Computer Security
[EN] securityvulns.ru no-pyccku


Apple Airport unauthorized network access
Published:04.03.2010
Source:
SecurityVulns ID:10660
Type:client
Threat Level:
6/10
Description:FTP proxy functionality doesn't check PORT command arguments allowing to map external port to any internal port of any internal address.
Affected:APPLE : AirPort Extreme
 APPLE : Airport Express
 APPLE : Time Capsule
Original documentdocumentSabahattin Gucukoglu, Apple Airport Wireless Products: Promiscuous FTP PORT Allowed in FTP Proxy Provides Security Bypass (04.03.2010)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 04.03.2010
Published:04.03.2010
Source:
SecurityVulns ID:10661
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:DRUPAL : Drupal 6.15
 DRUPAL : Drupal 5.21
 DATALIFE : DataLife Engine 8.3
Original documentdocumentMustLive, Vulnerabilities in DataLife Engine (04.03.2010)
 documentMarty Barbella, Open redirection vulnerability in the Drupal API function drupal_goto (Drupal 6.15 and 5.21) (04.03.2010)

Authentium Command on demand online scanner ActiveX buffer overflow
Published:04.03.2010
Source:
SecurityVulns ID:10663
Type:client
Threat Level:
5/10
Description:Buffer overflow in InstallProduct methods.
Original documentdocumentNSO Research, NSOADV-2010-006: Authentium Command Free Scan ActiveX Control buffer overflow (04.03.2010)

McAfee LinuxShield privilege escalation
Published:04.03.2010
Source:
SecurityVulns ID:10669
Type:local
Threat Level:
5/10
Description:nailsd (TCP/65443) service allows authenticated user to manipulate files with nailsd permissions.
Affected:MCAFEE : LinuxShield 1.5
Original documentdocumentNSO Research, NSOADV-2010-004: McAfee LinuxShield remote/local code execution (04.03.2010)

fcron fcrontab symbolic links vulnerabilities
Published:04.03.2010
Source:
SecurityVulns ID:10662
Type:local
Threat Level:
5/10
Description:Few race conditions.
Affected:FCRON : fcron 3.0
CVE:CVE-2010-0792 (fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file.)
Original documentdocumentDan Rosenberg, fcrontab Information Disclosure Vulnerability (04.03.2010)

cups lppasswd format string vulnerability
Published:04.03.2010
Source:
SecurityVulns ID:10664
Type:local
Threat Level:
6/10
Description:Format string vulnerability via LOCALEDIR environment variable.
Affected:CUPS : cups 1.3
CVE:CVE-2010-0393 (The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2007-1] New cups packages fix arbitrary code execution (04.03.2010)

Cisco Digital Media Players unauthorized access
Published:04.03.2010
Source:
SecurityVulns ID:10665
Type:remote
Threat Level:
6/10
Description:It's possible to inject video/audio data into remote display.
Affected:CISCO : Cisco Digital Media Player 5.1
CVE:CVE-2010-0573 (Unspecified vulnerability on the Cisco Digital Media Player before 5.2 allows remote attackers to hijack the source of (1) video or (2) data for a display via unknown vectors, related to a "content injection" issue, aka Bug ID CSCtc46024.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco Digital Media Player Remote Display Unauthorized Content Injection Vulnerability (04.03.2010)

Cisco Digital Media Manager multiple security vulnerabilities
Published:04.03.2010
Source:
SecurityVulns ID:10666
Type:remote
Threat Level:
6/10
Description:default credentials, privilege escalation, information leak.
Affected:CISCO : Cisco Digital Media Manager 5.0
 CISCO : Cisco Digital Media Manager 5.1
CVE:CVE-2010-0572 (Cisco Digital Media Manager (DMM) before 5.2 allows remote authenticated users to discover Cisco Digital Media Player credentials via vectors related to reading a (1) error log or (2) stack trace, aka Bug ID CSCtc46050.)
 CVE-2010-0571 (Unspecified vulnerability in Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x allows remote authenticated users to gain privileges via unknown vectors, and consequently execute arbitrary code via a crafted web application, aka Bug ID CSCtc46008.)
 CVE-2010-0570 (Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default password for the Tomcat administration account, which makes it easier for remote attackers to execute arbitrary code via a crafted web application, aka Bug ID CSCta03378.)
Original documentdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco Digital Media Manager (04.03.2010)

Cisco Unified Communications Manager DoS
Published:04.03.2010
Source:
SecurityVulns ID:10667
Type:remote
Threat Level:
5/10
Description:DoS on SIP and SCCP (Skinny) protocols, on CTI Manager (TCP/2748) request parsing.
Affected:CISCO : Unified Communications Manager 6.1
 CISCO : Unified Communications Manager 7.0
 CISCO : Unified Communications Manager 7.1
 CISCO : Unified Communications Manager 8.0
 CISCO : Unified Communications Manager 4.3
CVE:CVE-2010-0592 (The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of service (service failure) via a malformed message, aka Bug ID CSCsu31800.)
 CVE-2010-0591 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to an overflow of the Telephone-URL field, aka Bug ID CSCtc62362.)
 CVE-2010-0590 (The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(3a)su1 and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP Register message, aka Bug ID CSCtc37188.)
 CVE-2010-0588 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP (1) RegAvailableLines or (2) FwdStatReq message with an invalid Line number, aka Bug ID CSCtc47823.)
 CVE-2010-0587 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message with an invalid MaxCap field, aka Bug ID CSCtc38985.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities (04.03.2010)

Apache mod_proxy_ajp DoS
Published:04.03.2010
Source:
SecurityVulns ID:10668
Type:remote
Threat Level:
5/10
Description:Resources are not freed if client closes connection before request body is sent.
Affected:APACHE : Apache 2.2
Files:Revision 917876

Novell eDirectory DoS
Published:04.03.2010
Source:
SecurityVulns ID:10670
Type:remote
Threat Level:
5/10
Description:Crash on SOAP novell.embox.connmgr.serverinfo action request processing.
Original documentdocumentZDI, ZDI-10-024: Novell eDirectory SOAP Request Parsing Denial of Service Vulnerability (04.03.2010)

Luxology Modo 401 integer overflow
Published:04.03.2010
Source:
SecurityVulns ID:10671
Type:local
Threat Level:
3/10
Description:Integer overflow on .LXO files parsing.
Affected:LUXOLOGY : Modo 401
CVE:CVE-2010-0766 (Integer overflow in the Swap4 function in valet4.dll in Luxology Modo 401 allows user-assisted remote attackers to execute arbitrary code via a .LXO file containing a CHNL subchunk associated with an invalid length.)
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, Luxology Modo 401 .LXO Integer Overflow (04.03.2010)

IBM Lotus Domino ActiveX buffer overflow
Published:04.03.2010
Source:
SecurityVulns ID:10672
Type:client
Threat Level:
5/10
Description:Buffer overflow in Domino Web Access ActiveX.
Original documentdocumentIDEFENSE, iDefense Security Advisory 03.02.10: IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability (04.03.2010)

librpc.dll library multiple security vulnerabilities
Published:04.03.2010
Source:
SecurityVulns ID:10673
Type:library
Threat Level:
6/10
Description:Multiple buffer overflows and integer overflows.
CVE:CVE-2009-2754 (Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow.)
 CVE-2009-2753 (Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute arbitrary code via a crafted parameter size.)
Original documentdocumentZDI, ZDI-10-022: IBM Informix librpc.dll Multiple Remote Code Execution Vulnerabilities (04.03.2010)
 documentZDI, ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability (04.03.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod