Computer Security
[EN] securityvulns.ru no-pyccku



30.06.2006
Detailed
8!Multiple OpenOffice security vulnerabilities
document BASIC macro auto launch without user intercation, Java applet sandbox protection bypass, XML parsing buffer overflow.
7!MacOS X launchd formatstring vulnerabilitiy
document Format string vulnerability on syslog() call.
6!PatchLink Update Server / Novell ZenWorks multiple security vulnerabilities
document SQL injections, unauthorized access.
6!Cisco wireless access points unauthorized access
document It's possible reset access point security settings to defaults.
6!Novell GroupWise unauthorized access
document Windows Client API allows non-authorized email access within the same authenticated post office.
6!lipbng buffer overflow
   
 Apple OpenDirectory DoS
document slapd assert() on malformed bind request.
 Siemens Speedstream wireless routers unauthorized access
document UPnP unauthorized access.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 30.06.2006
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 mutt mail agent buffer overflow
document Buffer overflow on parsing IMAP server reply.
 Asterisk IAX2 VoIP PBX and multiple IAX clients DoS
updated since 07.06.2006
document DoS on IAX2 channel processing.
  


29.06.2006
Detailed
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 CA Integrated Threat Management, eTrust Antivirus, eTrust PestPatrol format string vulnerability
updated since 28.06.2006
document Format string bug in job description field.
  


28.06.2006
Detailed
6!Multiple Wireless Control System vulnerabilities
document Configuration access, unauthorized device access, crossite scripting.
6!Lotus Domino DoS
document Invalid vCal meeting request causes 100% CPU utilization.
 Opera SSL certificate spofing
document After file download dialog for SSL enabled site page is incorrectly shown as SSL protected with SSL certificate of downloaded file.
 libgd /libwmf graphics library infinite loop
document Infinite loop in GIF data LZW decoding.
 MailEnable DoS
document SMTP HELO command with non-ASCII character causes service to crash.
 Quake 3 multiple vulnerabilities
document Server can upload any file to client's home directory bypassing file sxtension limitations if Automatic Downalods function enable. Buffer overflow.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


27.06.2006
Detailed
6!HashCash antispam token generator array overflow
document Heap array overflow.
 BitchX / epic IRC client integer overflow
document Integer overflow on parsing server banner.
 OpenLDAP slurpd buffer overflow
document Buffer overflow on oversized hostname during replication.
 GlobeTrotter Mobility Manager security protection bypass
document It's possible to bypass keylogging protection by making screenshots.
 EnergyMech IRC bot DoS
document Crash on empty CTCP NOTICE message.
 ARX PrivateWire security toolbox buffer overflow
document Online Registration Facility oversized GET request buffer overflow.
 PHP Safe Mode protection bypass
document error_log allows restricted files access.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 pinball privilege escalation
document Shared library is loaded from current directory.
 Mozilla Network Security Services library memory leak
updated since 23.06.2006
document 256 bytes are leaked on every RSA cryptographic operation.
  


25.06.2006
Detailed
 BotDetect ASP.NET CAPTCHA security protection bypass
document It's possible to bypass protection by using replay attacks.
 Trend Micro Control Manager crossite scripting
document It's possible to inject script into username.
 HP-UX DoS
   
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Microsoft Windows Live Messenger buffer overflow
document Heap overflow on .ctt file import.
  


23.06.2006
Detailed
6!Real Helix RTSP Server memory corruption
document Heap memory corruption on HTTP headers parsing.
6!Opera integer overflow
document Integer overflow leads to buffer overflow on space allocation for JPEG image.
 Cisco Secure ACS weak authentication
document After authentication user is redirected to dynamic port. Authentication is perfomed only by target port and client IP address.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


22.06.2006
Detailed
7!WinAMP buffer overflow
document Buffer overflow on MIDI files playing.
6!Microsoft Internet Explorer filtering protection bypass
document For ASCII codepage 8-bit text is converted to 7-bit. It makes it possible to bypass content filters with 8-bit characters within ASCII encoded text.
6!Multiple MailSweeper MIMESweeper mail filters security vulnerabilities
document DoS conditions, filtering bypass.
6!Opera 9 buffer overflow
document Buffer overflow on oversized HREF.
 MiMMS streaming media download utility buffer overflow
document Buffer overflow on reading data from server.
 NetPBM pamtofits buffer overflow
document Off-by-one buffer overflow on input file parsing.
 Jaguarsoft JEdit ActiveX information leak
document It's possible to retrieve sensitive information about user's computer.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 GnuPG memory corruption
document Memory corruption on message packet with a large length.
  


21.06.2006
Detailed
6!Toshiba bluetooth stack buffer overflow
document "BlueSmack" attack (L2CAP echo request large payload) causes buffer overflow.
 Cisco CallManager crossite scripting
   
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


19.06.2006
Detailed
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


18.06.2006
Detailed
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Cisco Secure ACS crossite scripting
document LogonProxy.cgi crossite scripting.
 HP-UX Support Tools Manager
   
  


17.06.2006
Detailed
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 17.06.2006
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


16.06.2006
Detailed
6!Microsoft Windows SMB/CIFS privilege escalation
updated since 13.06.2006
document MRxSmbCscIoctlOpenForCopyChunk buffer overflow. In additions, there are DoS vulnerabilities not covered by MS06-30.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


15.06.2006
Detailed
6!KDE kdm symbolic links problem
document Suid root application tries to read configuration from ~/.dmrc file without checking for symbolic links. It makes it possible to read few trings from any file with symbolic link.
6!Kaspersky Antivirus multiple vulnerabilities
document Unsafe kernel mode components implementation leads to Denial of Service and potentially to privilege elevation. Most serious problem is user mode code can access kernel memory.
6!Sendmail multipart messages DoS
document High recurscion level in multipart MIME messages causes stack overflow (exhaustion, not overrun).
 IBM DB2 Universal Database multiple denial of service conditions
   
 Sun iPlanet symbolic links problem
document pipe_master suid root application tries to read configuration from msg.conf file with relative path without checking for symbolic links. It makes it possible to read few trings from any file with symbolic link.
 MySQL DoS
document "select str_to_date( 1, NULL );" request causes database server to crash.
 PicoZip zipinfo.dll buffer overflow
document Buffer overflow on oversized filenames in different archivers formats.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 dhcdbd memory corruption
document Invalid server response lead to memory corruption.
  


14.06.2006
Detailed
9!Microsoft Windows RRAS Service buffer overflow
updated since 13.06.2006
document Buffer overflows in service RPC interface. May be used by network worm.
9!Windows ICMP DoS (potential code execution)
updated since 09.02.2006
document Buffer overflow on ICMP packets with Loose Source and Record Route IP options. Short message translation: There are DoS conditions in Windows 2000 built-in NAT server. Tested configuration: Windows 2000 English Standard/Advanced Service Pack 4 + Update Rollup 1 for Service Pack 4 with NAT server enabled. While routing packets with options "Loose Source and Record Route" defined by RFC 791 through server, Windows crashes to BSOD with error in tcpip.sys or ntoskrnl.exe, or system hangs or system began instable work. It doesn't metter if packets are from internal or external networks. Use attached script to test vulnerability. On Windows 2003 problem doesn't present. It's also likely same problem to present in Windows 2000 + ISA 2000. Code execution is potentially possible.
8!Multiple Microsoft Internet Explorer security vulnerabilities
updated since 13.06.2006
document Multiple memory corruptions, address bar spoofing, cross-frame data access. May be used for hidden malware installation.
7!Windows Media Player PNG files buffer overflow
updated since 13.06.2006
document Buffer overflow on PNG files processing.
6!Microsoft Exchange Outlook Web Access crossite scripting
updated since 13.06.2006
document Crossite scripting on message reading.
 Microsoft Windows 2000 RPC spoofed server attack
document Mutual authentication is not actually performed.
 Microsoft Windows 2000 AOL Image Support Update ART images buffer overflow
updated since 13.06.2006
document Buffer overflow on ART images processing.
  


13.06.2006
Detailed
9!Microsoft Word memory corruption
updated since 20.05.2006
document Malform—É–≤ object pointer memory corruption is used in-the-wild for malware distribution.
8!Microsoft JScript (Internet Explorer) memory corruption
document Memory corruption on objects release. May be used for hidden malware installation.
8!Symantec multiple security applications buffer overflow
document Buffer overflow in remote management interface (TCP/2967).
7!Microsoft Power Point memory corruption
document Memory corruption can be used for hidden malware installation.
 Multiple FAST360 Appliance security vulnerabilities
document DNS requiest processing DoS, HTTP filtering bypass.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


12.06.2006
Detailed
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Gentoo Linux JPEG library DoS
document Compilation option to limit amount of available memory is not turned on allowing memory exhaustion attacks.
  


11.06.2006
Detailed
 CesarFTP buffer overflow
document Buffer overflow in MKD FTP command.
 WinSCP URI handler command execution
document scp:// and sftp:// URI handlers allow to transmit unsafe paramters via command line.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


10.06.2006
Detailed
 Overkill game DoS
document Zero byte to game server port leads to crash.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


09.06.2006
Detailed
 HP-UX Secure Shell DoS
   
 HP OpenView Storage Data Protector unauthorized access
document Arbitrary command execution is possible.
 gdm (Gnome Desktop Manager) privilege escalation
document Unprivileged user can access gdm configuration if face browser feature is on.
 Mathcad Password weak encryption
document Area password is stored in base64.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Microsoft Windows software restriction policy protection bypass
document By using RunAs function it's possible to launch any application.
  


08.06.2006
Detailed
6!Courier mail server DoS
document Infinite loop if recipient name contains '=' before '@'.
6!PostgreSQL / MySQL extended character sets SQL injections
updated since 25.05.2006
document It's possible to use character different from quote sign in different encodings.
 Sun Grid Engine unauthorized access
document It's possible to shut down grid service without authentication.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


07.06.2006
Detailed
7!WinGate proxy server buffer overflow
document Buffer overflow on oversized POST request.
 Multiple Ingate Firewall / SIParator vulnerabilities
document Crossite scripting, denial of service.
 TIBCO Rendezvous messaging software buffer overflow
document Buffer overflow in web administration interface.
 Microsoft NetMeeting memory corruption
   
 Unauthorized D-Link DWL-2100ap wireless access points access
document It's possible to retrieve configuration via Web interface with request like http://dlink-DWL-2100ap/cgi-bin/Intruders.cfg.
 libgd graphical library DoS
document gdImageCreateFromGifPtr() GIF decoding infinite loop.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 07.06.2006
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


06.06.2006
Detailed
7!Spamassassin spam filtering engine code execution
document Code execution is possible with malformed message if spamd is executed with options -v and -P.
 SUN Storage Automated Diagnostic Environment weak permissions
   
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


05.06.2006
Detailed
 Quake 3 game engine buffer overflow
document Buffer overflow on oversized compressed packet.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


03.06.2006
Detailed
9!Multiple Mozilla / Firefox / Thunderbird / Netscape / Seamonkey security vulnerabilities
updated since 02.06.2006
document Localzone scripting with code execution, memory corruption, HTTP response splitting, array overflow, javascript filtering bypass.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 SNORT HTTP request rules bypass
updated since 02.06.2006
document It's possible to traverse all HTTP rules by using CR ('\r') as a space characters in requests.
  


02.06.2006
Detailed
6!FreeBSD ypserv NIS access protection bypass
document /var/yp/securenets access control restrictions do not work.
6!Linux / FreeBSD kernel SMBFS/CIFSFS chroot restriction bypass
updated since 28.04.2006
document It's possible to traverse chroot directory.
 Avast! antivirus code execution
   
 F-Secure antiviruses Web console buffer overflow
   
 IBM DCE Kerberos DoS
   
 Weak xmcd security permissions
document xmcdconfig creates workd-writable file allowing DoS attacks to fill file system.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


01.06.2006
Detailed
 Secure Elements Class 5 AVR multiple security vulnerabilities
document Sensitive information disclosure and spoofing, protection bypass, DoS, unauthorized system access.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod