Computer Security
[EN] securityvulns.ru
no-pyccku

  


30.04.2007
Detailed
6!Opera buffer overflow
document Buffer overflow on torrent files parsing.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 ActiveGS ActiveX multiple buffer overflows
document Buffer overflows in different components.
  


29.04.2007
Detailed
 IPIX Image Well ActiveX buffer overflow
document Buffer overflow in CreateMediaGroup method.
 Beast privilege escalation
document Unchecked result of setuid() call can be exploited by user with exhausting system resources.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


28.04.2007
Detailed
6!AFFLIB library multiple security vulnerabilities
document Shell characters injections, buffer overflows, format string vulnerabilities, race conditions, etc.
 MyDNS buffer overflow
document Heap buffer overflow on dynamic DNS update request parsing.
 Symantec Norton Ghost multiple security vulnerabilities
document Service Manager buffer oveflow, weak encryption.
 Multiple browsers digest authentication request splitting
document It's possible to inject new line characters to HTTP request headers thorugh username.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


27.04.2007
Detailed
6!Linux and BSD based Unix system IPv6 traffic amplification
document IPv6 routing header allows to set route in a way to trasmit packet for multiple times over the same link.
 Novell eDirectory NCP over IP DoS
document Malformed fragmented request causes service to crash.
  


25.04.2007
Detailed
7!Asterisk multiple security vulnerabilities
document Multiple buffer overflows on T.38 SDP SIP channels parsing. DoS in administration interface. Multiple security vulnerabilities in parsing SIP replies.
 Cisco Network Services NetFlow Collection Engine default account
document Account with hardcoded password is used for NetFlow information gathering.
 HP StorageWorks unauthorized access
   
 3COM TippingPoint intrusion prevension system DoS
document Packets flood to TCP/80 port leads to resources exhaustion.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Apache unfiltered HTTP methods
document HTTP request method is not checked for RFC2616 complience. Under specific conditions it may lead, for example, to crossite scripting.
  


24.04.2007
Detailed
6!PostgreSQL privilege escalation
document By using temporary objects, unprivileged user can execute function with permissions of security-definer.
 Lilnksys SPA941 VoIP phone DoS
document Denial of Service on character with code 255 in SIP INVITE message.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


23.04.2007
Detailed
8!Courier-IMAP shell characters problem
document Invalid usage of XMAILDIR environment variable controlled by attacker thorugh logon request in the scripts courier-imapd.indirect and courier-pop3d.indirect
  


22.04.2007
Detailed
 aMSN messenger denial of service
document Crash on double '{' character to dynamic application port.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 20.04.2007
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


21.04.2007
Detailed
6!Apple Mac OS X RPC portmapper service integer overflow
document Integer overflow during AUTH_UNIX RPC uahtneitcation.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 OpenSSH account enumeration
document S/Key is requested only for existing user account, if S/Key authentication is used.
  


20.04.2007
Detailed
7!Oracle critical patch update
updated since 18.04.2007
document Patch set fixes 36 vulnerabilities in Oracle applications, including 13 vulnerabilities in Oracle database server.
6!eXtremail buffer overflow
document DNS resolver code buffer overflow.
6!WinAmp memory corruption
document Memory corruption on WMV files processing.
6!IBM Tivoli Monitoring Express buffer overflow
document Heap buffer overflow on oversized request to Universal Agent Primary Service (TCP/10110), Monitoring Agent for Windows (TCP/6014), Tivoli Enterprise Portal Server (TCP/14206).
6!Novell Groupwise WebAccess buffer overflow
updated since 20.04.2007
document Stack buffer overflow (stack overrun) during TCP/7205 TCP/7211 HTTP basic authentication on base64 decoding.
 GraceNote CDDBControl ActiveX buffer overflow
document Buffer overflow on oversized proxy configuration paramters.
 Dovecot unauthorized access
updated since 20.04.2007
document zlib plugin allows access to the files behind mail directory.
 BMC Performance Manager unauthorized access
document PatrolAgent.exe TCP/3181 allows SNMP community definition modification.
 BMC Patrol PerformAgent memory corruption
document Buffer overflow on bgs_sdservice.exe TCP/10128 XDR data parsing.
 BlueArc Titan storage server FTP bounce attack
document Bounced port scan is possible.
 Netsprint Toolbar ActiveX buffer overfow
updated since 17.04.2007
document Buffer overflow in isChecked() interface.
 Macrovision InstallAnywhere protection bypass
document It's possible to bypass serial number / password protection.
  


19.04.2007
Detailed
6!IBM WebSphere multiple security vulnerabilities
document Double free() vulnerability, Servlet Engine vulnerabilities.
6!Sun Solaris fragmented IP packets DoS
   
6!liggttpd multiple denial of service conditions
document NULL pointer dereference, infinite loop.
 Roxio CinePlayer ActiveX buffer overflow
document Buffer overflow in SonicDVDDashVRNav.dll.
 Linux AppleTalk DoS
document Denial of Service on AppleTalk frame parsing.
 Wizz RSS Reader Mozilla plugin crossite scripting
document Crossite scripting with RSS feeds.
 TinyMux multiple security vulnerabilities
document Multiple denial of service conditions.
 ScramDisk 4 for Linux privilege escalation
document suid bit is not cleared, it's possible to mount image to system directory.
 lha symbolic links problem
document Symbolic links problem on temporary files creation.
 bftpd FTP server buffer overflow
   
 Python information leak
document strxfrm function leaks memory content.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


18.04.2007
Detailed
 McAfee E-Business Admin Server DoS
document Read access to unallocated memory during authentication.
 McAffee VirusScan antivirus buffer overflow
document Buffer overflow on oversized Unicode filename.
 Sun Java web console format string vulnerability
document Format string vulnerability in libwebconsole_services.so on syslog() call.
  


17.04.2007
Detailed
6!3proxy buffer overflow
document Buffer overflow on parsing transparent HTTP proxy request.
6!DNS birthday attacks
updated since 25.04.2003
document DNS uses 2-bytes message identificator to prevent spoofing attack. The problem is if few same requests came in same time they are forwarded with different IDs from same UDP port. It increases chances to spoof reply (so called birthdey effect: probability that among 60 randomely choosen persons there are 2 with same bithdate is under 95%).
 Gentoo Linux Vixie cron denial of service
document Weak file permissions allows to prevent cron jobs from running via hard links.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 17.04.2007
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Akamai Download Manager ActiveX buffer overflow
document Buffer overflow in MANAGER.DLMCtrl.1 element.
  


16.04.2007
Detailed
6!Adobe Macromedia Flash Player code execution
document *nix platforms code execution.
6!ClamAV antivirus multiple vulnerabilities
updated since 13.04.2007
document Buffer overflow on CAB files parsing, DoS on CHM parsing. PDF files parsing descriptors leak.
 Metamod-P DoS
document Denial of service on oversized list command.
 Quagga bgpd BGP service DoS
updated since 16.04.2007
document Denial of service on BGP UPDATE messages processing.
 bftpd FTP server DoS
document Denial of service on processing GET / MGET commands.
 SecuStick USB flash drive protection bypass
document File access does not dependant on authentication, making it's possible to bypass authentication for file access.
 'file' utility regular expressions DoS
document Large number of LF characters leads to CPU consumption.
 elinks format string vulnerability
document Relative path is used to search text strings (.po) file. It makes it possible to spoof the file and to conduct format string attack.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 FreeRADIUS memory leak
document Memory leak on large number of EAP-TLS requests leads to Denial of Service conditions.
 VCDGear buffer overflow
document Buffer overflow on parsing .cue files.
  


14.04.2007
Detailed
 LANDesk Management Suite buffer overflow
document UDP/65535 alert service bufer overflow.
  


13.04.2007
Detailed
6!Cisco Wireless Control System multiple security vulnerabilities
document Hardcoded unchangable FTP server account, privilege escalation thorugh group membership, information leaks.
6!HP-UX pfs_mountd.rpc PFS file system daemon buffer overflow
document Buffer overflow on UDP datagrams parsing.
 Airodump-ng buffer overflow
document Buffer overflow on 802.11 authentication packet parsing.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Cisco Wireless LAN Controller multiple security vulnerabilities
updated since 13.04.2007
document Default SNMP communities, default passwords, DoS on Ethrenet frames parsing, multiple NPU DoS conditions, WLAN ACLs are lost during reboot.
 eIQnetworks Enterprise Security Analyzer multiple buffer overflows
document Buffer overflow on parsing TCP/10616 ESA Server data.
 Stegano weak cryptography
document Decryption key is stored with data.
 HP Mercury Quality Center multiple security vulnerabilities
updated since 03.04.2007
document SQL injection, ActiveX buffer overflow
  


12.04.2007
Detailed
6!Apache suexec multiple vulnerabilities
document RAce conditions on symbolic links handling, access to partially matched directories, privilege escalation because of absent GID/UID check.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 11.04.2007
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


11.04.2007
Detailed
9!Mltiple MIT Kerberos security vulnerabilities
updated since 04.04.2007
document telnet daemon arbitrary user logon without password, krb5_klog_syslog() buffer overflow, double free() vulnerability.
7!Microsoft Windows memory corruption
updated since 16.12.2006
document CSRSS memory corruption on MessageBox with MB_SERVICE_NOTIFICATION beginning with "\??\".
 IBM AIX drmgr DoS
   
 PulseAudio sound server DoS
document Multiple invalid assert()usage, e.g. on empty request.
 IBM Tivoli Provisioning Manager for OS Deployment DoS
document Invalid handling of HTTP POST multipart/form-data requests to 8080/tcp or 443/tcp ports.
 Multiple phone systems unauthorized voice mail access
document Spoofable Caller ID (CNID) is used for access authentication.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 11.04.2007
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Racoon IPSec key exchange DoS
document It's possible to disrupts established IPSec tunnels.
 Microsoft Windows Virtual DOS machine privilege escalation
document Race conditions allow to overwrite VDM memory zero page.
 Half-Life DoS
updated since 22.04.2003
document Malformed packet causes server to crash.
 Mozilla Grand Paradiso alpha version DoS
document Crash on large numbr of non-existant applets requests.
  


10.04.2007
Detailed
7!Microsoft Agent ActiveX memory corruption
document Buffer overflow on URL parsing.
6!Microsoft Windows Universal PnP memory corruption
document Memory corruption during TCP/2869 and UDP/1900 request processing.
6!Microsoft Content Management Server multiple security vulnerabilities
document Crossite scripting, memory corruption.
6!AOL instant messenger / ICQ directory traversal
document Directory traversal on file receiption.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


09.04.2007
Detailed
6!Microsoft Windows Vista protected process protection bypass
document It's possible to set or remove process protection.
6!Multiple Microsoft Office security vulnerabilities
document Buffer overflows, CPU exhaustion on .doc files parsing.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


08.04.2007
Detailed
6!PHP ext/filter protection bypass
document \n injection is not checked.
6!PHP imap_mail_compose buffer overflow
document Buffer overflow on oversized MIME boundary.
6!man buffer overflow
document Buffer overflow on oversized -H argument.
 SolidWorks ActiveX buffer overflow
document Run methods allows to execute external application.
 PHP memory manager integer overflow
document Integer overflow on large memory allocation.
 PHP msg_receive() integer overflow
document Integer overflow with max_size parameter.
 PHP php_stream_filter_create() buffer overflow
document Off-by-one overflow on the filter name ending with dot.
 Buffer overflow on in PHP sqlite_udf_decode_binary() function
document Buffer overflow on the string with single \0x01 character.
 PHP str_replcae() integer overflow
document Integer overflow on a large number of single char substring occurance.
 PHP gd extension readwbmp() function integer overflow
document Buffer overflow on WBMP image parsing.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Wserve HTTP Server buffer overflow
document Buffer overflow on oversized header in request.
  


06.04.2007
Detailed
7!Multiple Kaspersky Antivirus / Internet Security security vulnerabilities
document Multiple unsafe ActiveX methods allows files uploading from vulnerable host. Buffer overflow on ARJ files parsing. Local driver buffer overflow.
6!NullSoft WinAmp multiple security vulnerabilities
document Multiple memory corruptions in different modules.
6!Mozilla Firefox Firebug extension code execution
document Script can access browser chrome:.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Filtering / protection bypass in Microsoft ASP.NET
document There are multiple ways to bypass filtering functions and conduct crossite scripting attack.
  


05.04.2007
Detailed
6!QT / KJS UTF-8 decoding security vulnerability
document Oversized UTF-8 sequences are not blocking, making it possible to conduct cross-site scripting and directory traversal attacks.
6!Multiple OpenOffice security vulnerabilities
updated since 29.03.2007
document Shell characters problem on document open, code execution.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 05.04.2007
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 SAP RFC library multiple security vulnerabilities
document Buffer overflows, DoS conditions and information leak in TRUSTED_SYSTEM_SECURITY, RFC_START_PROGRAM, RFC_START_GUI, SYSTEM_CREATE_INSTANCE, RFC_SET_REG_SERVER_PROPERTY.
  


04.04.2007
Detailed
10!Microsoft Windows animated cursors buffer overflow
updated since 30.03.2007
document Stack buffer overflow (stack overrun) is actively used for hidden malware installation.
9!Microsoft Windows multiple GDI vulnerabilities
   
7!Multiple vulnerabilities in X.Org X11 server
document Multiple inteer overflows and memory corruptions.
6!Yahoo! Messenger ActiveX buffer overflow
document Buffer overflow in Yahoo.AudioConf control.
6!Microsoft Vista IPv6 multiple security vulnerability
updated since 29.03.2007
document Multiple DoS conditions and spoof possibilities.
 Microsoft Windows DoS with WMF files
document Uninitialized memory reference in system kernel.
  


03.04.2007
Detailed
6!HP OpenView Network Node Manager unauthorized access
   
 ImageMagic buffer overflow
document Buffer overflow on DCM and XWD images processing.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


02.04.2007
Detailed
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


01.04.2007
Detailed
7!Brightstor ArcServe Backup buffer overflow
updated since 08.12.2006
document Buffer overflowы in backup discovery service and tape engine, backup message system.
 Norton Personal Firewall / Norton Internet Security privilege escalation
document Invalid processing of hooked functions parameters.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 ESRI ArcSDE DoS
   
 NetBSD reference ISO protocol implementation multiple security vulnerabilities
document Buffer overflows in different functions.
 Apache mod_perl resource exhaustion
document PATH_INFO environment variable is used in regular expressions without scpeial characters escaping.
 ActSoft DVD-Tools ActiveX buffer overflow
updated since 16.02.2007
document Stack buffer overrun in OpenDVD method within dvdtools.ocx ActiveX class library.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru