Computer Security

Search:Vulnerability:04.10.2006
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Jetty directory traversal
updated since 03.10.2002
Published:04.10.2006
Source:BUGTRAQ
SecurityVulns ID:2321
Type:remote
Level:5/10
Description:Directory traversal on CGI apllications access.
Affected:MORTBAY : Jetty 4.0
 IBM : IBM Trading Partner Interchange 4.2
 MORTBAY : Jetty 4.1
 JETTY : Jetty 4.2
 CA : Unicenter WSDM 3.1
Original documentdocumentCA, [CAID 34661]: CA Unicenter WSDM File System Read Access Vulnerability (04.10.2006)
 documentSECUNIA, [SA12703] IBM Trading Partner Interchange Arbitrary File Access Vulnerability (06.10.2004)
 documentMatt Moore, wp-02-0011: Jetty CGIServlet Arbitrary Command Execution (03.10.2002)
Discuss:Read or add your comments to this news (0 comments)

HP Ignite-UX Server unauthorized access
Published:04.10.2006
Source:BUGTRAQ
SecurityVulns ID:6678
Type:remote
Level:6/10
Affected:HP : HP-UX 11.11
 HP : HP-UX 11.23
Original documentdocumentHP, [security bulletin] HPSBUX02157 SSRT061220 rev.1 HP-UX Running Ignite-UX Server, Remote Unauthorized Access and Privilege Elevation (04.10.2006)
Discuss:Read or add your comments to this news (0 comments)

HP-UX SLP unauthorized access
Published:04.10.2006
Source:BUGTRAQ
SecurityVulns ID:6679
Type:remote
Level:5/10
Description:Unauthorized Service Locator Protocol access.
Affected:HP : HP-UX 11.11
 HP : HP-UX 11.23
Original documentdocumentHP, [security bulletin] HPSBUX02129 SSRT061149 rev.1 - HP-UX running SLP, Remote Unauthorized Access (04.10.2006)
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:04.10.2006
Source:
SecurityVulns ID:6682
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:GOOP : Goop Gallery 2.0
 YENERHABER : Yener Haber 2.0
Original documentdocumentDj_ReMix_20_(at)_hotmail.com, Yener Haber Script v2.0 SQL injection (04.10.2006)
 documentsecurity_(at)_armorize.com, Directory Traversal Vulnerability in Goop Gallery 2.0.2 (04.10.2006)
 documentmozi, phpMyProfiler remote file include (04.10.2006)
Discuss:Read or add your comments to this news (0 comments)

IBM Client Security passwords manager unauthroized access
Published:04.10.2006
Source:BUGTRAQ
SecurityVulns ID:6680
Type:client
Level:5/10
Description:Password for site is stored based on site's title instead of URL.
Original documentdocumentLuís Miguel Silva, Security flaw in IBM Client Security Password Manager (04.10.2006)
Discuss:Read or add your comments to this news (0 comments)

PHP open_basedir protection bypass
updated since 04.10.2006
Published:09.10.2006
Source:BUGTRAQ
SecurityVulns ID:6681
Type:local
Level:5/10
Description:By using symbolic links in race period of time it's possible to bypass open_basedir protection.
Affected:PHP : PHP 4.4
 PHP : PHP 5.2
Original documentdocumentpaisterist.nst_(at)_gmail.com, PHP open_basedir with symlink() function Race Condition PoC exploit (09.10.2006)
 documentStefan Esser, Advisory 08/2006: PHP open_basedir Race Condition Vulnerability (04.10.2006)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru