30.10.2008 Detailed

Quassel IRC client command injection   A CTCP ping where the value contains a CTCP quoted newline ('\020' + 'n') will let the Quassel core reply with a message containing an unquoted newline ('\n'). The IRC server interprets this as a command separator.

29.10.2008 Detailed

6! EATON MGE Office Protection Systems Network Shutdown Module unauthorized access   Authentication bypass and code execution. 6! lynx code execution   It's possible to execute code in Advanced Mode by redirecting to lynxcgi: URI.   Altiris Deployment Server Agent privilege escalation   multiple shatter-attacks.

Wireshark sniffer multiple security vulnerabilities   Multiple DoS conditions on different protocols parsing.

GNU enscript buffer overflow   Buffer overflow on text file conversion.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 28.10.2008   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Trend Micro OfficeScan buffer overflow updated since 15.09.2008   Buffer overflow in cgiRecvFile.exe Web component.

Microsoft Internet Explorer address bar spoofing   There are few methods of address bar spoofing.

27.10.2008 Detailed

VLC media player buffer overflow   Buffer overflow on TiVo ty format parsing.   HP OpenView Network Node Manager DoS updated since 02.09.2008

26.10.2008 Detailed

6! Sun Java WebStart multiple security vulnerabilities updated since 18.07.2008   Sandbox limitation bypass, buffer overflow.   HP SiteScope crossite scripting   Script injections with SNMP traps.   FireGPG multiple security vulnerabilities   Information leakage with temporary files, insecure temporary files creation.

Goodtech sshd buffer overflow   Buffer overflow in sftp implementation.

Symantec Veritas Storage Foundation unauthorized access updated since 23.10.2008   qioadmin utility allows local files read access. qiomkfile allows memory content reading.

Opera crossite scripting updated since 26.10.2008   Crossite scripting with opera:historysearch.

24.10.2008 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 24.10.2008   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CNCat: crossite scripting via description field.   Asterisk DoS   Resources exhaustion on IAX request parsing.

23.10.2008 Detailed

6! Cisco PIX / ASA multiple security vulnerabilities   Windows NT domain authentication bypass, IPv6 DoS, DoS because of memory leak in crypto accelerator

21.10.2008 Detailed

7! Microsoft Internet Explorer multiple security vulnerabilities updated since 14.10.2008   Memory corruptions, information hijack, crossite scripting.

18.10.2008 Detailed

6! Linux kernel multiple security vulnerabilities updated since 14.10.2008         Adobe Flash CS3 Professional / Adobe Flash MX 2004 multiple buffer overflows   Multiple heap buffer overflows on .SWF files parsing.   GNU tar buffer overflow updated since 18.10.2007

16.10.2008 Detailed

7! Sun Java Web Proxy buffer overflow   Buffer overflow on FTP resource GET request handling in HTTP proxy. 7! Microsoft Windows AFD driver privilege escalation updated since 15.10.2008   Kernel memory access is possible.   libxml memory corruption   Memory corruption on XML parsing

VLC Mediaplayer memory corruption   Memory corruption on XSPF playlists parsing.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Xen privilege escalation updated since 06.10.2007   It's possible for DomU domain user to execute code in Dom0 context.

15.10.2008 Detailed

8! Microsoft Windows SMB buffer overflow   Buffer overflow on SMB protocol parsing. 7! Microsoft Windows Virtual Address Descriptor manipulation privilege escalation   Integer overflow leads to memory corruption. 7! CA ARCserve Backup multiple security vulnerabilities updated since 12.10.2008   Code execution, multiple DoS conditions.

6! Microsoft Host Integration Server buffer overflow updated since 14.10.2008   Buffer overflow in RPC-based service.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Microsoft Windows 2000 Message Queuing code execution   Code execution via RPC-based service.

Microsoft Windows Internet Printing Service integer overflow   Integer overflow after authentication.

Microsoft Office multiple security vulnerabilities updated since 14.10.2008   cdo: URI information leak, multiple Excel memory corruptions.

14.10.2008 Detailed

6! Microsoft Windows 2000 Active Directory buffer overflow   Buffer overflow on LDAP request processing. 6! Sun Solaris Solstice AdminSuite daemon buffer overflow   Buffer overflow in sadmind adm_build_path() function.   Microsoft Windows kernel multiple security vulnerabilities   Double free() vulnerability and memory corruptions.

Telecom Italia Alice Pirelli routers backdoor   Specially constructed IP packet causes router's telnet/ftp/tftp functions to be activated.

Marvel chipset wireless access points DoS   Malformed association request causes access point to hang or reboot.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Lenovo Rescue and Recovery buffer overflow   Buffer overflow in tvtumon.sys driver.

Oracle privilege escaclation   User with CREATE ANY DIRECTORY privileges can escalate privileges to SYSDBA.

Mozilla FireFox information leak updated since 08.10.2008   Information leak on local HTML file opening.

12.10.2008 Detailed

6! Apple Mac OS X CUPS printing system code execution   Buffer overflow in HP-GL/2 filter.   Apache Tomcat information leak   Race conditions allow to bypass IP address check.

09.10.2008 Detailed

7! Novell eDirectory multiple security vulnerabilities   Multiple buffer overflows on TCP/8028 and TCP/8028 traffic parsing. 6! Gentoo Linux Portage privilege escalation   Relative shared library search path in suid application.   HP System Management Homepage crossite scripting

Cisco Unity authentication bypass   Authentication bypass to administration features if anonymous access is enabled.

Windows kernel integer overflow   Integer overflow in IopfCompleteRequest function.

HP-UX NFS/ONCplus DoS updated since 09.10.2008

Motorola Timbuktu information leak   User data is sent to central server.

mon symbolic links vulnerability   Symbolic links vulnerability on temporary files creation.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

feta symbolic links vulnerability   Symboliclinks vulnerability on temporayr files creation.

08.10.2008 Detailed

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

06.10.2008 Detailed

6! lighthttpd multiple security vulnerabilities   DoS conditions, information leakage. 6! pam_krb5 privilege escalation   Privilege escalation is possible if existing_ticket credentials caching option is used.   VMWare privilege escalation   64-bit platforms guest system privilege escalation.

Trend Micro OfficeScan directory traversal   Directory traversal in update agent server part.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Mac OS X Mail.App insecure data storage   Encrypted messages are stored in cleartext.

03.10.2008 Detailed

6! Multiple OpenSSH security vulnerabilities updated since 28.09.2006   Multiple different DoS conditions.   Juniper Netscreen Firewall ScreenOS crossite scripting   Persistant crossite scripting with username stored in logs.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

FreeBSD IPv6 Neighbor Discovery Protocol security vulnerability   A malicious IPv6 node sharing a common router but on a different physical segment from another node may be able to spoof Neighbor Discovery messages, allowing it to update router information for the victim node.

Adobe Flash Player Plugin DoS   NULL pointer dereferencecauses browser to crash.

02.10.2008 Detailed

6! Autodesk DWF Viewer ActiveX multiple security vulnerabilities   Insecure methods allow to save and execute files.   Asterisk multiple DoS conditions   Application crashes on malformed IAX requests flood.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.