Computer Security
[EN] securityvulns.ru
no-pyccku




28.02.2006
Detailed
6!Multiple ArGoSoft Mail Server Pro security vulnerabilities
updated since 24.02.2006
document Information leak with POP3 _DUMP command, directory traversal with IMAP RENAME command, directory traversal and crossite scripting with Web interface.
 Microsoft Internet Explorer IsComponentInstalled buffer overflow
document Problem is fixed in Windows 2000 SP4 / Windows XP SP1.
 Sun Solaris GSFS file system privilege escalation
   
 Thomson SpeedTouch ADSL modems crossite scripting
   
 Mail Transport System Professional open mail relay
document Mail relayed without IP address verification if smart host (ISP relay) is configured.
 NuFW transparent firewall DoS
updated since 29.11.2005
document Service crash on packet parsing, hangs on TLS traffic flood.
  


27.02.2006
Detailed
 Compex Wiriless Access Points DoS
document DoS on UConfig agent packet parsing (UDP/7778).
  


26.02.2006
Detailed
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 ArgoSoft FTP Server buffer overflow
updated since 09.03.2005
document DELE FTP command heap buffer overflow.
  


25.02.2006
Detailed
7!WinAmp player buffer overflow
updated since 30.01.2006
document Buffer overflow on oversized computer name in UNC path of .pls on .m3u file entry. Buffer overflow on oversized WMA playlist file entry. Vulnerability can be exploited for hidden trojan installation.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 SCO Unixware ptrace privilege escalation
updated since 22.02.2006
document ptrace can be attached to suid application.
  


24.02.2006
Detailed
6!Perl Crypt::CBC module weak cryptography
document Invalid Initialization vector generation algorithm for block cyphers with blocks different from 8 bytes (Rijndael).
6!Adobe Macromedia Shockwave ActiveX element buffer overflow
document Buffer overflow in ActiveX element.
6!The Bat mail agent buffer overflow
document Buffer overflow on oversied Subject field.
6!Metamail mail processor buffer overflow
document Buffer overflow on message parsing.
 MUTE file sharing peering networks server spoofing
document By spoofing mWebCache it's possible to make client to connect to specified IP address.
 POPFile mail classification tool DoS
document Service crash on e-mail headers parsing.
 WinAce archiver ARJ archives buffer overflow
document Buffer overflow on oversized ARJ header.
 Visnetic AntiVirus Plug-in for MailServer privilege escalation
document External application choosen by user is invoked with Local System privileges.
 Mozilla Thunderbird code execution
document IFRAME SRC attribute allows javascript execution.
 IPSwitch WhatsUp network managment application DoS
document Malformed requests to Web interface lead to CPU exhaustion.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


22.02.2006
Detailed
8!Multiple Microsoft Windows Media Player vulnerabilities
updated since 15.02.2006
document Buffer overflow on BMP files playing. Buffer overflow on oversized SRC for HTML page with EMBED'ded WMP. May be used for client machine trojaning.
6!Novell Common Authentication Service Adapter buffer overflow
document pam_micasa pre-authentication buffer overflow.
6!MacOS X ZIP archives code execution
document It's possible to set files associations with __MACOSX folder.
 Hauri Virobot antivirus privilege esalation
document Local user can obtain unrestricted access with suid CGI executable.
 Tar tape archiver buffer overflow
document Buffer overflow on extended PAX headers parsing.
 TrueNorth IA eMailserver IMAP server buffer overflow
document Buffer overflow in oversized SEARCH command.
 Multiple Bugzilla bug tracking system security vulnerabilities
document SQL injection cross site scripting.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 PnuPG gpgv / gpg invalid return code
updated since 16.02.2006
document Utility returns 0 status code if no signature found.
  


21.02.2006
Detailed
 Safe'n'Sec host intrusion prevention system privilege escalation
document Unsafe CreateProcess() call allows to spoof application.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


20.02.2006
Detailed
 tin news reader buffer overflow
document Off-by-one buffer overflow.
 Multiple Fedora Directory Server security vulnerabilities
document Administration password is exposed through HTML page, DoS with LDAP.
 EmuLinker NetPlay emulation DoS
document Crash on malformed packet.
 Multiple Xerox WorkCentre vulnerabilities
document Unauthorized access, DoS, crossite scripting, protection bypass.
 NJStar text processor buffer overflow
document Buffer overflow on oversized font name.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


18.02.2006
Detailed
6!Mozilla Thunderbird buffer overflow
document Buffer overflow on oversized LDIF file entry.
 Macallan Mail Solution directory traversal
document Directory traversal in IMAP server.
 libapreq library DoS
document Incorrect functions "apreq_parse_headers()" and "apreq_parse_urlencoded()" implementation.
 Multiple PatchLink Update Server patch management solution vulnerabilities
updated since 18.02.2006
   
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 snort IDS intrusion detection bypass
document Invalid IP packets reassembly allows signatures bypass.
  


17.02.2006
Detailed
 Blue Coat ProxyAV buffer overflow
document Oversized Host: header buffer overflow.
 PunkBuster anti-cheat server format string vulnerability
document Format string bug with "reason" parameter if used with Soldier of Fortune II game.
 D-Link DWL-G700AP wireless access point DoS
document Device crashes on HTTP "GET \n\n" request via web interface.
 BomberClone BomberMan clon game buffer overflow
document Buffer overflow on oversized error message.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


16.02.2006
Detailed
6!SSH SFTP client / server format string vulnerability
document Format string bug on filename logging.
6!PostgreSQL privilege escalation
document With SET ROLE or SET SESSION AUTHORIZATION it's possible to elevate privileges to any database acccount, including superuser or cause database engine crash.
 Sun Solaris in.rexecd privilege escalation
   
 Kadu instant messaging client DoS
document Large number of image send requests causes client to crash and server not to accept any messages from this client.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Multiple SAP Business Connector B2B software vulnerabilities
document Directory traversal, content spoofing.
 Cisco Guard / Cisco Traffic Anomaly Detector authentication bypass
document Users can access device without authentication if TACACS+ is used to authenticate users and no tacacs-server host configured.
 Microsoft Windows Korean IME privilege escalation
updated since 15.02.2006
document Help subsystem is executed with LocalSystem privileges.
 Multiple bluetooth devices and applications DoS (Sony Ericsson, Nokia, etc)
updated since 07.02.2006
document Multiple vulnerabilities discovered with Bluetooth Stack Smasher utility.
 Multiple Stalker Communigate Pro / IBM Lotus Domino / Sun directory server / IBM Tivoli vulnerabilities
updated since 28.01.2006
document Multiple LDAP server vulnerabilities.
 honeyd honeypot detection
document Invalid IP packet reassembly allows system identification.
 ICQ filename spoofing
document A part of filename may be spoofed if file is sent as a part of directory.
  


15.02.2006
Detailed
6!Microsoft Windows WebClient service buffer overflow
document Buffer overflow on RPC based service allows code execution with LocalSystem privileges.
6!Internet Explorer for Windows 2000 WMF files memory corruption
document Memory corruption on Windows MetaFiles parsing.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Microsoft Power Point Temporary Internet Files folder access
document Script within HTML can access Temporary Internet Files folder directly.
  


14.02.2006
Detailed
6!eStara Softphone SIP VoIP phone buffer overflow
updated since 12.01.2006
document Buffer overflow on oversized SIP packet attribute field. Integer overflows and format string bugs.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Microsoft Internet Explorer Drag-and-Drop code execution
updated since 13.02.2006
document By spoofing target window in race period it's possible to install malware in special folder. Vulnerability may be exploited for trojaning user's machine, but requires interaction.
 Microsoft HTML Help Workshop buffer overflow
updated since 06.02.2006
document Buffer overflow on .hhp files parsing.
  


13.02.2006
Detailed
6!D-Link / US Robotics multiple wireless access points DoS
document Fragmented sequential UDP packets causes device to reboot.
 Multiple pam_mysql security vulnerabilities
document DoS and double free() bug.
 HP Systems Insight Manager directory traversal
document Multiple vulnerabilities allow to obtain any file from server.
 FortiGate application level firewall protection bypass
document URL filtering may be bypassed. FTP traffic is not virus checked.
 BlackBerry Enterprise Server buffer overflow
document Buffer overflow on corrupted MS Word attachments.
 SUSE Linux privilege escalation
document Multiple packages are erroneously compiled in a way dynamic libraries are loaded from current directory.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Multiple Hitachi Business Logic vulnerabilities
updated since 27.12.2005
document SQL injection, crossite scripting, etc.
 noweb symbolic links problem
updated since 21.06.2003
document Symbolic links problem on temporary files creation.
  


