Computer Security
[EN] securityvulns.ru no-pyccku


Linux kernel multiple security vulnerabilities
Published:02.06.2009
Source:
SecurityVulns ID:9955
Type:client
Threat Level:
6/10
Description:CIFS client buffer overflow, Xen DoS, nfs4 files execution.
Affected:LINUX : kernel 2.6
CVE:CVE-2009-1758 (The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in "certain address ranges.")
 CVE-2009-1633 (Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c.)
 CVE-2009-1630 (The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1809-1] New Linux 2.6.26 packages fix several vulnerabilities (02.06.2009)

Safenet SoftRemote buffer overflow
Published:02.06.2009
Source:
SecurityVulns ID:9956
Type:remote
Threat Level:
8/10
Description:Buffer overflow in UDP/62514 port IKE service
Affected:SAFENET : SoftRemote 10.8
Original documentdocumentZDI, ZDI-09-024: Safenet SoftRemote IKE Service Remote Stack Overflow Vulnerability (02.06.2009)

Multiple ACDSee applications vulnerabilities
Published:02.06.2009
Source:
SecurityVulns ID:9957
Type:client
Threat Level:
5/10
Description:Buffer overflow on TIFF images and font parsing.
Affected:ACDSEE : ACDSee Photo Manager 2009
 ACDSEE : ACDSee Photo Manager 2008
 ACDSEE : ACDSee Pro Photo Manager 2.5
Original documentdocumentVUPEN Security Research, ACDSee Products TIFF and Font Parsing Buffer Overflow Vulnerabilities (02.06.2009)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:02.06.2009
Source:
SecurityVulns ID:9958
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:DRUPAL : Drupal 6.11
 ONLINEGRADES : Online Grades & Attendance 3.2
Original documentdocumentwhite_(at)_debian.org, [SECURITY] [DSA 1808-1] New drupal6 packages fix insufficient input sanitising (02.06.2009)
 documenty3nh4ck3r_(at)_gmail.com, (Post Form --> 'cc') Blind (SQLi) EXPLOIT --Online Grades & Attendance <= v-3.2.6--> (02.06.2009)
 documenty3nh4ck3r_(at)_gmail.com, MULTIPLE LOCAL FILE INCLUSION VULNERABILITIES -- Online Grades & Attendance <= v-3.2.6 --> (02.06.2009)
Files:Blind (SQLi) EXPLOIT Online Grades & Attendance v-3.2.6

ASMAX AR 804 gu router commands execution
Published:02.06.2009
Source:
SecurityVulns ID:9959
Type:remote
Threat Level:
5/10
Description:System commands execution via Web interface.
Affected:ASMAX : ASMAX AR 804gu
Original documentdocumentmichal.sajdak_(at)_securitum.pl, ASMAX AR 804 gu Web Management Console Arbitrary Shell Command Injection Vulnerability (02.06.2009)

Apple QuickTime multiple security vulnerabilities
updated since 02.06.2009
Published:04.06.2009
Source:
SecurityVulns ID:9953
Type:client
Threat Level:
7/10
Description:Buffer overflows and memory corruptions on PICT, CRGN, FLC, PSD, AVI, Sorenson Video 3, JPEG2000 parsing.
Affected:QUICKTIME : QuickTime 7.6
CVE:CVE-2009-0957 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image.)
 CVE-2009-0954 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie file containing crafted Clipping Region (CRGN) atom types.)
 CVE-2009-0953 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.)
 CVE-2009-0952 (Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted compressed PSD image.)
 CVE-2009-0951 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC compression file.)
 CVE-2009-0188 (Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.)
 CVE-2009-0185 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.)
 CVE-2009-0010 (Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, and Apple QuickTime before 7.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a crafted 0x77 Poly tag and a crafted length field, which triggers a heap-based buffer overflow.)
Original documentdocumentRoee Hay, Advisory: Apple QuickTime Image Description Atom Sign Extension Memory Corruption (04.06.2009)
 documentZDI, ZDI-09-030: Apple Quicktime PICT Opcode 0x71 Heap Overflow Vulnerability (02.06.2009)
 documentZDI, ZDI-09-029: Apple QuickTime Jpeg2000 Marker Size Heap Overflow Vulnerability (02.06.2009)
 documentSECUNIA, Secunia Research: QuickTime Sorenson Video 3 Content Parsing Vulnerability (02.06.2009)
 documentSECUNIA, Secunia Research: Apple QuickTime MS ADPCM Encoding Buffer Overflow (02.06.2009)
 documentZDI, ZDI-09-028: Apple QuickTime CRGN Atom Parsing Heap Buffer Overflow Vulnerability (02.06.2009)
 documentZDI, ZDI-09-027: Apple Quicktime PICT Opcode 0x8201 Heap Overflow Vulnerability (02.06.2009)
 documentZDI, ZDI-09-026: Apple QuickTime Packed-bit Decoding Heap Overflow Vulnerability (02.06.2009)
 documentZDI, ZDI-09-025: Apple Quicktime Picture Viewer FLC Delta-Encoded Frame Decompression Vulnerability (02.06.2009)

Apache apr-util webDav DoS
updated since 02.06.2009
Published:05.06.2009
Source:
SecurityVulns ID:9954
Type:remote
Threat Level:
5/10
Description:Memory consuption on large number of Entity elements.
Affected:APACHE : Apr-util 1.2
CVE:CVE-2009-1956 (Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.)
 CVE-2009-1955 (The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.)
 CVE-2009-0023 (The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1812-1] New apr-util packages fix several vulnerabilities (05.06.2009)
 documentKingcope Kingcope, The father of all bombs - another webdav fiasco (02.06.2009)
Files:Apache mod_dav / svn Remote Denial of Service Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod