Computer Security
[EN] securityvulns.ru no-pyccku


Memcached / MemcacheDB information leak
Published:01.05.2009
Source:
SecurityVulns ID:9881
Type:remote
Threat Level:
3/10
Description:Unauthorized user can obtain information about process memory layout, making code execution protection techniques ineffective.
Affected:MEMCACHED : memcached 1.2
 MEMCACHEDB : memcacheDB 1.2
CVE:CVE-2009-1255 (The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response to a stats maps command and (b) memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain sensitive information such as the locations of memory regions, and defeat ASLR protection, by sending a command to the daemon's TCP port.)
Original documentdocumentPositron Security, Positron Security Advisory #2009-001: Memcached and MemcacheDB ASLR Bypass Weakness (01.05.2009)

LevelOne AMG-2000 multiple security vulnerabilities
Published:01.05.2009
Source:
SecurityVulns ID:9882
Type:remote
Threat Level:
5/10
Description:Device can be exploited as a proxy to access wired network from wireless. Information leak.
Affected:LEVELONE : LevelOne AMG-2000
Original documentdocumentSEC Consult Vulnerability Lab, Proxy bypass vulnerability & plain text passwords in LevelOne AMG-2000 (01.05.2009)

TIBCO SmartSockets buffer overflow
Published:01.05.2009
Source:
SecurityVulns ID:9884
Type:remote
Threat Level:
6/10
Description:Buffer overflow on UDP message parsing.
Affected:TIBCO : SmartSockets 6.8
CVE:CVE-2009-1291 (Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via "inbound data," as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd.)

Symantec WinFax ActiveX buffer overflow
Published:01.05.2009
Source:
SecurityVulns ID:9885
Type:client
Threat Level:
6/10
Description:Buffer overflow in Symantec Fax Viewer Control ActiveX.
Original documentdocumentrgod, Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow exploit (01.05.2009)
Files:Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow exploit (IE7)

Symantec System Center (Symantec Client Security, Symantec Antivirus) code execution
Published:01.05.2009
Source:
SecurityVulns ID:9886
Type:remote
Threat Level:
5/10
Description:Intel File Transfer service allows to execute any program with system privilegees without authentication via TCP/12174.
Affected:SYMANTEC : Symantec AntiVirus 9.0
 SYMANTEC : Symantec AntiVirus 10.0
 SYMANTEC : Symantec AntiVirus 10.1
 SYMANTEC : Symantec Client Security 3.1
 SYMANTEC : Symantec AntiVirus 10.2
 SYMANTEC : Symantec Endpoint Protection 11.0
 SYMANTEC : Symantec Client Security Version 3.0
 SYMANTEC : Symantec Client Security Version 2.0
CVE:CVE-2009-1431 (XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 04.29.09: Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability (01.05.2009)

Symantec Client Security buffer overflow
Published:01.05.2009
Source:
SecurityVulns ID:9887
Type:remote
Threat Level:
6/10
Description:Buffer overflow in TCP/38292 Alert Originator service.
Affected:SYMANTEC : Symantec Client Security 2.0
 SYMANTEC : Symantec AntiVirus 9.0
 SYMANTEC : Symantec AntiVirus 10.0
 SYMANTEC : Symantec AntiVirus 10.1
 SYMANTEC : Symantec Client Security 3.0
 SYMANTEC : Symantec Client Security 3.1
 SYMANTEC : Symantec AntiVirus 10.2
 SYMANTEC : Symantec Endpoint Protection 11.0
CVE:CVE-2009-1430 (Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process.)
Original documentdocumentZDI, ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability (01.05.2009)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:01.05.2009
Source:
SecurityVulns ID:9883
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PROJECTCMS : ProjectCMS 1.0
 LEAPCMS : Leap CMS 0.1
Original documentdocumenty3nh4ck3r_(at)_gmail.com, MULTIPLE REMOTE VULNERABILITIES--Leap CMS 0.1.4--> (01.05.2009)
 documenty3nh4ck3r_(at)_gmail.com, SQL INJECTION (SQLi) VULNERABILITY--ProjectCMS v1.0 Beta Final--> (01.05.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod