Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:02.03.2006
Source:
SecurityVulns ID:5846
Type:remote
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPATM : PHP Advanced Transfer Manager 1.30
 JELSOFT : vBulletin 3.5
 INVISION : Invision Power Board 2.1
 4HOMEPAGES : 4images 1.7
 SMBLOG : SMBlog 1.2
Original documentdocumentimei, [KAPDA::#26]vBulletin.3.5.3~3.0.12-XSS (02.03.2006)
 documentbotan_(at)_linuxmail.org, SMBlog Remote Command Exucetion (02.03.2006)
 documentrgod_(at)_autistici.org, 4images <=1.7.1 remote code execution (02.03.2006)
 document:) :), PHP Advanced Transfer Manager Download users password hashes (02.03.2006)
 documentCyber Lords, Active XSS in Invision Power Board 2.1.4 (02.03.2006)
 documentr0t, NZ Ecommerce SQL&XSS vuln. (02.03.2006)

Evolution mail agent DoS
Published:02.03.2006
Source:
SecurityVulns ID:5848
Type:client
Threat Level:
5/10
Description:Large plain text message with large number of URL causes application to hang.
Affected:GNOME : Evolution 2.4
Original documentdocumentAlan Cox, Evolution Emailer DoS (02.03.2006)

Multipl NCP Secure Communications VPN / PKI client security vulnerabilities
Published:02.03.2006
Source:
SecurityVulns ID:5849
Type:remote
Threat Level:
5/10
Description:Local buffer overflows and privilege escalations, remote DoS.
Affected:NCP : Secure Communications 8.11
Original documentdocumentRamon 'ports' Kukla, NCP VPN/PKI Client - various Bugs (02.03.2006)

Apple MacOS X passwd privilege escalation
updated since 02.03.2006
Published:03.03.2006
Source:
SecurityVulns ID:5847
Type:local
Threat Level:
6/10
Description:Few vulnerabilities (symbolic links, race conditions) allow any system files editing.
Affected:APPLE : MacOS X 10.3
 APPLE : Mac OS X 10.4
Original documentdocumentIDEFENSE, iDefense Security Advisory 03.02.06: Apple Mac OS X passwd Arbitrary Binary File Creation/Modification (03.03.2006)
 documentVade 79, [OSX]: /usr/bin/passwd local root exploit. (02.03.2006)
Files:/usr/bin/passwd[OSX]: local root exploit

irssi IRC client / multiple routers DoS
updated since 02.03.2006
Published:05.03.2006
Source:
SecurityVulns ID:5850
Type:client
Threat Level:
5/10
Description:Crash on DCC commands processing. Multiple routers with VxWorks embedded process IRC requests and drop IRC connection.
Affected:IRSSI : irssi 0.8
 LINKSYS : WRT54G
Original documentdocumentCade Cairns, linksys router + irc DoS (05.03.2006)
 documentryanmeyer14_(at)_netscape.net, Various router DoS (05.03.2006)
 documentUBUNTU, [USN-259-1] irssi vulnerability (02.03.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod