30.04.2006 Detailed

resmgr resource manager unauthorized USB resources access   User granted acces to 1 USB device can access any USB device.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

29.04.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

28.04.2006 Detailed

8! Microsoft Internet Explorer memory corruption updated since 23.04.2006   Uninitialized pointer dereference on OBJECT tag processing. Can be used for hidden malware installation.   WinAgents FTFP Server directory traversal   Directory traversal on GET command processing.   SWS web server format string security vulnerability   Few different format string bugs.

Océ 3121 printer DoS

BL4 SMTP server buffer overflow   Buffer overflow on oversized command.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

27.04.2006 Detailed

7! Microsoft Internet Explorer crossite access   Script from one site can access content of the page from different site with mhtml: URI handler. 6! Juniper SSL-VPN JuniperSetup client component buffer overflow   Buffer overflow in JuniperSetup.ocx ActiveX element.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Microsoft Internet Explorer modial dialogs spoofing   It's possible to spoof modal dialog content. This problem is only significant for Windows proir to Windows XP SP2 / Windows 2003 SP1.

SpeedProject multiple archiver buffer overflow updated since 26.11.2005   Buffer overflows on ZIP, ACE and UUEncode formats parsing.

26.04.2006 Detailed

8! Mozilla browsers and mail agents memory corruption   Memory corruption on displaying corrupted HTML tables. Can be used for silent malware installation. 6! Microsoft Outlook information leak   mailto: command processor allow outlook.exe command line modification to include any system file. 6! Multiple DNS servers different security vulnerabilities   Multiple vulnerabilities were discovered with automated testing tool.

6! Cisco VPN 3000 VPN Concentrator Denial of Service updated since 26.01.2006   HTTP traffic parsing DoS.

3COM 2848-SFP switch DoS   Device crash on long DHCP packet.

Sun Solaris libpkcs11 library privilege escalation   Privilege escalation with getpwnam() functions family.

beagle file indexing tool code execution

Multiple IP3 Networks NetAccess security vulnerabilities   SQL injections, unfiltered shell characters, etc.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

abc2ps / abcmidi abc music files to postscript converter buffer overflow updated since 25.04.2006   Buffer overflow on abc format parsing.

25.04.2006 Detailed

Nessus buffer overflow   Buffer overflow on parsing NASL (Nessus Attack Scripting Language) scripts.   dnsmasq DNS forwarder / DHCP server DoS   Crash on parsing malformed DHCP client request.   Multiple Ethereal security vulnerabilities   ~30 errors on parsing different protocols.

Winny P2Pclient buffer overflow

Quick 'n Easy FTP Server buffer overflow   Buffer overflow on oversized command during logging.

Safari MacOS X DoS   Large rowspan number leads to CPU and memory consumption.

iOpus Secure Email protection bypass   Any part of password can be used for decryption.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

24.04.2006 Detailed

6! Gnome gdm race conditions   Race conditions on handling .ICEauthority file.   OpenTTD, Transport Tycoon Deluxe game clone denial of service   Program abort on getting some error codes from client.   Fenice OMS Open Media Streaming Server multiple security vulnerabilities   Buffer overflow on URI parsing, integer overflow on Content-Length.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Privilege escalation in IBM AIX rm_mlcache_file with file overwrite updated since 18.04.2006   Race conditions on temporary file creation.

csDoom / Vavoom / Zdaemon / Doomsday / Skulltag Doom clone game engines multiple vulnerabilities updated since 27.03.2006   Buffer overflows, format string vulnerabilities, DoS confitions.

AIX mklvcopy vulnerability updated since 16.03.2006   Insecure external application execution by relative path.

23.04.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

22.04.2006 Detailed

6! Multiple Symantec Scan Engine network content filtering server security vulnerabilities   Administrative interface passwords are checked on client side, fixed encryption key is used, critical information leak.   SolarWinds free Windows TFTP server directory traversal   Directory traversal with requests like get NUL/....//....//WINNT/win.ini   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

21.04.2006 Detailed

Multiple MacOS X security vulnerabilities   Buffer overflow in BOMArchiveHelper on ZIP archive extraction, multiple security bugs in Safari on HTML and different image formats parsing.   Linux kernel perfmon DoS   Race conditions on mm_struct structure access.   Allied Telesyn AT-9724TS switch DoS   UDP packets flood causes device to fail.

HP StorageWorks Secure Path DoS

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

20.04.2006 Detailed

Linksys RT31P2 SIP DoS   IP telephony hangs on invalid SIP message.   Multiple CiscoWorks Wireless LAN LAN Solution Engine / Cisco User Registration Tool / Cisco Hosting Solution Engine security vulnerabilities updated since 19.04.2006   Crossite scripting, command line escape.

19.04.2006 Detailed

6! Multiple Linux kernel vulnerabilities   Floating-point unit registers information leak, shared memory section elevated access. ip_route_input() multiplcast DoS.   Multiple Cisco IOS XR MPLS pacjets handling security vulnerabilities   Multiple crashes on MPLS traffic processing.   FreeBSD floating-point unit information leak   Internal registers state is not completely saved/restored during context switching.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Symantec Live Update for Macintosh privilege escalation updated since 18.04.2006   suid applications executes external application by relative path.

18.04.2006 Detailed

8! Multiple Firefox / Netscape / SeaMonkey vulnerabilities updated since 14.04.2006   Crossite scripting, memory corruptions, buffer overflows, array overflows, integer overflows. Can be exploited to silently install malware code.   Neon Responder LANsurveyor add-on DoS   Service crash on malformed TCP/4347 packet.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

17.04.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

16.04.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

15.04.2006 Detailed

Sun Java Studio Enterprise weak file permissions   Some files are installed world-writable.   fcheck symbolic links   Insecure temporary file creation.   Avast! antivirus Linux edition symbolic links problem   Insecure temporary file creation.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

14.04.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 14.04.2006   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

13.04.2006 Detailed

7! Novell GroupWise Messenger buffer overflow   TC{/8300 HTTP request oversized Accept-Language header buffer overflow. 6! Multiple NetBSD security vulnerabilities   RNG generator non-random strem generation, DoS conditions. 6! Opera browser integer overflow   Integer overflow on long stylsheet sttribute. Can potentially be used for hidden malware installation.

Amaya HTML editor buffer overflow   Few different stack-based buffer overflows on HTML parsing.

Sybase EAServer information leak   Security credentials are stored insecurely in connection cache.

Adobe LiveCycle security restrictiions bypass   User marked as OBSOLETE can access server.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Multiple Adobe Document Server for Reader Extensions security vulnerabilities   Protection bypass, crossite scripting, session hijacking.

Microsoft Frontpage crossite scripting updated since 11.04.2006

12.04.2006 Detailed

8! Microsoft Windows shell code execution updated since 11.04.2006   COM object can execute code. Can be used for hidden malware installation with Internet Explorer. 8! Microsoft Windows MDAC code execution updated since 11.04.2006   RDS.Dataspace ActiveX object is marked as safe. Can be used for hidden malware installation with Internet Explorer. 6! Microsoft Outlook Express buffer overflow updated since 11.04.2006   Buffer overflow on parsing WAB address book.

6! HP System Management Homepage unauthorized access updated since 01.03.2006

Linux kernel keyring DoS   System crash on invalid __keyring_search_one() argument.

Sun Solaris LDAP client information leak   Command parameters, including password are available from tasks list.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

11.04.2006 Detailed

8! Microsoft Windows system services privilege escalation updated since 01.02.2006   There are several local services SSDP Discovery service, Universal Plug and Play Host service) allow any authenticated user to configure service. It makes it possible to specify executable file and elevate privilege to Local System. Also vulnerable: HP Software: "Pml Driver HPZ12" (HP Printer Laserjet 4200L PCL 6) Audodesk: "Autodesk Licensing Service" Dell Power Managment Software for network cards: "NICCONFIGSVC" Macromedia: "Macromedia Licensing Service" Zonelabs.com TrueVector Device Driver: "vsdatant" C-Dilla Software: "C-DillaCdaC11BA" Macrovision SECURITY Driver (Security Windows NT): "CdaC15BA" Macrovision SECURITY Driver (Security Windows NT): "SecDrv" 6! RealPlayer buffer overflow updated since 23.03.2006   Buffer overflow on SWF files parsing, Web pages parsing, MBC files parsing.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

10.04.2006 Detailed

7! Cyrus SASL library DoS   DoS on DIGEST-MD5 authentication. 7! Multiple ClamAV Clam Antivirus security vulnerabilities updated since 06.04.2006   Integer overflow on PE files parsing, format string vulnerabilitry, unallocated memory access.   fbida symbolic links problem   fbgs script insecure temporary files creation.

xzgv buffer overflow   Heap buffer overflow during JPEG parsing.

Linux kernel sys_timer_create() DoS   Creation of large number of timers causes memory exhaustion and system crash.

Cherokee web server crossite scripting   Crossite scripting on error message.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

09.04.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

07.04.2006 Detailed

HP-UX su vulnerability   Security vulnerability presents if LDAP netgroups are used.   Mailman mailing lists manager crossite scripting         Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

06.04.2006 Detailed

OpenVPN VPN client code execution   Server can transmit environment variables to the clients, including e.g. LD_PRELOAD.   GlobalScape Secure FTP Server buffer overflow updated since 03.05.2005   Buffer overflow on oversized FTP command.

05.04.2006 Detailed

6! Cisco Optical Networking System 15000 series / Cisco Transport Controller / Cisco 11500 Content Services Switch multiple security vulnerabilities   Multiple DoS conditions. 6! Xine / libxine buffer overflow   Buffer overflow on MPEG stream parsing. 6! NOD32 antivirus privilege escalation   Quarantined file can be restored to any location with SYSTEM privileges.

6! HP Color LaserJet 2500 / HP Color LaserJet 4600 drivers information leak   Directory traversal in integrated HTTP server (TCP/5225).

6! Ultr@VNC remote administration client / server buffer overflow   Buffer overflow during logging.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

SMART Technologies SynchronEyes Student and Teacher classroom software DoS   UDP/5496 large packet DoS.

Vypres Chat DoS   It's possible to ban any IP address by malformed mesage.

Kaffeine buffer overflow updated since 26.10.2004   Buffer overflow on Content-Type: parsing.

04.04.2006 Detailed

7! Barracuda Spam Firewall multiple buffer overflows   Buffer overflows on LHA and ZOO archive parsing. 7! McAfee WebShield antivirus format string vulnerability   Format string vulnerability on SMTP address.   Multiple Apache Struts application server security vulnerabilities   Protection bypass, crossite scripting, DoS.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

02.04.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.