Computer Security
[EN] securityvulns.ru no-pyccku


unicon-imc2 code execution
Published:02.07.2007
Source:
SecurityVulns ID:7881
Type:library
Threat Level:
5/10
Description:Unsafe environment variable usage.
Affected:UNICON : unicon 3.0
CVE:CVE-2007-2835 (Multiple stack-based buffer overflows in (1) CCE_pinyin.c and (2) xl_pinyin.c in ImmModules/cce/ in unicon-imc2 3.0.4, as used by zhcon and other applications, allow local users to gain privileges via a long HOME environment variable.)
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1328-1] New unicon-imc2 packages fix buffer overflow (02.07.2007)

Firebird database server buffer overflow
Published:02.07.2007
Source:
SecurityVulns ID:7876
Type:remote
Threat Level:
8/10
Description:Buffer overflow on database connect request processing.
Affected:FIREBIRD : Firebird SQL 2.0
CVE:CVE-2007-3181 (Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll.")
Original documentdocumentGENTOO, [Full-disclosure] [ GLSA 200707-01 ] Firebird: Buffer overflow (02.07.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:02.07.2007
Source:
SecurityVulns ID:7877
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MOODLE : Moodle 1.7
Original documentdocumentdurito, уязвимость в Liesbeth base CMS (02.07.2007)
 documentMustLive, Vulnerability in Moodle (02.07.2007)

Yoggie Pico Pro security appliance code execution
Published:02.07.2007
Source:
SecurityVulns ID:7878
Type:remote
Threat Level:
5/10
Description:Unfiltered Web interface shell characters.
Affected:YOGGIE : Yoggie Pico Pro
Original documentdocumentCody Brocious, [Full-disclosure] Yoggie Pico Pro Remote Code Execution (02.07.2007)

gsambad Samba configuration tool symboc links vulnerability
Published:02.07.2007
Source:
SecurityVulns ID:7880
Type:local
Threat Level:
5/10
Description:Symbolic links problem on temporary files creation.
Affected:GSAMBAD : gsambad 0.1
CVE:CVE-2007-2838 (The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file.)
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1327-1] New gsambad packages fix unsafe temporary files (02.07.2007)

fireflier-server firewall configuration tool symbolic links vulnerability
Published:02.07.2007
Source:
SecurityVulns ID:7879
Type:local
Threat Level:
5/10
Description:Symbolic links vulnerability on temporary files creation.
Affected:FIREFLIERT : fireflier 1.1
CVE:CVE-2007-2837 (The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server) in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file.)
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1326-1] New fireflier-server packages fix unsafe temporary files (02.07.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod