 |
|
|
|
| Memcached / MemcacheDB information leak | | Published: |  | 01.05.2009 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 9881 | | Type: |  | remote | | Level: |  | 3/10 | | Description: |  | Unauthorized user can obtain information about process memory layout, making code execution protection techniques ineffective. |
| Affected: |  | MEMCACHED : memcached 1.2 | | | | MEMCACHEDB : memcacheDB 1.2 | | CVE: |  | CVE-2009-1255 (The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response to a stats maps command and (b) memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain sensitive information such as the locations of memory regions, and defeat ASLR protection, by sending a command to the daemon's TCP port.) |
| LevelOne AMG-2000 multiple security vulnerabilities | | Published: | | 01.05.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9882 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Device can be exploited as a proxy to access wired network from wireless. Information leak. |
| TIBCO SmartSockets buffer overflow | | Published: | | 01.05.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9884 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow on UDP message parsing. |
| Affected: | | TIBCO : SmartSockets 6.8 | | CVE: | | CVE-2009-1291 (Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via "inbound data," as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd.) |
| Symantec WinFax ActiveX buffer overflow | | Published: | | 01.05.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9885 | | Type: | | client | | Level: | | 6/10 | | Description: | | Buffer overflow in Symantec Fax Viewer Control ActiveX. |
| Symantec System Center (Symantec Client Security, Symantec Antivirus) code execution | | Published: | | 01.05.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9886 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Intel File Transfer service allows to execute any program with system privilegees without authentication via TCP/12174. |
| Symantec Client Security buffer overflow | | Published: | | 01.05.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9887 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow in TCP/38292 Alert Originator service. |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 01.05.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9883 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
|
|
|
|
|
|
|
|
