30.09.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

29.09.2006 Detailed

FiWin SS28S Wi-Fi phones backdoor account   Phone has debug console with telnet access and hardcoded account 1 with password 1.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

28.09.2006 Detailed

6! Multiple OpenSSH security vulnerabilities   Multiple different DoS conditions. 6! IBM AIX utilities multiple security vulnerabilities updated since 26.09.2006   Xclock buffer overflow; utape, cfgmgr, rdist, uucp, snappd, named8 and mkvg privilege escalation; slip.login and Inventory Scout arbitrary file overwrite.   Sun Solaris kernel SSL proxy server DoS

HP-UX CIFS Server privilege scalation

Sun Solaris syslog DoS

NaviCOPA Web Server buffer overflow   Buffer overflow on oversized GET request.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

27.09.2006 Detailed

10! Microsoft Windows / Internet Explorer 0-day vulnerability updated since 20.09.2006   Microsoft Vector Graphics Rendering Library vulnerability is used for hidden malware installation. 6! IpSwitch WS_FTP Server buffer overflow updated since 18.09.2006   Buffer overflow in XCRC, XSHA1, XMD5, Checksum FTP commands.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

26.09.2006 Detailed

Sun Solaris IPv6 DoS         Multiple FreeBSD kernel integer overflow   Integer overflow and signed/unsigned conversion problems in i386_set_ldt().   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

25.09.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   Cisco 7905 SIP/SCCP/H.323 VoIP phone DoS   DoS on dsniff arp spoofing.

23.09.2006 Detailed

ContentKeeper information leak   HTML web administration page contains administrator's password in cleartext.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   Multiple CA eTrust Security Command Center / eTrust Audit security vulnerabilities updated since 22.09.2006   Path disclosure, directory traversal, replay attacks.

22.09.2006 Detailed

9! Multiple Intel Centrino / PROSet / Apple Airport wireless drivers security vulnerabilities updated since 10.08.2006   Multiple vulnerabilities, including local privilege escalation anre remote code execution. 8! Multiple Windows kernel security vulnerabilities updated since 09.08.2006   Buffer overflow vulnerability allows privilege escalation, WinLogon user profile DLL privilege escalation, unhandled exception code execution vulnerability. 6! Multiple Apple QuickTime security vulnerabilities updated since 13.09.2006   Integer overflow on H.264 protocol parsing, heap buffer overflow on parsing FLIC files.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Half-Life / Counter Strike nosteam game servers DoS   Windows dedicated server crashes on HLTV client connect if client versions is <= 27 and LKTV support is enabled (sv_proxies ="1")/

21.09.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 21.09.2006   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   TFTPDWIN TFTP server buffer overflow   Buffer overflow on oversized requested resource filename.   RSA Keyon Manager audit functionality bypass   Log records blocks are independently signed, making it possible to remove whole block without notice. Records are collected locally before being signed and sent to server, making it possible to tamper log entries.

PHP mysql_error() crosssite scripting   Crossite scripting is possible if mysql_error() result is used in application output.

20.09.2006 Detailed

7! Dr.Web antivirus buffer overflow   Buffer overflow on oversized LHA archive directory name. 6! Cisco routers unauthorized SNMP access   Read/write DOCSIS community exists on non-DOCSIS routers.   Cisco Intrusion Prevention System DoS and protection bypass   Malformed SSLv2 handshake DoS, fragmented packets filtering evasion.

Cisco Guard crossite scripting

WS_FTP FTP client buffer overflow   Buffer overflow on PASV command response parsing.

Citrix Access Gateway authentication bypass   Unauthenticated access is possible if Advanced Access Control is used with LDAP authentication.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Multiple OSU httpd security vulnerabilities   Physical path and directory content disclosure.

19.09.2006 Detailed

Busy Box web server directory traversal   Directory traversal with /%2e%2e.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   Linux kernel DoS   Special SO_LINGER value for SCTP socket causes system to crash. ELF loader vulnerability on 64-bit system causes system to crash on malformed ELF binary.

Symantec Antivirus format string security vulnerability updated since 14.09.2006   Format string vulnerability in Virus Alert Notification Message templates.

18.09.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

15.09.2006 Detailed

8! Multiple Firefox / Mozilla / SeaMonkey / Netscape browsers and Thunderbird security vulnerabilities   Memory corruptions, crossite scripting, grame spoofing, RSA signature forgery, Auto update man-int-the-middle attacks. XBL javascript execution with e-mail.   HP-UX X.25 utilities DoS         Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

14.09.2006 Detailed

7! Cisco routers and Catalist switches multiple VTP security vulnerabilities updated since 13.09.2006   DoS, integer overflow and buffer oveflow on VTP (VLAN Trunking Protocol) packets parsing.   HP-UX ARPA Transport Software DoS         OpenView Operations unauthorized access

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Multiple Mailman mail lists manager security vulnerabilities updated since 04.09.2006   Crossite scripting, DoS, log entris spoofing.

Roxio Toast 7 privilege escalation updated since 18.08.2006   External applications are launched with relative path.

13.09.2006 Detailed

9! Multiple Microsoft Internet Explorer security vulnerabilities updated since 08.08.2006   Crossite scripting, crossite information access, FTP commands injection. Vulnerabilities can be used for hidden malware installation. 6! XFree / X.org integer overflows   Multiple integer overflows on Type One fonts parsing.   Multiple Macromedia Coldfusion security vulnerabilities   DoS, crossite scripting, sandbox escaping.

Multiple NetPerformer FRAD ACT security vulnerabilities   Buffer overflow on oversized telnet username, LAND attack vulnerability.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

NetGear routers buffer overflow   Buffer overflow on oversized username in Web interface.

Microsoft Publisher memory corruption updated since 12.09.2006   Memory corruption on .pub files parsing.

12.09.2006 Detailed

Microsoft Windows XP Pragmatic General Multicast memory corruption   Memory corruption on parsing multicast PGM message if Microsoft Message Queuing Services (MSMQ) service is installed.   Linux kernel ULE packet DoS   Crash on receiving packet with zero SNDU length.   Multithreaded TFTP (buffer overflow)   Buffer overflow on oversized TFTP command.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Invalid Lotus Domino Web access sesssion cookie handling   Server accepts session cookie after user logout.

11.09.2006 Detailed

6! PHP Safe Mode protection bypass   By usgin ini_restore function it's possible to clear safe_mode variable.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 11.09.2006   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

09.09.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   UnixWare / Solaris X11R6 buffer overflow updated since 08.09.2006   Buffer overflow in XKEYBOARD extension.

08.09.2006 Detailed

9! ICQ 2003 buffer overflow   Heap buffer overflow on specific messages parsing. 6! Alvila Avast! antivirus buffer overflow   Buffer overflow on LHA archives parsing. 6! Ipswitch IMail SMTP Server code execution updated since 07.09.2006   Stack buffer overflow on oversized hostname string within characters '@' and ':'.

6! Multiple PHP scripting language security vulnerabilities updated since 18.08.2006   "file_exists()", "imap_open()", and "imap_reopen()" function and cURL extension safe mode restriction bypass, buffer overflows in different functions on 64-bit systems, buffer overflow in GD extension on GIFs processing, stripos() out-of-memory reading, Incorrect memory_limit restrictions on 64-bit systems. Buffer overflow in LWZReadByte().

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Multiple ICQ Toolbar vulnerabilities   RSS crossite scripting, web configuration interface remote control.

07.09.2006 Detailed

6! WinACE archiver buffer overflow updated since 09.09.2005   Stack based buffer overflow on ACE archive with oversized filenames inside.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   HP-UX usermod file ownership change   usermod -d <dir> -u <new uid> -m <username> command causes username to became owner for dir directory recursively.

Canon ImageRunner information leak   During address book export with web inteface different password types are visible in cleartext.

Cisco IOS access control lists bypass with GRE   Under some conditions it's possible to create GRE with payload to be forwarded from router's IP.

Windows ZIP folders buffer overflow updated since 13.10.2004   Integer overflow in DynaZip (DUNZIP32.DLL) library on oversized filename in archive.

06.09.2006 Detailed

6! bind DNS server DoS   assert() on multiple RRset records, crash on multiple recursive queries.   AuditWizard information leak   Administrator password is logged into world-readable log file.   Avira AntiVir antivirus privilege escalation   Privilege escalation with chatter attack.

Easy Address Book Web Server format string vulnerability   Format string vulnerability on URI request parsing.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 05.09.2006   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

IBM DB2 database server DoS updated since 18.08.2006   Multiple DoS conditions in database server.

05.09.2006 Detailed

6! Microsoft Word 2000 unknown vulnerability   Unknown security vulnerability is used hor hidden malware installation.   J. River Media Center buffer overflow   Buffer overflow on oversized TCP/8070 port string.   dsocks socksifier buffer overflow   Buffer overflow in name resolution functions.

Alt-N Web Admini MDaemon account hijacking   Administrator of any mail domain can redirect any mail of "MDaemon" system account to any account.

04.09.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   Multiple tor security vulnerabilities updated since 31.08.2006   Maliscious server can cause DoS condition for client or may force client to route traffic to tor network.   OpenLDAP privilege escalation   User with 'selfwrite' ACL parameter can modify any attributes.

02.09.2006 Detailed

GDB GNU debugger buffer overflow   Buffer overflow on DWARF section parsing.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   Linux kernel UDF DoS   System crash on connecting device (USB, CD-ROM) with invalid UDF filesystem.

ISS BlackICE PC Protection DoS updated since 01.09.2006   Invalid NtOpenSection() hook causes sytem to crash if 3rd paramter is NULL.

01.09.2006 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   capi4hylafax code execution         Compression Plus library buffer overflow   Buffer overflow on Zoo archives parsing.

MySQL DoS   Query with multiupdate and subselects can cause database server to crash.