Computer Security
[EN] securityvulns.ru no-pyccku


Nvidia for Linux / Solaris graphic drivers buffer overflow
updated since 19.10.2006
Published:03.11.2006
Source:
SecurityVulns ID:6728
Type:library
Threat Level:
5/10
Description:Integer overflow in _nv000053X function leads to buffer overflow.
Affected:NVIDIA : NVIDIA Driver For Linux 1.0
 NVIDIA : NVIDIA Driver For Solaris 1.0
Original documentdocumentSECUNIA, [SA22676] Sun Solaris NVIDIA Graphics Driver Buffer Overflow Vulnerability (03.11.2006)
 documentRapid 7 Security Advisories, Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux (19.10.2006)

PHP functions buffer overflow
Published:03.11.2006
Source:
SecurityVulns ID:6772
Type:library
Threat Level:
8/10
Description:Buffer overflow in htmlentities() and htmlspecialchars() on UTF-8 encoding.
Affected:PHP : PHP 4.4
 PHP : PHP 5.1
Original documentdocumentStefan Esser, [Full-disclosure] Advisory 13/2006: PHP HTML Entity Encoder Heap Overflow Vulnerability (03.11.2006)
Files:PHP <= 4.4.4/5.1.6 htmlentities() Local Buffer Overflow PoC

pam_ldap protection bypass
Published:03.11.2006
Source:
SecurityVulns ID:6773
Type:remote
Threat Level:
5/10
Description:It's possible to login into a suspended system account.
Affected:LIBPAMLDAP : libpam-ldap 178
 LIBPAMLDAP : libpam-ldap 180
Original documentdocumentDEBIAN, [SECURITY] [DSA 1203-1] New libpam-ldap packages fix access control bypass (03.11.2006)

ingo1 mail processor shell characters problem
Published:03.11.2006
Source:
SecurityVulns ID:6774
Type:remote
Threat Level:
5/10
Description:Insufficient shell characters filtering during procmail rules creation allows code execution.
Affected:INGO1 : ingo1 1.0
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1204-1] New ingo1 packages fix arbitrary shell command execution (03.11.2006)

iodine client buffer overflow
Published:03.11.2006
Source:
SecurityVulns ID:6775
Type:client
Threat Level:
5/10
Description:Buffer overflow on DNS server response parsing.
Affected:IODINE : iodine 0.3
Original documentdocumentpoplix_(at)_papuasia.org, iodine client 0.3.2 buffer overflow (03.11.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:03.11.2006
Source:
SecurityVulns ID:6776
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPMYADMIN : phpmyadmin 2.9
 MODXCMS : MODx CMS 0.9
 POSTNUKE : PostNuke 0.763
 FREEWEBSHOP : FreeWebshop 2.2
Original documentdocumentSECUNIA, [SA22690] Yazd Discussion Forum Two Security Bypass Issues (03.11.2006)
 documentMILW0RM, FreeWebshop.org Script <= 2.2.2 Multiple Remote Vulnerabilities (03.11.2006)
 documentnuffsaid, MODx CMS 0.9.2.1 (base_path) Remote File Include Vulnerability (03.11.2006)
 documentStefan Esser, Advisory 12/2006: phpMyAdmin - error.php XSS Vulnerability (03.11.2006)
Files:PostNuke <= 0.763 Remote Code Execution Exploit

Multiple HP System Management Homepage security vulnerabilities
Published:03.11.2006
Source:
SecurityVulns ID:6777
Type:remote
Threat Level:
5/10
Description:Protection bypass, crossite scripting.
Affected:HP : HP System Management Homepage 2.1
Original documentdocumentHP, [security bulletin] HPSBMA02159 SSRT061238 rev.1 - HP System Management Homepage (SMH), Remote Bypassing of Security Features or Cross Site Scripting or Denial of Service (DoS) (03.11.2006)

Linux kernel squashfs module double free()
Published:03.11.2006
Source:
SecurityVulns ID:6778
Type:local
Threat Level:
5/10
Original documentdocumentSECUNIA, [SA22655] Fedora Core squashfs Local Denial of Service Vulnerability (03.11.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod