Computer Security
[EN] securityvulns.ru no-pyccku



31.10.2005
Detailed
 SCO OpenServer RPC protocol DoS
document RPC service hangs on invalid RPC BIND request.
  


29.10.2005
Detailed
6!chmlib Microsoft HTML Help IITS files parsing library buffer overflow
updated since 26.10.2005
document Multiple buffer overflow in dufferent parsing.
 Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 24.10.2005
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


28.10.2005
Detailed
 SELinux PAM passwords bruteforcing
document There is no delay or logging for invalid password in unix_chkpwd utility.
 Multiple gnump3d MP3 streaming server (multiple vulnerabilities)
document Crossite scriptin, directory travrsal.
 Novell ZENworks Patch Management Server SQL injection
   
 fetchmail fetchmailconf race conditions
updated since 24.10.2005
document During configuration file creation there are race conditions file is world readable.
  


27.10.2005
Detailed
8!IMAP UW mail server buffer overflow
updated since 05.10.2005
document Buffer overflow on oversized quoted string in mailbox name.
 HP-UX lpd buffer overflow (outdated)
document Buffer overflow on LPR protocol parsing.
  


26.10.2005
Detailed
6!skype URL handling buffer overflow
updated since 25.10.2005
document skype:// and callto:// URLs buffer overflows.
 Gnome libgda library format string vulnerabilities
   
 Symantec Discovery unauthorized database access
document Few accounts with empty passwords are created during installation.
  


25.10.2005
Detailed
6!Network Applience network storage devices iSCSI authentication bypass
document It's possible to start Full Feature iSCSI mode without prior authentication.
 BMC Control M enterprise scheduling system agent symbolic links problem
document Insecure creation of temporary directory.
 SCO OpenServer authsh / backupsh buffer overflow
updated since 21.10.2005
document Buffer overflow in /usr/lib/sysadm/authsh, /usr/lib/sysadm/backupsh allow to gain egid backup.
 SCO Unixware ppp buffer overflow
updated since 21.10.2005
document Buffer overflow in /usr/bin/ppptalk.
  


24.10.2005
Detailed
 mgdiff diff graphical interface symbolic links problem
document viewpatch script insecure temporary files creation.
 PHP Apache configuration files DoS
document Server crashes on invalid .htaccess 'php_value session.save_path' value.
  


22.10.2005
Detailed
 Linux IPv6 sockets DoS
document Endless loop is possible within udp_v6_get_port() function.
 ZipGenius archiver multiple buffer overflow
document Buffer overflow on multiple archive formats handling.
 Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 19.10.2005
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


21.10.2005
Detailed
6!Symantec Norton AntiVirus and another Symantec security products for Macintosh privilege escalation
updated since 20.10.2005
document Norton Antivirus DiskMountNotify suid utility executes external applications by relative name. LiveUpdate contains suid wrapper for Java interpreter without proper command line check.
6!Multiple Ethereal sniffer vulnerabilities
updated since 20.10.2005
document Multiple bugs of different nature while parsing different protocols. Vulnerable version of PCRE library is used in Windows Ethereal version.
6!RSA SecurID Web Agent buffer overflow
updated since 06.05.2005
document Heap overflow on HTTP chunked encoding parsing. Stack overflow on oversized HTTP request Redirect: header.
 bmv integer overflow
document Integer overflow on PostScript (PS) files processing.
 eric Python IDE code execution
document Possible code execution on project file opening.
  


20.10.2005
Detailed
6!Linux kernel console keyboard mapping commands execution
document User can set keyboard mapping which will impact next users on this console.
6!Multiple IBM DB2 Universal Database vulnerabilities
document Server crash on constant string processing in queries; endless loop on hash joins processing; multiple problems with invalid connection termination; unauthorized creation of routine based objects; array overflow on oversized number of elements in 'in' list; db2jd crash on certain clients.
 Squid proxy server DoS
document Server crash on parsing FTP Server response.
 Debian module-assistant symbolic links problem
document Symbolic links problem on insecure temporary files creation.
 Encrypted data hijacking within Enigmail encryption plugin for Mozilla / Thunderbird
document Key with empty id is used to encrypt all outgoing mail if presents in keyring.
 Microsoft Internet Explorer URL spoofing
document It's possible to spoof URL with document.write within OnClick method for <a> tag.
  


19.10.2005
Detailed
8!snort intrusion detection system (IDS) buffer overflow
document Buffer overflow in Back Orifice UDP preprocessing (any UDP port)
6!Cisco Content Switch SSL DoS
document Memory corruption on malformed certificate handling.
6!lynx text mode web browser buffer overflow
document Buffer overflow on NNTP server reply parsing.
 YIFF server sound files unauthorized access
document File permissions are ignored while playing file.
 AIX lscfg symbolic links problem
   
 NetPBM graphical utilities buffer overflow
document Buffer overflow on PNM file parsing in pnmtopng utility.
 flexbackup backup utility symbolic links problem
document Symbolic links problem during temporary files creation.
 Gentoo Linux multiple ports privilege escalation
document User from portage group can place dynamic library into search path of vulnerable library. Vulnerable ports are perl, Qt-UnixODBC, CMake.
 PHP open_basedir protection bypass
updated since 28.09.2005
document Under some rare conditions it's possible to open file from different directory.
 Sun Solaris SCTP socket option DoS
   
  


16.10.2005
Detailed
 Trusted Mobility Suite PDA access protection bypass
document It's possible to synchronize with device regradless of warnings.
 Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 10.10.2005
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


15.10.2005
Detailed
 Apple iTunes player Shared Music service DoS
document Different playlist manipulation vulnerabilities.
 SPE Python Integrated Development Environment weak permissions
document Application's files are world writable.
 Windows Apache information leak
document It's possible to retrieve file from CGI-BIN directory by typing directory name uppercase (http://127.0.0.1/CGI-BIN/chat.pl)
  


14.10.2005
Detailed
 Mozilla Thunderbird / Mozilla weak authentication downgrade
document If SMTP authentication with CRAM-MD5 or TLS hadshake fails mail agent downgrades to plain text authentication, allowing active man-in-the-middle attacks.
 Multiple Sun Solaris vulnerabilities
document File system privilege management feature panic. procfs protected file names information leak.
 Hitachi TP1 DoS
   
 HP-UX Itanium platform DoS
   
 TYPSoft FTP Server DoS
document Crash on FTP RETR command before data connection open.
 ClamAV antivirus OLE2 files parsing DoS
document OLE2 format (Microsoft Office) parsing DoS because of stack overrun due to recursive function call if large ArchiveMaxFiles value configured.
 Computer Associates iGateway buffer overflow
updated since 13.10.2005
document Buffer overflow on HTTP request parsing if debug mode is enabled.
  


13.10.2005
Detailed
7!Microsoft Windows Microsoft Collaboration Data Objects buffer overflow
updated since 12.10.2005
document Buffer overflow on parsing mail messages with Microsoft SMTP service.
7!Microsoft Distributed Transaction Coordinator service memory corruption
updated since 12.10.2005
document Memory corruption as a result of integer overflow with anonymous remote access (Windows 2000) and authenticated access under Windows XP/2003.
7!Microsoft Design Tools COM object uninitialized memory reference
updated since 12.10.2005
document CPolyCtrl class destructor attempts to call a function by the pointer from uninitialized dynamic memory region.
6!W3C libwww library buffer overflow
document Buffer overflow on MIME headers parsing.
6!Multiple BeaWeblogic vulnerabilities
document 24 different vulnerabilities.
6!Symantec Veritas NetBackup network backup system buffer overflow
document Java User Interface bpjava-msvc daemon (TCP/13722) buffer overflow on COMMAND_LOGON_TO_MSERVER request.
6!GFI MailSecurity content filter buffer overflow
document Buffer overflow in Web administration interface.
6!Novell NetMail mail server buffer overflow
document Buffer overflow on oversized NMAP (Network Messaging Application Protocol) protocol USER command.
 XMail sendmail buffer overflow
document Buffer overflow on message headers parsing in sendmail -t.
 Sun Java System Application Server (Sun ONE) JSP source code disclosure
   
 Symantec Brightmail Antispam SPAM filter DoS
document MIME headers parsing DoS.
 AhnLab V3 antivirus buffer overflow
document Buffer overflow on different file formats.
 Kerio Firewall DoS
document DoS on executable application's PEB parsing.
 Linux kernel memory leaks
document Memory leaks may potentially lead to DoS conditions.
 Multiple Microsoft Distributed Transaction Controller DoS conditions
updated since 12.10.2005
document Problems with TIP protocols handling, bounce attack is possible.
 Ethernet frame padding information leakage
updated since 08.01.2003
document Incorrect memory managment causes ethernet fame padding bytes may contain sensitive information.
  


12.10.2005
Detailed
6!Microsoft Windows Shell multiple vulnerabilities
document Problems with .lnk files processing, HTML files preview.
6!Microsoft Windows Client Service for NetWare buffer overflow
document Buffer overflow in network file srevice.
6!Microsoft Windows Network Connection Manager service buffer overflow
document Buffer overflow in RPC service.
6!Microsoft FTP client directory traversal
document It's possible to place downloaded file in any directory from server side.
6!Microsoft Direct Show memory corruption
document It's possible to overwrite one byte of the dynamic memory with NULL within quartz.dll with crafted AVI file.
 KOffice buffer overflow
document Buffer overflow on RTF files parsing.
  


11.10.2005
Detailed
7!Kaspersky Antivirus buffer overflow
document Buffer overflow on CHM files parsing.
 SGI IRIX runpriv utility unfiltered shell characters vulnerability
document Unfiltered shell characters allow to execute any command.
 Multiple WinRAR archiver vulnerabilities
document UUEncoded files format string bug, ACE archives buffer overflow.
 OpenSSL SSL 2.0 rollback (weak cryptography)
document Active man-in-the-middle attacker can force rollback to SSL 2.0 protocol with known cryptographic weakness for both client and server if SSL_OP_MSIE_SSLV2_RSA_PADDING (or SSL_OP_ALL) configuration option is enabled.
  


10.10.2005
Detailed
6!xine-lib media player library format string bug
document Format string bug on CDDB server reponse parsing.
6!Multiple Linux kernel vulnerabilities
document sys_set_mempolicy() negative argument DoS, race CLONE_VM DoS conditions, race TASK_TRACED state DoS conditions, ioremap amd64 platform memory access, HFS and HFS+ filesystem drivers DoS, remote ebtables netfilter module remote DoS on SMP platforms.
6!OpenVMPS open Cisco VMPS protocol server implementation format string vulnerability
document Format string bug on syslog() call.
 Paros proxy unauthorized access
document hsqldb database has built-in password and is remotely accessible.
 cfengine symbolic links problem
document Symbolic links problem during temporary files creation in multiple package utilities.
 graphviz graph drawing tools symbolic links problem
document Symbolic links problem on temporayr files creation.
 up-imapproxy format string vulnerability
document Few format string bugs.
  


09.10.2005
Detailed
 Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 03.10.2005
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


07.10.2005
Detailed
6!Sun Directory Service unauthorized access
   
 HAURI ViRobot antivirus buffer overflow
document ALZ Archive Handling Buffer Overflow.
 xloadimage buffer overflow
document NIFF images buffer overflow.
 Planet switches backdor account
document There is undocumented 'admin' account with 'ISPMODE' password.
  


06.10.2005
Detailed
 IBM Tivoli Monitoring DoS
document Web Health Console uses older version of IBM HTTP Server.
 Webroot Desktop Firewall buffer overflow
document Buffer overflow on deleting application from the list of allowed programs. It's possible for non-privileged users to disable the firewall even when password protection has been enabled, by sending specific DeviceIoControl() commands to the firewall driver.
  


05.10.2005
Detailed
7!Symantec Antivirus administrative interface buffer overflow
document Buffer overflow during TCP/8004 administrative interface HTTP request parsing.
6!HP OpenView Event Correlation Services unauthorized access
   
 AlZip multiple buffer overflows
document Buffer overflows on different archive formats.
 mod_auth_shadow protection bypass
document Access restrictions for different authorization mechanisms may be bypassed if mod_auth_shadow is used.
 Windows XP Wireless Zero Configuration service information leak
document WPA PMKs and WEP keys are available with WZCQueryInterface() of Wzcsapi.dll.
 uim multilingval support library privilege escalation
updated since 22.02.2005
document Invalid environment variables handling.
  


04.10.2005
Detailed
6!MailEnable buffer overflow
document Buffer overflow on logging in W3C format.
6!Gnome libzvt information spoofing
document DISPLAY environment variable is used as a utmp hostname.
 Hitachi Cosminexus logical bug
document For HTTP POST request with empty body data from previous POST request is used.
 ProZilla buffer overflow
document Buffer overflow on oversized HREF parameters of the search results HTML page.
 Weex format string bug
document Format string bug in logging function.
 Dia buffer overflow
document Buffer overflow on SVG files parsing.
 Trillian instant messenger DoS
document DoS on requesting ICQ protocol reverse connection.
  


03.10.2005
Detailed
7!Kaspersky Antivirus buffer overflow
document Heap based buffer overflow on CAB files parsing.
 Berkley MPEG Tools symbolic links problem
document Insecure temporary files creation.
 Bugzilla information leak
document It's possible to retrieve products information and, under some conditions, list of the invisible users.
 NetForce NIS password information leak
document File with NIS accounts passwords is sent with unencrypted diagnostic e-mail message.
  


01.10.2005
Detailed
6!MySQL buffer overflow
document init_syms function stack-based buffer overflow.
 storeBackup symbolic links problem
document Symbolic links problem on temporary files creaction.
 Macromedia Breeze information leak
document "reset password" feature stores password in clear text.
 sblim-sfcb DoS
document Resource exhaustion on large number of HTTP requests with oversized headers.
 BlenderPlayer buffer overflow
document Buffer overflow on oversized .blen file.
 Cisco routers weak password encryption
document Password is encrypted with substitution table.
 backupninka symbolic links problem
document Symbolic links problem on temporary file creation.
 ntlmaps NTLM proxy weak file permissions
document Configuration file with Windows account password is world readable.
 Virtools Web Player game platform multiple vulnerabilities
document Buffer overflows and directory traversal on archive extraction.
 Citrix Metaframe Presentation Server protection bypass
document Restrictions policy is based upon paramters controlled by client.
 apachetop utility symbolic links problem
document Symbolic links problem on temporary filescreation.
 MCCS Multi Computer Control System DoS
updated since 21.09.2005
document DoS on internal UDP-based control protocol parsing.
 Multiple gopherd bugs
updated since 14.01.2005
document Integer overflows, format string bug in logging.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod