Computer Security
[EN] securityvulns.ru no-pyccku



30.11.2005
Detailed
 Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, mb_send_mail() message headers modification, etc.
  


29.11.2005
Detailed
 Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, mb_send_mail() message headers modification, etc.
  


28.11.2005
Detailed
 Kadu Gadu-Gadu instant messaging client DoS
document Application hangs on malcrafted message.
 Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, mb_send_mail() message headers modification, etc.
  


26.11.2005
Detailed
6!Sun Solaris traceroute buffer overflow
updated since 25.06.2005
document Buffer overflow on large number of -g arguments, on malformed -s argument allow raw socket access.
 Gaim-Encryption plugin DoS
document Attempt to access unallocated memory on keys parsing.
 Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 21.11.2005
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 FreeFTP FTP Server buffer overflow
updated since 17.11.2005
document Buffer overflow in USER command.
  


23.11.2005
Detailed
6!Firefox / Opera code execution
updated since 21.09.2005
document Command lines arguments can be pasted through URL if Firefox or Opera are invoked from external application in Unix-like systems.
 Novell Zenworks authorization bypass
document Remote diagnostics functions are available to regular user.
 ipmenu iptables/iproute2 GUI symbolic links
document Symbolic links problem on temporary files creation.
 eix symbolic links problem
document Symbolic links problem on temporary files creation.
 fusemount mtab file coruuption
document Mounted points special characters problem.
 IPUpdate dynamic DNS client buffer overflow
document Buffer overflow on DNS server reply parsing.
 IBM WebSphere application server double free bug
   
  


21.11.2005
Detailed
9!Microsoft Internet Explorer code execution
document Uninitilized memory call on Window() function within OnLoad handler of BODY tag allows code execution.
6!Multiple Gadu-Gadu instant messenger vulnerabilities
document Special device access, buffer overflow, DoS, ability to initiate voice transfer from the client without user intervation.
6!Multiple Google Search Appliance vulnerabilities
document Crossite scripting, code execution.
 Inkspace buffer overflow
document Buffer overflow on SVG import.
  


20.11.2005
Detailed
6!Novell Netmail mail server buffer overflow
document Buffer overflow on IMAP commands parsing.
 Hitachi Web applications crossite scripting and DoS
   
 Hitachi Groupmax Mail SMTP server DoS
   
 Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 14.11.2005
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


18.11.2005
Detailed
6!Multiple MailEnable mail server vulnerabilities
updated since 18.11.2005
document Buffer overflow and IMAP folders directory traversal, DoS.
6!Qualcomm WorldMail directory traversal
document Directory traversal in IMAP server folders.
 YaSSL certificate chain validation problem
   
 SMB4K KDE SMB/CIFS browser symbolic links ptoblem
updated since 07.09.2005
document It's possible to read content of /etc/sudoers and /etc/super.tab.
  


17.11.2005
Detailed
7!Microsoft Windows Plug and Play Service UMPNPMGR buffer overflow
updated since 12.10.2005
document Buffer overflow on PNP_GetDeviceList and PNP_GetDeviceListSize calls for anonymous user on Windows 2000 and authenticated user on Windows 2003 / XP. There is another one similar vulnerability, leading to memory leak with DoS conditions.
 Senao SI-680H wirieless Wi-Fi VoIP phones unauthorized access
document VxWorks debugger is available with UDP/17185.
 Multiple Zyxel P2000W wirieless Wi-Fi VoIP phones vulnerabilities
document Information leak, external DNS servers access.
 Multiple UTstarcom F1000 wirieless Wi-Fi VoIP phones vulnerabilities
document SNMP access, unauthenticated telnet (TCP/21) and rlogin (TCP/513) access.
 Multiple Hitachi Wi-Fi VoIP phones vulnerabilities
document Information leak, SNMP access, built-in hardware password, unauthenticated Web access (TCP/8080) and shell access (TCP/3390).
 Multiple Cisco 7920 wireless IP Phones vulnerabilities
document Fixed SNMP read/write community is available, VxWorks debugger is available via UDP/7920 port.
 FTGate mail server buffer overflow
document IMAP server oversized EXAMINE command buffer overflow.
 PasswordSafe weak cryptography
document Key derived from user password with fast algorythm is used as a key for block cypher, making it easy to bruteforce user password.
  


16.11.2005
Detailed
7!GTK+, imlib, lessTif and libXPM libraries XPM files integer overflows
updated since 16.09.2004
document Integer overflow leads to heap based and stack based buffer overflow.
6!Multiple Macromedia server products vulnerabilities
document Contribute Publishing Server Cryptographic weakness, Breeze Live Server and Flash Communication Server MX malcrafted RTPM streams DoS.
 Apple iTunes code execution
document CreateProcess() is used insecurely on external application execution.
 Belkin Wireless Router authentication bypass
document Any user can log on without authentication after administrator is logged on.
 LiteSpeed web server crossite scripting
document Crossite scripting in administration scripts.
  


14.11.2005
Detailed
6!Real player media player multiple buffer overflow
updated since 11.11.2005
document Buffer overflows on parsing .rm streams and skin files.
6!VERITAS Cluster Server for UNIX buffer overflow
updated since 10.11.2005
document Buffer overflow in 'ha' suid utility on environment variables parsing.
  


11.11.2005
Detailed
6!lynx text mode browser code execution
document There is a configuration bug on multiple platforms allowing code execution with lynxcgi: URL handler.
 Multiple Kerio WinRoute Firewall vulnerabilities
document Crash on RTSP streams processing, possibility to use disabled account.
 Veritas NetBackup buffer overflow
updated since 10.11.2005
document Buffer overflow in vmd (Volume Manager Daemon) shared library.
 Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 07.11.2005
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


10.11.2005
Detailed
6!SpamAssassin antispam filter DoS
document Pasrsing of the message with large number of receients leads to stack overrun.
 IPCop weak file permissions
document Backup files and backup files encryption key have weak permissions.
 IBM DB2 Content Manager DoS
document LZH files processing crash, Excel files import CPU exhaustion.
 Sylpheed mail agent buffer overflow
document Buffer overflow on LDIF file parsing.
 HP-UX envd privilege escalation
   
 IBM Tivoli Directory Server protection bypass
   
  


09.11.2005
Detailed
8!Microsoft Windows WMF / EMF buffer overflow
document Multiple buffer overflows in GDI on WMF and WMF windows metafile formats.
 Multiple SAP Web Application Server vulnerabilities
document Crossite scripting, request redirection, HTTP response splitting.
  


08.11.2005
Detailed
 F-Secure Internet Gatekeeper antivirus privilege escalation
document Different scripts execute external application by relative path.
 Asterisk PBX server voice mail mailbox directory traversal
document Web interface directory traversal allows to download any .wav file.
 FileZilla FTP Server buffer overflow
document Buffer overflow on oversized FTP USER command.
 Multiple MacOS X vulnerabilities
updated since 01.11.2005
document Invalid ownership information in 'Finder', invalid 'Update' functioning, memberd removed group membership unauthorized access, 'Keychain' password leak, 'Kernel' uninitialized memory leak.
 Multiple firewalls protection bypass
updated since 28.10.2004
document The number of different way to break protection against client application attacks is almost unlimited.
  


07.11.2005
Detailed
7!Macromedia Flash Player array index overflow
updated since 05.11.2005
document User controlled value is used as function pointers array index without boundary control.
 linux-ftpd-ssl FTP server buffer overflow
document Buffer overflow on oversized directory in CWD command.
  


05.11.2005
Detailed
6!SUSE linux chfn utility privilege escalation
document Gecos field is not checked, making it possible to add records to password file.
 Multiple IBM Lotus Domino communication server vulnerabilities
document Array overflow on creating mail rules, buffer overflow on out-of-office autoreplies, multiple DoS conditions.
 GpsDrive friendsd2 GPS map location service format string bug
document Format string bug on diagnostic message gisplaying.
 thttpd symbolic links problem
document syslogtocern script insecure temporary files creation.
 Sun Java Development Toolkit DoS
document Crash on font deserialization.
 Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 31.10.2005
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


04.11.2005
Detailed
6!Apple QuickTime multiple vulnerabilities
document Integer overflows, memory corruptions, DoS.
 Sun Java System Communications Express information leak
document It's possible to access configuration file which contains sensitive information.
 Serv-U FTP Server DoS
   
 Multiple giflib vulnerabilities
document Memory corruption, NULL pointer dereference.
 Apache Tomcat application server DoS
document Large number of listing requests cause server to hang.
 IpSwitch WhatsUp networm managing solution directory traversal
document Web interface directory traversal.
 Multiple Flat Frag game vulnerabilities
document Multiple buffer overflows, NULL pointer reference.
 Battle Carry game DoS
document Game server crashes on oversized UDP packet.
  


03.11.2005
Detailed
7!The Holy Grail: Cisco IOS shellcode And Exploitation Techniques
updated since 30.07.2005
document Michaels Lynn's presentation on Cisco routers malicious code execution possibility.
6!Graphon Go-Global thin client and server solution buffer overflow
document Buffer overflow in initial protocol handshake.
 Multiple Asus Video Security vulnerabilities
document Buffer overflows and directory traversals in built-in Web server.
 Glider collect'n kill game buffer overflow
document Buffer overflow on oversized player name.
 NeroNet remote CD/DVD burning access solution directory traversal
document It's possible to retrieve any video/audio/image file with built-in HTTP server.
 Scorched 3D multiple vulnerabilities
document Buffer overflow, format string bugs, multiple DoS conditions.
 Cisco wireless accee points LWAPP mode unauthorized access
document It's possible to send unencrypted packet with spoofed MAC to secure network.
 HP OpenVMS DoS
   
  


02.11.2005
Detailed
6!Multiple NetBSD vulnerabilities
document Integer overflow in FreeBSD compatibility subsystem, imake symbolic links problem, ptrace() privilege escalation. Known vulnerabilities in CVS, telnet, OpenSSL, ntpd are patched.
 Linux kernel drivers buffer overflows
document Buffer overflow, out-of-memory references in Yealink and i2c drivers.
 Cisco Management Center for IPS Sensors weak configuration
document During creation of Cisco IOS IPS rules information about port numbers is lost making it impossible to work for many intrusion detection signatures.
  


01.11.2005
Detailed
 Multiple Hyper Estraier vulnerabilities
document DoS on indexing files with special Unicode characters in the names. Files from non-searchable directories are indexed.
 OpenVPN VPN client format string vulnerability
document Format string bug on parsing DHCP options obtained from server.
 Inicom networks ioFTPd FTP Server account enumeration
document Error messages differ for existant and non-existant user account.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod