 |
|
|
|
netatalk shell characters vulnerabilities
updated since 18.01.2009 | | Published: |  | 01.02.2009 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 9596 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | Shell characters vulnerability on PostScript print jobs processing. |
| Affected: |  | NETATALK : netatalk 2.0 | | CVE: |  | CVE-2008-5718 (The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Title.) |
| MediaMonkey buffer overflow | | Published: | | 01.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9639 | | Type: | | local | | Level: | | 4/10 | | Description: | | Buffer overflow on .m3u files parsing. |
| HP Select Access crossite scripting | | Published: | | 01.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9636 | | Type: | | remote | | Level: | | 5/10 |
sudo privilege escalation
updated since 01.02.2009 | | Published: | | 01.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9637 | | Type: | | remote | | Level: | | 6/10 | | Description: | | It's possible to elevate privileges to root even if configured to run under different account. |
| Affected: | | SUDO : sudo 1.6 | | CVE: | | CVE-2009-0034 (parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.) |
| EleCard MPEG PLAYER buffer overflow | | Published: | | 01.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9640 | | Type: | | local | | Level: | | 4/10 | | Description: | | Buffer overflow on .m3u playlists parsing. |
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 28.01.2009 | | Published: | | 01.02.2009 | | Source: | | | | SecurityVulns ID: | | 9622 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
WP-Upload Manager 1.0: SQL injection, crossite scripting. |
| Affected: | | TYPO3 : TYPO3 4.0 | | | | OPENX : OpenX 2.6 | | | | WORDPRESS : WP-Upload Manager 1.0 | | | | MZBSERVICES : Max.Blog 1.0 | | | | WBNEWS : WB News 2.0 | | | | CONPRESSO : ConPresso CMS 4.07 | | CVE: | | CVE-2009-0291 (Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the MAX_type parameter.) | | | | CVE-2009-0258 (The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line indexer.) | | | | CVE-2009-0257 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) content of indexed files to the (a) Indexed Search Engine (indexed_search) system extension; (b) unspecified test scripts in the ADOdb system extension; and (c) unspecified vectors in the Workspace module.) | | | | CVE-2009-0256 (Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication.) | | | | CVE-2009-0255 (The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for attackers to crack the key.) | | | | CVE-2008-3358 (Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document.) |
| Original document |  | Salvatore "drosophila" Fresta, Max.Blog <= 1.0.6 (offline_auth.php) Offline Authentication Bypass (01.02.2009) |
| | | DEBIAN, [SECURITY] [DSA 1711-1] New TYPO3 packages fix remote code execution (28.01.2009) |
| | | Martin Suess, SAP NetWeaver XSS Vulnerability (28.01.2009) |
| | | office_(at)_hackattack.at, [HACKATTACK Advisory 25012009]ConPresso CMS 4.07 - Session Fixation, XFS, XSS (28.01.2009) |
| | | arash.setayeshi_(at)_gmail.com, Lootan(kedor) Sql Injection vulnerability (28.01.2009) |
| | | arash.setayeshi_(at)_gmail.com, LDF Sql injection vulnerability (28.01.2009) |
| | | HACKERS PAL, WB News v2.0.X Remote File include .. (28.01.2009) |
| | | admin_(at)_bugreport.ir, NewsCMSlite Insecure Cookie Handling (28.01.2009) |
| | | SECUNIA, Secunia Research: OpenX Multiple Vulnerabilities (28.01.2009) |
| | | admin_(at)_elites0ft.com, OpenX 2.6.3 - Local File Inclusion (28.01.2009) |
| | | Salvatore "drosophila" Fresta, Max.Blog <= 1.0.6 (show_post.php) SQL Injection Vulnerability (28.01.2009) |
| | | Salvatore "drosophila" Fresta, Max.Blog <= 1.0.6 (submit_post.php) SQL Injection Vulnerability (28.01.2009) |
| | | MustLive, Vulnerabilities in WP-Upload Manager for WordPress (28.01.2009) |
Enomaly ECP / Enomalism symbolic links vulnerability
updated since 01.02.2009 | | Published: | | 17.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9638 | | Type: | | local | | Level: | | 5/10 | | Description: | | Insecure temporary files creation. |
| Affected: | | ENOMALY : Enomaly ECP 2.1 | | CVE: | | CVE-2009-0390 (Argument injection vulnerability in Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program.) | | | | CVE-2008-4990 (Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file.) |
Novell GroupWise WebAccess crossite scripting
updated since 01.02.2009 | | Published: | | 29.05.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9641 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Multiple crossite scripting and request forgery vulnerabilities. |
| Affected: | | NOVELL : GroupWise WebAccess 7.0 | | CVE: | | CVE-2009-1635 (Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to inject arbitrary web script or HTML via (1) the User.lang parameter to the login page (aka gw/webacc), (2) style expressions in a message that contains an HTML file, or (3) vectors associated with incorrect protection mechanisms against scripting, as demonstrated using whitespace between JavaScript event names and values.) | | | | CVE-2009-0273 (Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other vectors involving (3) HTML e-mail and (4) HTML attachments.) | | | | CVE-2009-0272 (Cross-site request forgery (CSRF) vulnerability in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allows remote attackers to insert e-mail forwarding rules, and modify unspecified other configuration settings, as arbitrary users via unknown vectors.) |
|
|
|
|
|
|
|
|