11.02.2006
Detailed
6!Lotus Notes multiple vulnerabilities
updated since 10.02.2006
document Multiple buffer overflows and directory traversal on handling differnt archives: zip, uue, tar and HTML attachments.
  


10.02.2006
Detailed
 Lotus Domino iNotes client crossite scripting
document Crossite scripting on attached HTML files opening.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


09.02.2006
Detailed
 Adzapper advertisement zapper Squid plugin DoS
document It's possible to create DoS conditions with hugh CPU consumption.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


08.02.2006
Detailed
8!Multiple Mozilla / Firefox / Thinderbird vulnerabilities
updated since 03.02.2006
document Javascript code execution, heap memory corruption with styles, memory corruption with QueryInterface, code execution with XULDocument.persist(), multiple integer overflows, information leak from nsExpatDriver::ParseBuffer(). Silen trojan code installation is potentially possible.
7!Sun Java sandbox protection bypass
document It's possible to bypass sandbox with "reflection" API. This vulnerability can be used for silent trojan installation.
6!Linux kernel ICMP DoS
document record-route or timestamp IP options handling vulnerability.
6!Multiple QNX Neutrino real-time OS vulnerabilities
document libph buffer overflow. phfont race conditions. phgrafx buffer overflow. su buffer overflow. Local DoS. rc.local is world writable. passwd buffer overflow. crttrap relative libraries path. fontsleuth format string bug. libAp buffer overflow.
6!Multiple Lexmark printers software security vulnerabilities
document Remote unauthorized access and local privilege escalation with different printer software components.
6!Counter Strike (Half Life) game servers DoS
document Incomplete client request leads to endless loop.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 crypt_blowfish cryptographic problem
document Salt generation algorithm has high probability of salt duplication.
  


07.02.2006
Detailed
 Peoplesoft People Tools PSCipher() function weak encryption
document Weak DES block cypher without feedback is used.
 Heimdal rshd privilege escalation
   
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Borland C BCB6 compiler / tiny c compiler Invalid sizeof() calculation
updated since 06.02.2006
document Invalid sizeof() calculation for integer during 64-bit code compilation leads to different problems.
  


06.02.2006
Detailed
 The Bat! mail agent headers spoofing
document message/partial format alows to spoof message headers completely, making it impossible to track sender by Received or Message-ID headers.
  


05.02.2006
Detailed
6!Microsoft Internet Explorer 7 beta version buffer overflow
document urlmon.dll <bgsound> tag oversized SRC filename paramter buffer overflow.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


04.02.2006
Detailed
 IBM Tivoli Access Manager directory traversal
document Web server plugin directory traversal.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


03.02.2006
Detailed
6!Symantec Sygate Secure SQL injection
document SQL injection in administration console.
 Multiple Adobe applications weak file permissions
   
 Powersave privilege escalation
   
 IronMail Synflood DoS
   
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 eXchangepop3 POP3 gateway for Microsoft Eschange buffer overflow
document RCPT TO: command stack overflow.
 NetBSD kernfs kernel memory information leak
updated since 10.01.2006
document It's possible to lseek behind file boundary to read arbitrary memory.
  


02.02.2006
Detailed
7!Multiple Computer Associates (CA) products vulnerabilities
updated since 19.01.2006
document DM Primer and CA Unicenter buffer overflows, multiple DM Deployment DoS conditions. iGateway buffer overflow. CA Message Queuing DoS conditions.
6!FreeBSD TCP selective acknowledgment DoS
document Bug in TCP SACK (Selective Acknowledgment) implementation leads to infinit root inside kernel.
6!Using timing attacks to bypass intrusion detection
document It's possible to use difference in timing, for example packet reasembly timeouts, of target system and IDS to bypass detection. As workaround, timing parameters of IDS should be configured to match timing parameters of protected system.
  


01.02.2006
Detailed
7!Multiple PDF parsing library security vulnerabilities
updated since 22.10.2004
document Multiple vulnerabilities including heap corruption, buffer overflows.
6!libpng PNG processing library buffer overflow
document Alpha-channels processing buffer overflow in png_set_strip_alpha().
 Blue Coat ProxySG proxy server protection bypass
document It's possible to bypass target port limitations with HTTP CONNECT method.
 fcron convert-fcrontab buffer overflow
document Heap based buffer overflow on oversized command line.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru