Computer Security
[EN] no-pyccku

Outpost firewall DoS
SecurityVulns ID:7769
Threat Level:
Description:Local user can cause partial denial of system services by manipulating outpost_ipc_hdr mutex.
Affected:AGNITUM : Outpost Firewall Pro 4.0
Original documentdocumentMatousec - Transparent security Research, Outpost Enforcing system reboot with 'outpost_ipc_hdr' mutex Vulnerability (03.06.2007)

APC PowerChute Network Shutdown directory traversal
SecurityVulns ID:7771
Threat Level:
Description:Directory traversal in Acme.Serve embedded web server with %5c and %2e.
Affected:APC : PowerChute Network Shutdown 2.21
CVE:CVE-2001-0748 (Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI.)
Original documentdocumentguiness.stout, [Full-disclosure] APC PowerChute Network Shutdown 2.21 is vulnerable to directory transversal (03.06.2007)

Symantec VERITAS Storage Foundation multiple security vulnerabilities
updated since 03.06.2007
SecurityVulns ID:7770
Threat Level:
Description:DoS via resource consumption against TCP/8199 administrative service. VxSchedService.exe (TCP/4888) scheduler service authentication bypass and code execution.
Affected:SYMANTEC : VERITAS Storage Foundation 4.3
CVE:CVE-2007-2279 (The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\VxSvc\CurrentVersion\Schedules specifying future command execution.)
 CVE-2007-1593 (The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows 3.1 through 4.3, and VVR for Unix 3.5 through 5.0, in Symantec Storage Foundation products allows remote attackers to cause a denial of service (memory consumption and service crash) via a crafted packet to the service port (8199/tcp) that triggers a request for more memory than available, which causes the service to write to an invalid pointer.)
Original documentdocument3COM, TPTI-07-08: Symantec Veritas Storage Foundation Scheduler Service Authentication Bypass Vulnerability (05.06.2007)
 documentSYMANTEC, SYM07-009,Symantec Storage Foundation for Windows Volume Manager: Authentication Bypass and Potential Code Execution in Scheduler Service (05.06.2007)
 documentIDEFENSE, iDefense Security Advisory 06.01.07: Symantec VERITAS Storage Foundation Administration Service DoS Vulnerability (03.06.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod