 |
|
|
|
HP System Management Homepage crossite scripting
updated since 21.05.2009 | | Published: |  | 04.02.2010 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 9924 | | Type: |  | remote | | Level: |  | 4/10 |
| Microsoft Internet Explorer information leak | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10575 | | Type: | | client | | Level: | | 8/10 | | Description: |  | It's possible to retrieve any file from client computer via URLMON and Dynamic OBJECT tag. |
| Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 04.02.2010 | | Source: | | | | SecurityVulns ID: | | 10584 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: |  | BUGZILLA : Bugzilla 3.0 | | | | MOODLE : Moodle 1.8 | | | | MOODLE : Moodle 1.9 | | | | BUGZILLA : Bugzilla 3.2 | | | | DIGGERSOLUTIONS : Intranet Open Source 2.7 | | | | PLATFORMASSOCIAT : tinypug 0.9 | | | | BUGZILLA : Bugzilla 3.4 | | | | BUGZILLA : Bugzilla 3.5 | | | | DRUPAL : MP3 Player 1.0 module for Drupal | | | | TAVANMAND : Tavanmand Portal 1.1 | | | | OCSINVENTORYNG : OCS Inventory NG 1.3 | | | | TRACGIT : trac-git 0.0 | | CVE: |  | CVE-2010-0394 | | | | CVE-2009-4305 (SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title).") | | | | CVE-2009-4303 (Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores (1) password hashes and (2) unspecified "secrets" in backup files, which might allow attackers to obtain sensitive information.) | | | | CVE-2009-4302 (login/index_form.html in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 links to an index page on the HTTP port even when the page is served from an HTTPS port, which might cause login credentials to be sent in cleartext, even when SSL is intended, and allows remote attackers to obtain these credentials by sniffing.) | | | | CVE-2009-4301 (mnet/lib.php in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7, when MNET services are enabled, does not properly check permissions, which allows remote authenticated servers to execute arbitrary MNET functions.) | | | | CVE-2009-4299 (mod/glossary/showentry.php in the Glossary module for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not properly perform access control, which allows attackers to read unauthorized Glossary entries via unknown vectors.) | | | | CVE-2009-4298 (The LAMS module (mod/lams) for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores the (1) username, (2) firstname, and (3) lastname fields within the user table, which allows attackers to obtain user account information via unknown vectors.) | | | | CVE-2009-4297 (Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.) |
| Original document |  | DEBIAN, [SECURITY] [DSA-1990-1] New trac-git packages fix code execution (04.02.2010) |
| | | DEBIAN, [SECURITY] [DSA-1990-2] New trac-git package fixes regression (04.02.2010) |
| | | Nicolas DEROUET, OCS Inventory NG Server <= 1.3b3 (login) Remote Authentication Bypass (04.02.2010) |
| | | ProCheckUp Research, PR09-19: Cross-Site Scripting (XSS) on CommonSpot server (04.02.2010) |
| | | info_(at)_securitylab.ir, Tavanmand Portal (fckeditor) Remote Arbitrary File Upload Vulnerability (04.02.2010) |
| | | info_(at)_securitylab.ir, eWebeditor ASP Version Multiple Vulnerabilities (04.02.2010) |
| | | Marty Barbella, XSS vulnerability in Drupal's MP3 Player contributed module (version 6.x-1.0-beta1) (04.02.2010) |
| | | md.r00t.defacer_(at)_gmail.com, Joomla (com_gambling) SQL Injection Vulnerabilities (04.02.2010) |
| | | BUGZILLA, Security Advisory for Bugzilla 3.0.10, 3.2.5, 3.4.4, and 3.5.2 (04.02.2010) |
| | | info_(at)_securitylab.ir, RaakCms Multiple Vulnerabilities (04.02.2010) |
| | | admin_(at)_bugreport.ir, Tinypug Multiple Vulnerabilities (04.02.2010) |
| | | ben_(at)_visionsource.org, OpenCart CSRF Vulnerability (04.02.2010) |
| | | DEBIAN, [SECURITY] [DSA 1986-1] New moodle packages fix several vulnerabilities (04.02.2010) |
| | | Inj3ct0r.com, show data sources ite config exploit (04.02.2010) |
| | | Inj3ct0r.com, Cpanel Bypass Safe mode [ extract tar.gz by Cpanel ] (04.02.2010) |
| | | MustLive, Vulnerabilities in Hydra Engine (04.02.2010) |
| maildrop privilege escalation | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10586 | | Type: | | local | | Level: | | 6/10 |
| AOL buffer overflow | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10577 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overflow on vCard (.vcf) files parsing. |
| HP OpenVMS Record Management Services privilege escalation | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10579 | | Type: | | local | | Level: | | 5/10 |
| CVE: | | CVE-2010-0443 (Unspecified vulnerability in Record Management Services (RMS) before VMS83A_RMS-V1100 for HP OpenVMS on the Alpha platform allows local users to gain privileges via unknown vectors.) |
| Apple iPhone cryptographic weakness | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10583 | | Type: | | client | | Level: | | 5/10 | | Description: | | Certificate key usage is not checked during validation of .mobileconfig wireless autoconfiguration file. |
| HP StorageWorks Tape Autoloader privilege escalation | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10576 | | Type: | | local | | Level: | | 5/10 | | Description: | | Web interface allows non-privileged user to obtain administrative privileges. |
| Asterisk integer overflow | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10578 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Integer overflow on T.38 over SIP FaxMaxDatagram field parsing. |
| Affected: | | ASTERISK : Asterisk 1.6 | | CVE: | | CVE-2010-0441 (Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service (daemon crash) via an SIP T.38 negotiation with an SDP FaxMaxDatagram field that is (1) missing, (2) modified to contain a negative number, or (3) modified to contain a large number.) |
| Corel Paint Shop Pro buffer overflow | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10580 | | Type: | | local | | Level: | | 4/10 | | Description: | | Heap buffer overflow on FPX format parsing. |
Linux kernel multiple security vulnerabilities
updated since 04.02.2010 | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10581 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Buffer overflow on ISDN HDLC packet, gdth driver IOCTL privilege escalation, devtmpfs weak permissions. |
| CVE: | | CVE-2010-0299 | | | | CVE-2009-4005 (The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read.) | | | | CVE-2009-3080 |
| Cisco Secure Desktop crossite scripting | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10582 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Crossite scripting via POST request to https://{IP}//+CSCOT+/translation?textdomain=csd&prefix=trans&lang=en-us |
| Affected: | | CISCO : Cisco Secure Desktop 3.4 | | CVE: | | CVE-2010-0440 (Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is not properly handled by an eval statement in binary/mainv.js that writes to start.html.) |
| jBCrypt library cryptographic vulnerability | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10585 | | Type: | | library | | Level: | | 6/10 | | Description: | | non-ASCII characters are converted to '?' befor hash calculation. |
| Samba race conditions | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10587 | | Type: | | local | | Level: | | 5/10 | | Description: | | Race conditions in mount.cifs utility. |
| Xerox Workcenter 4150 DoS | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10588 | | Type: | | remote | | Level: | | 3/10 | | Description: | | assert() on PJL parsing |
| squid proxy server DoS | | Published: | | 04.02.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10589 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Crash on authentication, crash on DNS reply parsing. |
|
|
|
|
|
|
|
|
