W wireless VoIP phone information leak
document Undocumented TCP/9090 leaks information on phone configuration.
 MPM HP-180W wireless VoIP phone information leak
document Undocumented TCP/9090 leaks information on phone configuration.
 Clipcomm CPW-100E wireless VoIP phone backdoor
document Undocumented TCP/60023 shell access allows remote unauthorized phone control, including calls.
 Senao SI-7800H wireless VoIP phone multiple vulnerabilities
document VxWorks debugger (TCP/17185) access.
 ACT P202S wireless VoIP phone multiple vulnerabilities
document VxWorks debugger (TCP/17185) access, rlogin access.
 CounterPath eyeBeam software SIP IP Phone DoS
document Buffer overflow on oversized SIP packet header name.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Mozilla Thunderbird attachment spoofing
document Filename can be spoofed by using large number of spaces, display icon - with Content-Type header.
  


16.01.2006
Detailed
6!Linux kernel multiple DoS conditions
document Local DoS with netlink_rcv_skb(), few DoS conditions with PPTP NAT.
6!Cisco IP Phones DoS
document Syn-flood causes phone to reload.
6!Perl integer overflow
   
 Sun Solaris lpsched privilege escalation
   
 Multiple Windows wireless adapters WEP protection bypass
document Atacker can force client to downgradte to unencrypted cleartext mode operations.
 Tuxpaint paint program for children symbolic links problem
document Symbolic links problem on temporary files creation (bad guy can overwrite your child's files).
 Linksys VPN routers DoS
document IP packet with invalid IP options causes router to crash.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 mailman mailing lists processor DoS
updated since 14.11.2005
document Scrubber.py fails to process attachment with UTF-8 character in the name and messages with large numbers in dates.
  


15.01.2006
Detailed
6!Novell SUSE Linux Enterprise Server Remote Manager buffer overflow
document Integer overflow on negative HTTP POST Content-Length: paramters leads to 4-bytes heap overflow.
 AmbiCom bluetooth stack / module buffer overflow
document Buffer overflow on oversized filename in PUSH oparation.
 HomeFTP FTP server DoS
   
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


13.01.2006
Detailed
7!ClamAV antivirus multiple vulnerabilities
updated since 04.11.2005
document Buffer overflow on handling FSG and UPX packed files, endless loops on CAB and TNEF files parsing.
 BEA Weblogic application server information leak
document It's possible to retrieve MBean configuration anonymously with JNDI interface.
 Toshiba Bluetooth stack directory traversal
document Directory traversal with filename allows to upload file to any location.
 Multiple PHP extensions vulnerabilities
document mysqli extension format string vulnerability, session extension session id HTTP response splitting.
 Web applications security vulnerabilities (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


12.01.2006
Detailed
7!Multiple Cisco Security Monitoring, Analysis and Response System (CS-MARS) backdoors
document Undocumented account 'pnadmin' with standard password allows remote access to device. Undocumented 'expert' command allow unprivileged user to gain 'root' privileges.
6!PostgreSQL database DoS
document Large number of connections at same time causes fatal error.
 Cisco Aironet wireless access points DoS
document arp-requests flood from wireless interface leads to memory exhaustion.
 Multiple Sun Solaris vulnerabilities
document Different bugs lead to system crash and privilege escalation.
 slsnif serial line sniffer buffer overflow
document Buffer overflow on parsing HOME environment variable.
 Web applications security vulnerabilities (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


11.01.2006
Detailed
10!Microsoft Exchange Server and Microsoft Outlook TNEF messages format buffer overflow
updated since 10.01.2006
document Buffer overflow on parsing TNEF format.
8!Microsoft Windows embedded web fonts memory corruption
updated since 10.01.2006
document Memory corruption on parsing web fonts embedded to HTML page. May be used to install trojans, backdoors or another malware to client computer.
 BlackBerry Enterprise Server PNG files DoS
   
 IronWall webserver directory traversal
document Directory traversal with Обратный путь в каталогах через /.../.
 Web applications security vulnerabilities (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Xmame Multiple Arcade Machine Emulator buffer overflow
updated since 03.06.2003
document Buffer overflow on different command line options parsing.
  


10.01.2006
Detailed
6!Apache auth_ldap authentication module format string vulnerabilities
document Format string vulnerability on error logging.
6!Apache mod-auth-pgsql authorization module format string vulnerabilities
updated since 09.01.2006
document Several format string bugs in error logging.
6!pound reverse proxy / load balancer / HTTPS front-end buffer overflow
updated since 01.05.2005
document Buffer overflow on oversized hostname.
 Sun Solaris uustat buffer overflow
document Buffer overflow in -S option parsing allows privilege escalation to euid uucp.
 Web applications security vulnerabilities (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 BSD systems securelevel protection bypass
updated since 09.01.2006
document By mounting different filesystem it's possible to mask file flagged 'immutable'. It's possible to rollback system tiime by setting it to maximum value.
  


09.01.2006
Detailed
 bogofilter SPAM filter buffer overflows
document Buffer overflows on oversized words and on character sets conversion.
 Web applications security vulnerabilities (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 sudo privilege escalation
updated since 16.11.2004
document few envoronment vaqriables used by bash perl and python are not cleaned.
 SMSTools format string vulnerabilities
updated since 12.03.2002
document Многочисленные ошибки форматной строки.
  


07.01.2006
Detailed
6!Lotus Domino multiple vulnerabilities
document Multiple vulnerabilities, including few buffer overflows.
6!HylaFax enterprise fax system multiple vulnerabilities
document Unauthorized access and privilege escalation are possible.
6!Blue Coat WinProxy proxy server multiple vulnerabilities
document HTTP proxy buffer overflow and DoS, telnet proxy DoS.
 rxvt-unicode weak permissions
document Insecure permissions for few tty devices.
 Web applications security vulnerabilities (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 HP-UX xterm privilege escalation
updated since 15.11.2005
   
 Apple Airport Express / Apple Airport Extreme DoS
updated since 13.01.2005
document Inivalid data to UDP/161 cause device to crash.
  


05.01.2006
Detailed
6!OpenBSD file reopening privilege escalation
   
6!Linux kernel multiple vulnerabilities
document TwinHan DST Frontend/Card buffer overflow,kernel/sysctl.c off-by-one, fib_lookup netlink message memory corruption, set_mempolicy() DoS.
 Web applications security vulnerabilities (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Windows PHP buffer overflow
document mysql_connect() buffer overflow.
  


04.01.2006
Detailed
 Multiple Rockliffe Mailsite mail server vulnerabilities
document IMAP server user enumaration and directory traversal.
 Web applications security vulnerabilities (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 tkdiff diff graphical frontend symbolic links vulnerability
updated since 27.12.2005
document Insecure temporary files creation.
  


03.01.2006
Detailed
6!Multiple AIX multiple vulnerabilities
updated since 16.12.2005
document Buffer overflow in heap debugging, buffer overflows in muxatmd, slocal, file access privilege escalation in getShell and getCommand.
 eFileGo directory traversal
document Directory traversal in TCP/608 Web server.
 File::ExtAttr perl library buffer overflow
document Off-by-one overflow on extended attributes reading.
 Dopewars format string vulnerability
document FOrmat string bug on file logging.
 pinentry PIN entering dialogs application privilege escalation
document sgid wheel is incorrectly set for application.
 Web applications security vulnerabilities (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 NView / XNView multimedia viewer / browser privilege escalation
updated since 30.12.2005
document Dynamic libraries from current directory are loaded on startup.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru