31.10.2007 Detailed

6! McAfee E-Business server buffer overflow   Buffer overflow on authentication request processing. 6! Cups buffer overflow   Buffer overflow on IPP protocol parsing. 6! Perdition IMAP proxy server format string vulnerability   Format string vulnerability with IMAP tag.

6! IPSwitch IMail client buffer overflow   Buffer overflow on oversized MIME boundary.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

30.10.2007 Detailed

7! IBM AIX multiple utilities vulnerabilities   Security vulnerabilities in bellmail, ftp, lquerypv, lqueryvg, dig, crontab, swcons.

6! Opera browser multiple security vulnerabilities   Code execution, crossite access 6! Sun Java JRE / JDK multiple security vulnerabilities updated since 29.10.2007   Multiple sandbox restriction bypass vulnerabilities.

6! zlib compression library DoS updated since 06.07.2005   DoS on invalid data stream (including ones of PNG files).

29.10.2007 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   IBM Tivoli Storage Manager Client crossite scripting   CAD Service log files crossite scripting.

28.10.2007 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHP-Nuke: directory traversal in autohtml.php and autohtml0.php allows to obtain password hashes. By requesting non-existant file it's possible to disclosure installation directory.

26.10.2007 Detailed

Serverkit shttp web server directory traversal   Directory traversal with HEAD request is possible.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   TrendMicro antivirus privilege escalation   Buffer overflows and \\.\Tmfilter device insecure access permissions.

MLDonkey backdoor access   'p2p' account with empty password and valid shell is created during installation.

24.10.2007 Detailed

7! IBM Lotus Notes multiple security vulnerabilities updated since 23.10.2007   Buffer overflow on viewing of different attachment types, information leak between local users thorugh memory mapped files. 6! Miranda instant messenger multiple security vulnerabilities   Yahoo! messenger plugin multiple buffer overflows. 6! HP OpenView unauthorized access   HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM) unauthorized access thorugh httpd.tkd.

6! Microsoft Windows TCP/IP stack IGMP DoS updated since 15.02.2006   System hangs on malformed IGMPv3 packet.

RSA Keon crossite scripting   Crossite scripting in Request-spk.xuda and Add-msie-request.xuda components.

Debian Linux reprepro authentication bypass   Unkonwn package signatures are not checked .

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 24.10.2007   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

23.10.2007 Detailed

8! Mozilla Firefox /Thunderbird / Seamonkey multiple security vulnerabilities   Code exectuion with invalid % encoding in Windows, lcaol files accesss with sftp URL, content spoofing, user input focus stealing, memory corruption, code execution. 6! 3proxy double free() security vulnerability   Double free() on FTP proxy OPEN request handling. 6! Apple iPhones multiple security vulnerabilities   Vulnerable version of libtiff allows code execution and, as a result, allows to unlock phone.

Citrix Access Gateway information leak   HTTP session cookie is passed through HTTP GET request parameters, making it possible to leak it value thorugh Referer: field or in the browsing history.

Zaptel драйвер buffer overflow   Buffer overflow on oversized IOCTL interface name.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

20.10.2007 Detailed

7! Nortel Unistream IP Phone / Softphone / Communication Server multiple security vulnerabilities   Buffer overflow, eavesdroping. multiple DoS conditions. 6! libpng multiple security vulnerabilities   Multiple DoS conditions on PNG images parsing.   GMail Mobile DoS   DoS on large message recevied during composing the message.

CA Host-Based Intrusion Prevention System crossite scripting   Crossite scripting with log files.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

19.10.2007 Detailed

8! Double free() in zlib updated since 12.03.2002   Double free() call on same memory chunk causes heap corruption with potential code execution.

18.10.2007 Detailed

6! Cisco PIX / ASA / Firewall Service Module multiple security vulnerabilities   Vulnerabilities on MGGP and TLS parsing. 6! TIBCO SmartPGM FX multiple security vulnerabilities         Cisco Unified Communications unaurhoized access   Any active directory user has access to web administration tools.

Asterisk cdr_addon_mysql SQL injection   SQL injection with destination number.

Balsa e-mail client buffer overflow   Buffer overflow on oversized IMAP server response.

IrfanView buffer overflow   Buffer overlfow on .pal files parsing.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Mathcad protection bypass   It's possible to bypass 'Protect Worksheet' protection.

16.10.2007 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 16.10.2007   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

15.10.2007 Detailed

6! Apache Tomcat WebDav directory traversal   It's possible to retrieve file by aboslute path with LOCK DAV request. 6! Opal library / Ekiga memory corruption   Insufficient SIP Content-Length validation allows to overwrite single byte of memory. 6! TK graphics library buffer overflow   Buffer overflow on GIF images parsing

Cisco CallManager / OpenSer authentication relaying attacks   Insufficient Digest authentication validation allows active man-in-the-middle to access resources unrequested by client.

Netgear SSL312 crossite scripting   Crossite scripting with Web interface.

VImpX ActiveX buffer overflow   Buffer overflow with oversized RejectRecordFile paramater.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Linux Madwifi wireless drivers DoS   Assert on oversized "extended supported rates" beacon frame.

Microsoft Internet Explorer executable files download filter protection bypass   It's possible to upload file to temporary internet files folder by adding GET parameters to filename, e.g. http://example.com/program.exe?1.cda/

13.10.2007 Detailed

7! Firebird SQL server buffer overflow   Oversized TCP/3050 server service request buffer overflow. 7! EMC replistor buffer overflow updated since 13.10.2007   Buffer overflow in server service (TCP/7144). 7! IBM DB database JDBC service multiple security vulnerabilities   DB2JDS (TCP/6789) format string vulnerability and multiple DoS conditions.

6! libFlac / WinAMP multiple integer overflows   Multiple integer overflows on FLAC sound format parsing.

6! MySQL multiple security vulnerabilities   Denial of service, privilege escalation.

hplip shell characteres   hpssd utility shell charactesr vulnerability.

OpenSSL DTLS code execution

12.10.2007 Detailed

7! CA BrightStor ARCServe BackUp multiple security vulnerabilities   TCP/6504 RPC-based requests processing multiple buffer overflows. 6! G Data antivirus buffer overflow   ScanObjectBrowser.DLL SelectPath() function buffer overflow. 6! Asterisk malformed MIME boundary multiple buffer overflows and DoS updated since 27.08.2007   Multiple buffer overflows and crash on malformed MIME boundary if IMAP storage is used for Voicemail.

CiscoWorks Wireless LAN Solution Engine Cisco Wireless Control System Conversion Utility default password   Conversion utility adds default password.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 12.10.2007   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Linux initscripts weak permissions   Weak permissions for /var/log/btmp files cause information leak about unsuccessful logon attempt.

World in Conflict game server DoS   NULL pointer dereference on invalid TCP/52999 port data.

3Com 3CRWER100-75 unauthorized access   Under specific conditions it's possible to access wireless router administration interface from external network.

11.10.2007 Detailed

6! Kasrpsrsky Online Scanner ActiveX format string security vulnerability   Multiple format string vulnerabilities. 6! Microsoft Windows RPC DoS updated since 10.10.2007   Denial of Service during authentication in RPC-based services.   HP System Management Homepage crossite scripting

Cisco routers IOS LPD server buffer overflows   Buffer overflow if oversized local hostname is set.

10.10.2007 Detailed

8! Microsoft Outlook Express / Windows Mail NNTP buffer overflow   Heap memory overflow on NNTP server reply parsing. 6! Microsoft Internet Explorer multiple security vulnerabilities   Memory corruption, address bar spoofing. 6! Linux mount / umount privilege escalation   Invalid order of setuid / setgid calls and unchecked return value.

Kodak Image Viewer memory corruption   Memory corruption on image files parsing.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

09.10.2007 Detailed

Linksys SPA-941 phones crossite scripting   Crossite scripting throught web interface with SIP requests.

08.10.2007 Detailed

6! Apple Safari / iPhone crossite access   Script can access source code of the page from different domain.   QGit git repository graphical interface symbolic links   Insecure temporary files creation.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 08.10.2007   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

06.10.2007 Detailed

The Dawn of Time MUD game format string vulnerability   Buffer overflow in HTTP authentication.   Dropteam game multiple security vulnerabilities   Buffer overflows, format string vulnerabilities.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

05.10.2007 Detailed

6! NetSupport Manager unauthorized access updated since 24.09.2007   Unauthenticated access is possible thorugh TCP/5405.   FSD flight simulator game server buffer overflows updated since 04.10.2007   Multiple buffer overflows, including HELP command.

04.10.2007 Detailed

7! X11 X Font Server integer overflow   Integer overflow in QueryXBitmaps / QueryXExtents requests. 6! Borland Interbase / Firebird database server multiple buffer overflows   Buffer overflows on multiple functions arguments. 6! Multiple FPS game servers buffer overflow with PunkBuster   Buffer overflow on oversized packet if PunkBuster protection is turned on.

6! Linux kernel multiple security vulnerabilities   Multiple DoS conditions.

6! mIRC unfiltered shell characters vulnerability   Shell characters are not filtered on invoking external URL handler, making it's possible to use URLs like mailto:%xx../../../../../../../../../../../windows/system32/calc.exe".bat

6! CA BrightStor Hierarchical Storage Manager multiple security vulnerabilities updated since 27.09.2007   Buffer overflows, integer overflows and SQL injections.

Sun Solaris FIFO filesystem information leak   Integer overflow on IOCTL processing allows large memory regions reading.

pidgin DoS   Application crash on user not on the target's buddy list sending a "nudge," a feature of the MSN protocol.

RMake privilege escalation   /dev/zero device works as /dev/port in chrooted environment.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

MPlayer buffer overflow   Buffer overflow on AVI files parsing.

elinks information leak   POST form data is sent over HTTP instead of HTTPs.

02.10.2007 Detailed

7! Checkpoint VPN-1 / Firewall-1 multiple security vulnerabilities   Multiple buffer overflows / memory corruptions. 6! smbfptd FTP server format string vulnerability   Format string vulnerability on directory listing creation.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

01.10.2007 Detailed

6! Ruby Net::HTTPS library certificates validation cryptographic vulnerability   Certificate's CN field is not validated against DNS name, making it's possible to use valid certificate with wrong CN.   Cisco Catalist loopback address access protection bypass   SNMP access by address 127.0.0.x is possible, making it possible to bypass IP filtering.   Airdesense Airsensor M520 multiple security vulnerabilites   DoS and buffer overflow.

Axis IP cameras crossite scripting   It's possible to spoof video content by using crossite scripting attacks.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 01.10.2007   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Promise NAS NS4300N superuser access protection bypass   It's possible to bypass resttrictions for direct remote root access.