Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:03.05.2009
Source:
SecurityVulns ID:9888
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:LEAPCMS : Leap CMS 0.1
 BIOSCRIPTSDB : MiniTwitter 0.2
Original documentdocumenty3nh4ck3r_(at)_gmail.com, USER OPTIONS CHANGER EXPLOIT --MiniTwitter v0.2-Beta+-> (03.05.2009)
 documenty3nh4ck3r_(at)_gmail.com, MULTIPLE SQL INJECTION VULNERABILITIES --MiniTwitter v0.2-Beta--> (03.05.2009)
 documenty3nh4ck3r_(at)_gmail.com, BLIND SQL INJECTION--Leap CMS 0.1.4--> (03.05.2009)
Files:Exploits BLIND SQL INJECTION Leap CMS 0.1.4
 USER OPTIONS CHANGER EXPLOIT MiniTwitter v0.2-Beta

Addonics NAS Adapter multiple security vulnerabilities
updated since 21.04.2009
Published:03.05.2009
Source:
SecurityVulns ID:9863
Type:local
Threat Level:
5/10
Description:Buffer overflow with HTTP requests, FTP DoS.
Affected:ADDONICS : Addonics NAS Adapter
Original documentdocumentmcyr2_(at)_csc.com, Addonics NAS Adapter FTP Remote Denial of Service (03.05.2009)
 documentmcyr2_(at)_csc.com, Addonics NAS Adapter (bts.cgi) Remote DoS Exploit (post-auth) (21.04.2009)

Browsers and search systems URL spoofing
updated since 27.04.2009
Published:03.05.2009
Source:
SecurityVulns ID:9874
Type:remote
Threat Level:
5/10
Description:By using %xx in host name it's possible to spoof URL origin.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MOZILLA : Firefox 1.7
Original documentdocumentMustLive, URL Spoofing vulnerabilities in browsers and search engines (03.05.2009)
 documentMustLive, URL Spoofing vulnerability in GoogleBot, Yahoo! Slurp, Mozilla and Internet Explorer #2 (01.05.2009)
 documentMustLive, URL Spoofing vulnerability in GoogleBot, Yahoo! Slurp, Mozilla and Internet Explorer (27.04.2009)

OpenBSD pf DoS
updated since 13.04.2009
Published:03.05.2009
Source:
SecurityVulns ID:9830
Type:remote
Threat Level:
7/10
Description:Null pointer dereferenceon malformed IPv4 packet with ICMPv6 data.
Affected:OPENBSD : OpenBSD 4.3
 OPENBSD : OpenBSD 4.4
 NETBSD : OpenBSD 4.5
Original documentdocumentrembrandt, multiple vendor - PF NULL pointer dereference (03.05.2009)
 documentrembrandt, OpenBSD 4.3 up to OpenBSD-current: PF null pointer dereference - remote DoS (kernel panic) (13.04.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod