29.04.2009 Detailed

HP-UX useradd privilege escalation         Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 29.04.2009   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

28.04.2009 Detailed

7! Mozilla Firefox / Seamonkey multiple security vulnerabilities updated since 23.04.2009   Memory corruption, same policy origin violation, crossite scripting.   Precidia Ether232 multiple security vulnerabilities   Built-in web server memory corruption andauthentication bypass.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 28.04.2009   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Webglimpse: information leak, crossite scripting, directory traversal, authentication bypass.

27.04.2009 Detailed

7! Aruba Mobility Controller unauthorized access   Vulnerability in SSH key check allows unauthenticated SSH access to device. 7! Samsung cellular phones unauthorized access   SMS Provisioning messages are not authenticated, allowing device configuration, including PIN codes change.   iodinet DoS   DoS on receiving malformed packet.

Juniper Netscreen information leak   /about.html page shows device version information.

24.04.2009 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

23.04.2009 Detailed

9! Sun Java JRE / JDK / Web Start multiple security vulnerabilities updated since 04.12.2008   JNLP may overwrite system properties java.home java.ext.dirs user.home Heap overflow and integer overflow on TrueType fonts parsing, memory corruption on GIF parsing, integer overflow on Pack200 decompression. Multiple sendbox protection bypass vulnerabilities. 6! HP StorageWorks Storage Mirroring multiple security vulnerabilities   Memory corruptions, unauthorized access, DoS.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

HP Storage Essentials unauthorized access   Secure NaviCLI unauthorized access.

22.04.2009 Detailed

FreeBSD libc db functions information leak   Uninitialized memory data can be written to database file.

21.04.2009 Detailed

Trend Micro OfficeScan DoS   Crash during virus scanning on large number of folders with long names.   SLURM privilege escalation   Group privileges are not gropped on external program invocation.   git weak permissions   On the few platforms template files are owned by non-root user.

apt multiple security vulnerabilities   Update problem bacause of unchecked 'date' result. Revoked repository key is incorrectly verified.

20.04.2009 Detailed

8! Microsoft Internet Explorer multiple security vulnerabilities updated since 15.04.2009   Code exexuction, multiple memory corruptions, NTLM relaying.   Linksys WRT54GC wireless routers unauthorized password change   Old password is not required to change password.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

19.04.2009 Detailed

6! udev multiple security vulnerabilities updated since 17.04.2009   Privilege escalation with NETLINK messages, buffer overflow on path encoding.   JBoss directory traversal   Directory traversal in echo/Echo

18.04.2009 Detailed

6! CUPS multipls security vulnerabilities   Vulnerabilities on different formats data parsing. 6! Ghsotscript / XPDF / CUPS pdftops buffer overflow updated since 10.04.2009   Buffer overflow on JBIG2 decoding.   Blackberry Enterprise Server XSS   Blackberries Mobile Data Service Connection Service XSS.

ejabberd crossite scripting   Crossite scripting with server log.

mpg123 signed-unsigned conversion vulnerability   Integer sign mismatch error on ID3 MP3 tags parsing.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

poppler library multiple security vulnerabilities   Few vulnerabilities leading to denial of service.

17.04.2009 Detailed

6! DivX WebPlayer buffer overflow   Integer overflow on video stream chunk parsing leads to buffer overflow.   SAP GUI unauthorized access   KWEdit ActiveX has unsafe SaveDocumentAs() method.   Zervit Webserver buffer overflow   Buffer overflow on oversized resource URI.

Nortel Application Gateway information leak   Web page contains login and password for administrative access.

Danske Bank Danske e-Sec ActiveX buffer overflow   Buffer overflow in logging function.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

IBM AIX muxatmd buffer overflow   Buffer overflow with overszied calling program name.

Apache Geronimo multiple security vulnerabilities   Crossite scripting, directory traversal.

16.04.2009 Detailed

6! MiniWeb Web server multiple security vulnerabilities   Buffer overflow, directory traversal. 6! Microsoft Excel multiple memory corruptions updated since 14.04.2009   Memory corruption on spreadsheet files parsing.   Apache mod_perl crossite scripting updated since 13.04.2009   perl-status crossite scripting.

15.04.2009 Detailed

6! Microsoft ISA Server / Forefront Threat Management Gateway DoS   DoS with TCP connections to reverse HTTP proxy, crossite scripting.

14.04.2009 Detailed

7! Microsoft DirectShow memory corruption   Memory corruption on Motion JPEG files decompression. 6! Microsoft Windows WinHTTP servive multiple security vulnerabilities   Integer overflow, certificate spoofing, NTLM relaying. 6! Microsoft Windows privilege escalation   Privilege escalation with MSDTC, WMI, RPCSS, Windows Thread Pool services.

ntp client buffer overflow   Buffer overflow on NTP server reply parsing.

Mongoose web server directory traversal

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 12.04.2009   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. VBulletin: crossite scripting

13.04.2009 Detailed

PGP Desktop privilege escalation   Multiple vulnerabilities on IOCTL processing.

12.04.2009 Detailed

6! OpenAFS multiple security vulnerabilities   DoS, buffer overflow. 6! VMWare multiple security vulnerabilities updated since 08.04.2009   Multiple DoS conditions, privilege escalations, buffer overflows in VNnc codec.   PHP DoS   Crash on malformed string in JSON_parser.

roundup privilege escalation

Wicd information leak   User can hijack DBus messages intended for Wicd server process.

ftpdmin buffer overflow   RNFR buffer overflow

Chance-i DiViS DVR System multiple security vulnerabilities   Web server directory traversal, ActiveX bufer overflow.

OpenSC protection bypass   It's possible to obtain access to smart card data without entering PIN.

PHP safe mode bypass vulneraebility updated since 24.01.2008   It's possible to access files behind sandbox directory with cURL module.

Microsoft Internet Explorer DoS   Browser hangs while trying to determine charset of the text document with large number of random characters.

HP Deskjet 6800 crossite scripting   Crossite scripting in web interface

10.04.2009 Detailed

6! Cisco ASA Adaptive Security Appliance / Cisco PIX Security Appliance multiple security vulnerabilities   VPN authentication bypass, multiple DoS conditions. 6! EMC Replistor buffer overflow   Integer overflows in system services leads to buffer overflow. 6! Wireshark multiple security vulnerabilities   PROFINET protocol dissector format string vulnerability, Check Point High-Availability Protocol (CPHAP) dissector DoS, .rf5 file parses DoS.

tunapie multiple security vulnerabilities   Unfiltered shell characters vulnerability, symlink vulnerability.

IBM BladeCenter Advanced Management Module multiple security vulnerabilities   Crossite scripting, information leak.

multipath-tools weak permissions   Weak permissions for control socket.

HP ProCurve Manager unauthorized access

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Openads: code execution

Windows ZIP folders buffer overflow updated since 13.10.2004   Integer overflow in DynaZip (DUNZIP32.DLL) library on oversized filename in archive.

GOM Player buffer overflow   Buffer overflow on .srt files parsing.

08.04.2009 Detailed

7! MIT Kerberos 5 multiple security vulnerabilities   Multiple DoS conditions, free() of uninitialized pointer. 6! xinelib library integer overflow   Integer overflow on Quicktime XTTS atom parsing. 6! Novell Netware Client code execution   Invalid pointer dereference on named pipe message parsing.

Apache mod_jk information leak   Under specific conditions reply on client's request may be received by different client.

IrfanView integer overflow   Integer overflow on XPM image parsing.

xpdf code execution   xpdfrc file from current location may be processed.

Asterisk VoIP server user accounts enumeration   Different replies for non-exstant SIP account and invalid password.

07.04.2009 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: information leakage, protection bypass, unauthorized access.   blender / gedit / gnumeric / vim / eog python scripts code execution updated since 17.02.2009   sys.path variable manipulation is possible to load arbitrary modules.   Sun Java System Identity Manager / Access Manager accounts enumeration   Replies for invalid username and invalid password are different.

03.04.2009 Detailed

FortiClient format string vulnerability   Format string vulnerability in VPN connection name allows kernel memory access.   Autodesk IDrop ActiveX multiple memory corruptions   Memory corruptions with different properties.   IBM DB2 DoS   Few security vulnerabilities causing server application to crash.

ContentKeeper unauthorized access   File upload and code execution with web interface.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

01.04.2009 Detailed

7! Cisco IOS multiple security vulnerabilities updated since 26.03.2009   Multiple DoS conditions in TCP, cTCP, Mobile IP/Mobile IPv6, WebVPN, SSLVPN implementations, SCP privilege escalation. 7! Mozilla Firefox / Seamonkey / Thunderbird multiple security vulnerabilities updated since 06.03.2009   Crossite XML access, multiple memory corruptions. 6! Check Point Firewall-1 PKI Web Service buffer overflow   Multiple buffer overflows on HTTP headers parsing.

6! PayPal resource exhaustion   Vulnerability: malicious Web site can cause Denial of Service by forcing user into spending money from his PayPal account to buy different unnecessary things, leading to situation of resource consumption where user can not obtain his daily bread on this day. Workaround: put more money into PayPal account or use cheat codes. Solution: waiting for vendor fix to create official inexhaustible accounts.

MIT Kerberos 5 DoS   NULL pointer dereference on malformed packet.

Openswan / Strongswan DoS   Crash on R_U_THERE or R_U_THERE_ACK packets replay attack.

auth2db SQL injection   SQL injection on multibyte character encodings.

nss-ldapd Weak file permissions   /etc/nss-ldapd.conf flie with LDAP password is world readable.

OpenSSL library BMPString DoS   Crash on UniversalString and BMPString parsing.

Trend Micro Internet Security Pro privilege escalation   tmactmon.sys driver IOCTL processing privilege escalation.

IBM WebSphere Application Server crossite scripting   Multiple crossite scripting possibilities.

SAP SAPDB crossite scripting   Crossite scripting in Web Database engine on TCP/9999 port.

PrecisionID ActiveX unsafe methods   Unsafe SaveBarCode() and SaveEnhWMF() methods allow files overwriting.

UiltraISO multiple security vulnerabilities   Format string vulnerability via image filename. Buffer overflows on different disk image formats prasing.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. RotaBanner: crossite scripting.