Computer Security
[EN] securityvulns.ru no-pyccku



31.12.2008
Detailed
8!Fake valid SSL certificate creation attack was successfully demonstrated
document Valid fake SSL certificate creation attack was demonstratedby exploiting MD5 collisions and RapidSSL certificate generation procedures. The cost of attack is appoximately $2000.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: automated account registration, DoS.
  


29.12.2008
Detailed
9!Microsoft Windows Media Player buffer overflow
document Buffer overflow on WAV parsing
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 10.12.2008
document Multiple memory corruptions.
6!Linux kernel multiple security vulnerabilities
updated since 09.12.2008
document Double listen() on the same socket causes creation of unassigned vcc table entry, which causes infinite loop in kernel on attempt to cat vc table. inotify subsystem race conditions allow privilege escalation, socket-related memory exhaustion. chip_command() NULL pointer dereference. HFS file sytem mounting buffer overflow.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 28.12.2008
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. bbPress: crossite scripting, protection bypass
  


28.12.2008
Detailed
 Intellitamper buffer overflow
document Buffer overflow on .map file parsing.
  


26.12.2008
Detailed
9!Microsoft Windows Media Player integer overflow
document Integer overflow on WAV parsing.
7!FreeBSD protosw privilege escalation
document Uninitialized bluetooth and netgraph sockets.
6!Citrix Broadcast Server SQL injection
document login.asp SQL injection.
 PGP Desktop DoS
document PGPweded.sys driver crashes the system on IOCTL processing.
 PSI jabber client integer overflow
document Integer overflow on file transfer port (TCP/8010 by default) data parsing.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Mozilla Firefox, Microsoft Internet Explorer, Opera and Google Chrome DoS
document Printing <irame> in endless loop from javascript causes resources exhaustion and leads to browser hang.
  


23.12.2008
Detailed
 Qemu / KVM DoS
document Virtual machine's VNC server infinite loop.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. NetCat CMS: directory traversal, SQL injection.
 Avahi multicast DNS server DoS
document assert() on UDP packet with SRC port 0.
 COMTREND CT-536 / COMTREND HG-536+ routers multiple security vulnerabilities
document Authentication bypass, DoS, crossite scripting and request forgery.
 mailscanner symbolic links vulnerability
document Multiple symlink vulnerabilities in different scripts.
 Trend Micro HouseCall ActiveX memory corruption
updated since 22.12.2008
document Use-after-free() vulnerability.
 FreeSSHD buffer overflow
updated since 09.06.2008
document sftp post authentication buffer overflow
  


22.12.2008
Detailed
6!PHP 4 multiple function buffer overflows
document Buffer overflows in mb_* functions.
 PowerDNS multiple security DNS
document DoS, non-standard reaction to invalid query increases chances for successful spoofing attack.
 Fujitsu-Siemens WebTransactions shell characters vulnerability
document Unfiltered user input in system()call.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: crossite scripting, DoS
 PHP APC local attacks
document Different local attacks allow DoS conditions and crossite scripting.
  


21.12.2008
Detailed
 PHP python module safe_mode bypass
document Module doesn't check safe_mode restrictions for python code.
 libvirt privilege escalation
updated since 21.12.2008
document Potentially dangeroues operations are not marked as read only.
  


19.12.2008
Detailed
8!Mozilla Firefox / Thunderbird / Seamonkey multiple seucrity vulnerabilities
updated since 18.12.2008
document Crossite scripting, crossite data access, memory corruptions, code execution, filtering bypass, user session tracking.
6!Microsoft Outlook Express / Outlook / Internet Explorer DoS
updated since 17.12.2008
document <dt><h1 style=width:1px><li></h1> in HTML part causes application to crash.
 Sun Solaris DoS
document SIOCGTUNPARAM IOCTL processing NULL pointer dereference.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 18.12.2008
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Phpclanwebsite: multiple directory traversals, multiple SQL injections, multiple crossite scriptings,
  


18.12.2008
Detailed
10!Microsoft Internet Explorer memory corruption
document Memory corruption leads to code execution. Vulnerability is used in-the-wild for hidden malware installation.
  


17.12.2008
Detailed
8!Oracle database server multiple security vulnerabilities
updated since 16.04.2008
document CPU for April, 2008 fixes huge number of vulnerabilities.
7!Opera memory corruption
document Heap corruption on HTML parsing.
 JasPer multiple security vulnerabilities
document Multiple memory corruptions on JPEG parsing.
 Barracuda mail filtering applications multiple security vulnerabilities
document Crossite scripting, SQL injection (in Barracuda Spam Firewall)
  


16.12.2008
Detailed
8!Apple Mac OS X multiple security vulnerabilities
document Apple Type Services DoS, BOM buffer overflow with CPIO archives, CoreGraphics buffer overflow on images parsing, invalid cookies setting for geographical domains, dangerous content warning bypass, multiple Flash Player Plugin vulnerabilities, multiple privilege escalations, Internet Sharing DoS, Podcast Producer unauthorized administrative access, UDF ISO images DoS.
 Wireshark DoS
document Infinite loop in WLCCP dissector.
 TmaxSoft JEUS source code leakage
document It's possible to access code source by using NTFS alternative streams (be adding ::$DATA to filename).
  


15.12.2008
Detailed
 MPlayer buffer overflow
document Buffer overflow on TwinVQ format parsing.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CapCC for WordPress - SQL injection, automation protection bypass, crossite request forgery.
 No-IP.com DDNS client for Unix/Linux buffer overflow
document Buffer overflow on HTTP response parsing.
 aview symbolic links vulnerability
document Insecure temporary file creation.
 honeyd symbolic links vulnerability
document test.sh script insecure temporary files creation.
  


14.12.2008
Detailed
8!Multiple security vulnerabilities in different antiviral applications
document ClamAV: LZH DoS; BitDefender: multiple integer overflow on PE parsing; Avast: multiple buffer overflows on ISO and RPM parsing; AVG: crash on UPX files; Sophos: multiple DoS on different compressed formats parsing; F-Secure F-prot: protection bypass
6!uw-imap DoS
document NULL pointer dereference on invalid QUIT command response.
 Asterisk voice server DoS
document Crash on IAX2 processing
 CA ARCserve Backup code execution
document handle_t RPC call insufficient arguments validation.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CapCC for WordPress - crossite scripting, information leakage. Blogsmith - crossite scripting.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 10.12.2008
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. EZ Publish: privilege escalation from user to CMS Administrator + Privilege escalation from CMS Administrator to system user.
 HP-UX DCE DoS
updated since 16.12.2007
   
  


12.12.2008
Detailed
 lcms multiple security vulnerabilities
document Buffer overflow and integer overflow on images parsing.
  


11.12.2008
Detailed
8!Microsoft Office multiple security vulnerabilities
updated since 10.12.2008
document Multiple memory corruptions on .doc and .xls parsing.
6!Microsoft SQL Server 2000 sp_replwritetovarbin privilege escalation
updated since 09.12.2008
document It's possible to overwrite process internal data and execute code in server context.
  


10.12.2008
Detailed
8!Microsoft Windows Search multiple security vulnerabilities
document Code execution with saved search results and with search-ms: URI.
8!Microsoft Windows GDI library multiple security vulnerabilities
document Buffer overflow and integer overflow on WMF parsing.
8!Microsoft Visual Basic multiple ActiveX security vulnerabilities
document Memory corruptions in DataGrid, FlexGrid, Hierarchical FlexGrid, Windows Common AVI, Charts, Masked Edit controls.
6!Microsoft Sharepoint unauthorized access
document It's possible to access administration page without authentication.
 Aruba Mobility Controller wireless routers DoS
document Crash on malformed EAP authentication.
 HP OpenView Reporter / HP OpenView Performance Agent DoS
   
 Face recognition authentication bypass
document Authentication can be bypassed with series of photo or video.
 DD-WRT crossite request forgery
document Form redirection is not checked.
 BMC Patrol Agent format string vulnerability
document Format string vulneerability in logging via version number.
 Vinagre VNC client format string vulnerability
document Format string vulnerability in VNC name.
 Microsoft Windows Media Player multiple security vulnerabilities
document NTLM credentials leak and relaying.
 Capilano DesignWorks buffer overflow
document Buffer overflow on .CCT file parsing.
 Neostrada Livebox router DoS
document Crash on malformed HTTP request.
  


09.12.2008
Detailed
6!DoS against multiple e-mail applications and anti-viruses
document MIME messages with large recursion level may cause application to hang or crash.
6!PHP proc_open() safe_mode bypass
document It's possible to execute any code from shared library via proc_open().
6!Trillian multiple security vulnerabilities
document Multiple AIM plugin vulnerabilities, HTML parsing vulnerabilities for multiple protocols.
 PHP php_getuid() invalid implementation
document Under some conditions user's uid or gid may be incorrectly identified.
  


04.12.2008
Detailed
6!PHP ZipArchive::extractTo() directory traversal
document Directory traversal then upacking ZIP files.
6!VMWare sandbox protection bypass
document It's possilbe to access phisical memory from guest machine.
 Orb media server DoS
document Crash on HTTP request parsing.
 HP-UX DoS
   
 OptiPNG buffer overflow
document Buffer overflow on BMP images parsing.
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Perl symbolic links race conditions
updated since 27.12.2004
document File::Path::rmtree unsecurely changes file permissions, creating race condiotns for symbolic links manipulation.
  


03.12.2008
Detailed
6!CUPS integer overflow
document Integer overflow on PNG height value leads to buffer overflow
 libsamplerate buffer overflow
   
 Google Chrome / Opera crossite scripting
updated since 28.10.2008
document Page URL is written to file unfiltered when page is saved.
  


02.12.2008
Detailed
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CoBreeder: Crossite scripting.
 ClamAV antivirus JPEG files DoS
document Endless recursion on malformed JPEG file processing.
 Rumpus buffer overflows
document Multiple HTTP and FTP buffer overflows.
 flamethrower symbolic links vulnerability
document Insecure temporary files creation.
  


01.12.2008
Detailed
6!VLC media player integer overflow
document Integer overflow on RealMedia (.rm) files parsing leads to heap buffer overflow.
 Linux /bin/login privilege escalation
document It's possible to escalate privileges from utmp group to root.
 jailer symbolic links vulnerability
document updatejail insecure temporary files creation.
 PHP dba_replace() DoS
document It's possible to destroy ini-file content.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod