Computer Security
[EN] securityvulns.ru no-pyccku


flamethrower symbolic links vulnerability
Published:02.12.2008
Source:
SecurityVulns ID:9473
Type:local
Threat Level:
5/10
Description:Insecure temporary files creation.
Affected:FLAMETHROWER : flamethrower 0.1
CVE:CVE-2008-5141 (flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar.##### temporary file.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1676-1] New flamethrower packages fix denial of service (02.12.2008)

Rumpus buffer overflows
Published:02.12.2008
Source:
SecurityVulns ID:9474
Type:remote
Threat Level:
5/10
Description:Multiple HTTP and FTP buffer overflows.
Affected:MAXUM : Rumpus 6.0
Original documentdocumentNam Nguyen, [BMSA 2008-09] Two buffer overflow vulnerabilities in Rumpus v6.0 (02.12.2008)

ClamAV antivirus JPEG files DoS
Published:02.12.2008
Source:
SecurityVulns ID:9475
Type:remote
Threat Level:
5/10
Description:Endless recursion on malformed JPEG file processing.
Affected:CLAMAV : ClamAV 0.94
Files:recursive stack overflow in jpeg parsing code

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:02.12.2008
Source:
SecurityVulns ID:9476
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CoBreeder: Crossite scripting.
Affected:ASSOCIATED : AssoCIateD 1.4
Original documentdocumentl1un_(at)_hotmail.com, Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass" (02.12.2008)
 documenttan_prathan_(at)_hotmail.com, AssoCIateD 1.4.4 Remote Cross Site Scripting Vulnerability (02.12.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod