 |
|
|
|
| Wireshark DoS | | Published: |  | 01.06.2009 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 9948 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | Crash on PCNFSD packet parsing. |
| CVE: |  | CVE-2009-1829 (Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets.) |
| VMWare DoS | | Published: | | 01.06.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9950 | | Type: | | local | | Level: | | 3/10 | | Description: | | DoS from virtual machine if Descheduled Time Accounting Service is installed. |
| Affected: |  | VMWARE : VMware Workstation 6.5 | | | | VMWARE : VMware Player 2.5 | | | | VMWARE : VMware ACE 2.5 | | | | VMWARE : VMware Server 2.0 | | | | VMWARE : VMware Fusion 2.0 | | CVE: | | CVE-2009-1805 (Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors.) |
SonicWALL format string vulnerability
updated since 27.05.2009 | | Published: | | 01.06.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9942 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Format stirng vulnerability on server log parsing and during authentication. |
| Linksys WAG54G2 commands injection | | Published: | | 01.06.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9949 | | Type: | | remote | | Level: | | 3/10 | | Description: | | It's possible to inject command via Web interface. |
| Apache protection bypass | | Published: | | 01.06.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9951 | | Type: | | local | | Level: | | 4/10 | | Description: | | Invalid IncludesNOEXEC option processing allows code execution via included .shtml files. |
| Affected: | | APACHE : Apache 2.2 | | CVE: | | CVE-2009-1195 (The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.) |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 01.06.2009 | | Source: | | | | SecurityVulns ID: | | 9952 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
myPHPNuke: SQL injection. |
|
|
|
|
|
|
|
|
