Computer Security
[EN] securityvulns.ru
no-pyccku




31.08.2006
Detailed
8!Multiple libtiff library vulnerabilities
updated since 02.08.2006
document Multiple buffer overflows on TIFF images parsing, endless loop, integer overflows, memory corruption.
 IBM AIX dtterm privilege escalation
   
 HP OpenVMS information leak
document Under some condition user's pasword may be logged by NET$SESSION_CONTROL module.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Lyris ListManager privilege escalation
document Administrator of any mail list can assign any user as an addministrator of any different mail list.
  


30.08.2006
Detailed
7!Microsoft Windows DHCP client buffer overflow
updated since 11.07.2006
document Buffer overflow on DHCP server response parsing.
6!SAP-DB / MaxDB database WebDBM buffer overflow
document Buffer overflow on oversized database name.
 Weak xbiff 2 file permissions
document .xbiff2rc is world-readable, making it's possible to retrieve POP3 / IMAP account password.
 gtetrinet game array index overflow
document Multiple index overflows.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


29.08.2006
Detailed
6!Sendmail long mail header DoS
document Verry long message header causes access to free'ed memory.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


28.08.2006
Detailed
 Sun Solaris pkgadd weak permissions
document 755 or 777 access mode is set if "mode" field of package contains any ?.
 Citrix Metaframe privilege escalation
document Weak permissions for registry key allow user defined DLL to be attacjed to system level process.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Multiple Fuji Xerox Printing Systems security vulnerabilities
document FTP bounce attack, unauthorized Web interface access.
 Streamripper buffer overflow
updated since 25.08.2006
document Buffer overflow on HTTP headers parsing.
 FreeBSD sppp buffer overflow
updated since 24.08.2006
document Buffer overflow on synchronous PPP LCP option parsing.
  


25.08.2006
Detailed
6!SSH Tectia Manager privilege escalation
document User can start unprivileged 'sshd', after "Restart" GUI button is pressed application is restarted with root privileges.
 Sun Java System Content Delivery Server directory traversal
   
 AIX mpvg privilege escalation
document External applications are executed with relative path.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


24.08.2006
Detailed
6!Asteriks PBX / VoIP solution buffer overflow
document Buffer overflow in MGCP inplementation on AUEP message parsing.
 Multiple Wireshark (Ethereal) sniffer security vulnerabilities
document Multiple DoS conditions IPSec ESP dissector off-by-one overflow.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


23.08.2006
Detailed
7!Alt-N MDaemon POP3 server buffer overflow
document Buffer overflow on oversized username with '@' character in USER/APOP command.
6!Multiple Sun Solaris security vulnerabilities
document Privilege escalation with Role-Based Access Control, privilege escalation with 'format' if granted "File System Management" or similar role.
6!Cisco VPN 3000 unauthorized FTP access
document It's possible to remove files and execute some FTP commands without authentication.
6!Linux SCTP privilege escalation
   
 Cisco PIX / Adaptive Security Appliances / Firewall Services Module password reset
document Under some conditions user password can be reset to some known value.
 PowerZip buffer overflow
document Buffer overflow on ZIP archive parsing.
 Cool Messenger Server SQL injection
document SQL injection with username.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 DoS против Symantec Enterprise Security Manager
document Malcrafted request can be used to lockup server and agent.
 AK-Systems terminal unauthorized access
document Passwordless VNC access to device is possible.
 Alt-N WebAdmin directory traversal
document Directory traversal in few applications of administration server.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 21.08.2006
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


21.08.2006
Detailed
8!Multiple Microsoft Windows Server service security vulnerabilities
updated since 11.07.2006
document Kernel mode heap overflow on mailslots processing. Information leak from SMB buffers.
6!Multiple WFTPD FTP server buffer overflows
document Buffer overflows in multiple commands.
 2wire gateways DoS
document Incomplete HTTP request for Web-interface causes device to crash.
 Ichitaro Document Viewer buffer overflow
   
 honeyd honeypot demon DoS
document ARP packets processing DoS.
 Multiple Linux kernel DoS condiotions
document DoS with SG driver, HID0[31] bit clearing problem on PPC970 processors.
 Easy File Sharing FTP Server buffer overflow
document Buffer overflow on oversized USER command.
 RealVNC integer overflow
document Integer overflow in clipboard processing functions readClientCutText()/readServerCutText().
 Apache mod_rewrite buffer overflow
updated since 28.07.2006
document Off-by-one overflow on mod_rewrite LDAP schema if "RewriteEngine on".
  


18.08.2006
Detailed
6!Mac OS X XSan filesystem driver buffer overflow
document Buffer overflow on oversized path.
 IBM AIX setlocale() privilege escalation
   
 HP-UX LP Subsystem DoS
   
 AOL weak permissions
document Application folder has Everyone:Full Control permission.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 DoS против IBM DB2
updated since 11.07.2001
   
 GNU assembler buffer overflow
document Buffer overflow on assembler file compilation.
  


17.08.2006
Detailed
6!Multiple MySQL security vulnerabilities
document Privilege escalation with stored routine, privilege escalation with creating a database with the name different only in case from existing one.
6!IBM eGatherer ActiveX buffer overflow
document Buffer overflow on oversized RunEgatherer method's parameter.
6!Shockwave crossite scripting
updated since 24.07.2006
document Crossite access to cookies and document data is possible.
 Multiple Globus Toolkit grid toolkit vulnerabilities
document Race conditions. Symbolic links problem.
 XFree86 / X11.org integer overflow
document Integer overflow on PCF fonts parsing.
 Multiple Sony Vaio Media Integrated Server security vulnerabilities
document Buffer overflow, durectory traversal.
 Solaris race conditions
document Race condition on netstat or SNMP query during ifconfig causes DoS.
 Multiple Novell eDirectory security vulnerabilities
document Remote Denial of Service, cleartext password in log files.
 Multiple 04WebServer security vulnerabilities
document Crossite scripting, user identification bypass.
 Symantec Veritas NetBackup 6.0 PureDisk Remote Office Edition authentication bypass
   
 HP-UX DoS
document Support Tools Manager DoS, Trusted Mode DoS.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 ShockwaveFlash ActiveX buffer overflow
document Stack overflow (stack memory exhaustion) on oversized hostname in AllowScriptAccess property ftp:// URL.
  


16.08.2006
Detailed
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


15.08.2006
Detailed
7!Multiple Informix security vulnerabilities
updated since 14.08.2006
document Buffer overflow on oversized username. Information leak. Cleartext passwords. Buffer overflows, DoS. CREATE DATABASE privilege escalation. Multiple code execution vulnerabilities. File access.
6!HP OpenView Storage Data Protector code execution
   
 Unauthorized SmartLine DeviceLock disk access
document In specific configuration local user can access content of any logical drive.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 ibmusicbrainz multiple buffer overflows
document Buffer overflow on oversized HTTP hostname and during RDF data parsing.
 Kaspersky Anti-Hacker protection bypass
document Few kinds of ICMP messages are still accepted and replied in stealth mode. It makes it possible system fingerprinting.
  


14.08.2006
Detailed
6!Symantec Backup Exec buffer overflow
document Buffer overflow in internal RPC-based protocol.
6!SquirrelMail WebMail unauthorized access
document By changing internal compose.php variables it's possible to access files of settings of different users.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


11.08.2006
Detailed
 Multiple SAP Internet Graphics Service security vulnerabilities
updated since 11.08.2006
document Buffer overflow and DoS conditions on HTTP requests parsing.
 Netgear FVG318 wireless router with VPN/firewall DoS
document Device crash on large number of TCP packets with invalid checksum.
 Apache for Windows script source code leak
document It's possible to access script code if cgi-bin is within DocumentRoot.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


10.08.2006
Detailed
8!Microsoft Office code execution
updated since 16.06.2006
document hlink.dll and Excel styles vulnerability, vulnerabilities in different record types processing are used to install malicious software in-the-wild.
6!Multiple ArcSoft MMS Composer for PocketPC security vulnerabilities
document Multiple vulnerabilities with DoS and code execution impacts on MMS receiving.
6!MIT Kerberos / Heimdal privilege escalation
updated since 09.08.2006
document setuid()/seteuid() return code is not checked, allowing user to bypass protection by exhausting user limits.
 Sun Solaris DoS
document System panic in drain_squeue() on large number of TCP connections.
 Sun Ray Server Software utxconfig privilege escalation
   
 Macromedia ColdFusion authentication bypass
document Some AdminAPI API functionality is available without authentication.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Multiple MODPlug Tracker/OpenMPT security vulnerabilities
document Few heap and stack based buffer overflows.
 Multiple AlsaPlayer security vulnerabilities
document Multiple buffer overflows.
 ncompress buffer overflow
document Buffer overflow on data extraction.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 08.08.2006
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


09.08.2006
Detailed
9!Microsoft Windows DNS client buffer overflows
updated since 08.08.2006
document Buffer overflows in Winsock API and DNS client code.
8!Microsoft Power Point code execution
updated since 14.07.2006
document mso.dll vulnerability is used for silent malware installation.
7!Microsoft Windows crossite MMC access
updated since 08.08.2006
document Script from Internet/Intranet zone site can access any Microsoft Management Console's object.
7!ClamAV antivirus buffer overflow
updated since 07.08.2006
document Buffer overflow on parsing UPX-compressed PE files.
7!Barracuda Spam Firewall multiple security vulnerabilities
updated since 02.08.2006
document Login.pm Web-interface hardcoded guest account password, /cgi-bin/preview_email.cgi directory traversal.
7!Internet Explorer HTML Help ActiveX buffer overflow
updated since 04.07.2006
document Buffer overflow on oversized 'Image' property. Vulnerability can be used for hidden trojan installation.
7!Multiple Microsoft Internet Explorer and Windows security vulnerabilities
updated since 28.06.2006
document Cross-domain page content access, MSHTA code execution.
6!Linux Ext3 file system NFS DoS
document On malformed UDP packet filesystem is marked as corrupted and is switched to read-only mode.
6!Microsoft Visual Basic for Applications buffer overflow
updated since 08.08.2006
document Buffer oveflow on VBA script parsing.
6!eIQNetworks Enterprise Security Analyzer multiple security vulnerabilities
updated since 26.07.2006
document License manager, syslog server, topology server buffer overflows.
 Novell Groupwise Webaccess crossite scripting
   
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


08.08.2006
Detailed
7!McAfee Subscription Manager ActiveX buffer overflow
document Buffer overflow in McSubMgr.dll marked safe for scripting.
7!RealVNC remote administration unauthroized access
updated since 15.05.2006
document Server doesn't check authentication type choosen by client is allowed.
6!liblesstif symbolic links vulnerability
document Insecure debug files handling in libXm.
6!PHP memory corruption
document sscanf() function past the end of aray writing.
6!CA eTrust Antivirus WebScan ActiveX element buffer overflow
updated since 07.08.2006
document Buffer overflow in "WScanCtl Class" ActiveX object installed during free online antiviral check.
 Imendio Planner format string vulnerability
document Format string vulnerability in filename.
  


07.08.2006
Detailed
6!PHP invalid has table value deletion vulnerability
document Wrong element with same hash value but different class may be removed from hash table.
6!Microsoft Windows GDI32 library integer overflow
document CreateBrushInderect integer overflow on WMF files parsing.
 LHAZ archiver buffer overflow
document Buffer overflow on oversized filename during JZH archives parsing.
 Festalon Nintendo music files player memory corruption
document Memory corruption on playing HES files.
 DConnect Daemon chat server multiple security vulnerabilities
document DoS conditions, format string vulnerabilities.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Eremove mail agent buffer overflow
document Buffer overflow on oversized message.
  


04.08.2006
Detailed
 DHCP daemon DoS
   
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Ruby Safe Level security bypass
updated since 12.07.2006
document "alias" can be exploited to replace safe function, directory access protection bypass. Few potentially dangerous methods are not limited.
  


03.08.2006
Detailed
 Hobbit Monitor directory traversal
document TCP/1984 Hobbit network daemon directory traversal.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Simpliciti Locked Browser protection bypass
document It's possible to escape from jail environment to Windows by using javascript methods.
 Weak PC Tools antivirus permissions
document Permissions for "PC Tools AntiVirus" folder are set to Everyone:Full Control during installation.
 CFS cryptographic file system DoS
document Integer overflow causes daemon to crash.
 HP ProCurve switches DoS
   
  


02.08.2006
Detailed
9!Multiple Mozilla / Firefox / Seamonkey / Thunderbird security vulnerabilities
updated since 27.07.2006
document Multiple vulnerabilities allow unrestricted code execution. Can be used for hidden malware installation.
6!PHP ip2long protection bypass
document Function can return positive result on malformed argument, it can be used to bypass argument validation.
6!Microsoft Windows graphics subsystem DoS
document Gdiplus.dll division by zero on .ICO files parsing.
6!VMWare ESX Server crossite scripting and password leak
updated since 02.06.2006
document Management Interface crossite scripting. Additionally, cleartext password is contained in session cookie and server log files.
6!Fetchmail buffer overflow
updated since 25.07.2005
document Buffer overflow on oversized POP3 UIDL reply.
 Sun Fire T2000 protection bypass
document Incorrect DSA signature verification.
 Safari memory corruption
document Memory corruption in KHTMLParser::popOneBlock().
 Sun Grid Engine buffer overflow
   
 lhaplus buffer overflow
document Buffer overflow on LZH archive header parsing.
 Open Cubic Player buffer overflow
document Multiple buffer overflows.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Symantec On-Demand Agent / Symantec On-Demand Protection protection bypass
document It's possible to access encrypted data.
 ISS BlackICE protection bypass
document It's possible to inject fake pamversion.dll into BlackICE service.
 MySQL MERGE tables privilege escalation
document User may retain acces to MERGE table after access to original table is revoked.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru