Computer Security
[EN] securityvulns.ru no-pyccku


Sybase Adaptive Server Backup / Monitor Server Translation security vulnerabilities
Published:03.08.2011
Source:
SecurityVulns ID:11828
Type:remote
Threat Level:
6/10
Description:Different code execution vulnerabilities
Affected:SYBASE : Sybase Open Server 15.5
Original documentdocumentZDI, ZDI-11-246: Sybase Adaptive Server Backup and Monitor Server NULL Write Remote Code Execution Vulnerability (03.08.2011)
 documentZDI, ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability (03.08.2011)

Citrix XenApp / XenDesktop security vulnerabilities
Published:03.08.2011
Source:
SecurityVulns ID:11829
Type:remote
Threat Level:
6/10
Description:Buffer overflow, heap memory corruption.
Affected:CITRIX : XenDesktop 4
 CITRIX : XenApp 6
Original documentdocumentsecurity_(at)_nruns.com, n.runs-SA-2011.001 - Citrix XenApp / XenDesktop Stack-Based Buffer Overflow (03.08.2011)
 documentsecurity_(at)_nruns.com, n.runs-SA-2011.002 - Citrix XenApp / XenDesktop XML Service Heap Corruption (03.08.2011)

Flexera FlexNet License Server Manager buffer overflow
Published:03.08.2011
Source:
SecurityVulns ID:11830
Type:remote
Threat Level:
5/10
Description:Buffer overflow in TCP/27000 request processing.
Original documentdocumentZDI, ZDI-11-244: (0day) FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability (03.08.2011)

Cisco TelePresence Recording Server default account
Published:03.08.2011
Source:
SecurityVulns ID:11831
Type:remote
Threat Level:
5/10
Description:root account hat default password.
Affected:CISCO : TelePresence Recording Server 1.7
CVE:CVE-2011-2555 (Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a default password for the root administrator account, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtr76182.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability (03.08.2011)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:03.08.2011
Source:
SecurityVulns ID:11832
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WORDPRESS : Register Plus 3.5
 HESK : hesk 2.2
Original documentdocumentMustLive, Многичесленные уязвимости в Register Plus для WordPress (03.08.2011)
 documentHigh-Tech Bridge Security Research, Multiple XSS in HESK (03.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, cgcraft llc (collections.php?id) Cross Site Scripting Vulnerabilities (03.08.2011)

dhcpcd shell characters vulnerability
Published:03.08.2011
Source:
SecurityVulns ID:11827
Type:remote
Threat Level:
5/10
Description:Shell characters vulnerability in the hostname.
Affected:DHCPCD : dhcpcd 5.12
CVE:CVE-2011-0996 (dhcpcd before 5.2.12 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.)
Original documentdocumentSLACKWARE, [slackware-security] dhcpcd (SSA:2011-210-02) (03.08.2011)

LibAVCodec / FFMpeg / VLC index array overflow
updated since 27.04.2011
Published:03.08.2011
Source:
SecurityVulns ID:11631
Type:library
Threat Level:
6/10
Description:Index array overflow on AMV files parsing.
Affected:VLC : VLC media player 1.1
CVE:CVE-2011-1931 (sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.)
Original documentdocumentResearch@NGSSecure, NGS00068 Technical Advisory - LibAVCodec AMV Out of Array Write (03.08.2011)
 documentResearch@NGSSecure, NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write (27.04.2011)
 documentResearch@NGSSecure, NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write (27.04.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod