Computer Security
[EN] securityvulns.ru no-pyccku


pidgin DoS
Published:04.10.2007
Source:
SecurityVulns ID:8217
Type:remote
Threat Level:
5/10
Description:Application crash on user not on the target's buddy list sending a "nudge," a feature of the MSN protocol.
Affected:PIDGIN : pidgin 2.2
CVE:CVE-2007-4996 (libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote attackers to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory location.")
Original documentdocumentFORESIGHT, FLEA-2007-0057-1 pidgin (04.10.2007)

elinks information leak
Published:04.10.2007
Source:
SecurityVulns ID:8208
Type:remote
Threat Level:
5/10
Description:POST form data is sent over HTTP instead of HTTPs.
Affected:ELINKS : elinks 0.11
CVE:CVE-2007-5034 (ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by TLS. NOTE: this issue only occurs when a proxy is defined for https.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1380-1] New elinks packages fix information disclosure (04.10.2007)

MPlayer buffer overflow
Published:04.10.2007
Source:
SecurityVulns ID:8209
Type:client
Threat Level:
5/10
Description:Buffer overflow on AVI files parsing.
Affected:MPLAYER : MPlayer 1.0
CVE:CVE-2007-4938 (Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.)
Original documentdocumentMANDRIVA, [ MDKSA-2007:192 ] - Updated mplayer packages fix vulnerability (04.10.2007)

Linux kernel multiple security vulnerabilities
Published:04.10.2007
Source:
SecurityVulns ID:8210
Type:local
Threat Level:
6/10
Description:Multiple DoS conditions.
Affected:LINUX : kernel 2.6
CVE:CVE-2007-5093 (The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device.)
 CVE-2007-4133
 CVE-2006-5755 (Linux kernel before 2.6.18, when running on x86_64 systems, does not properly save or restore EFLAGS during a context switch, which allows local users to cause a denial of service (crash) by causing SYSENTER to set an NT flag, which can trigger a crash on the IRET of the next task.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1381-1] New Linux 2.6.18 packages fix several vulnerabilities (04.10.2007)

RMake privilege escalation
Published:04.10.2007
Source:
SecurityVulns ID:8216
Type:local
Threat Level:
5/10
Description:/dev/zero device works as /dev/port in chrooted environment.
Affected:RMAKE : RMake 1.0
Original documentdocumentRPATH, rPSA-2007-0203-1 rmake rmake-proxy rmake-repos (04.10.2007)

mIRC unfiltered shell characters vulnerability
Published:04.10.2007
Source:
SecurityVulns ID:8207
Type:remote
Threat Level:
6/10
Description:Shell characters are not filtered on invoking external URL handler, making it's possible to use URLs like mailto:%xx../../../../../../../../../../../windows/system32/calc.exe".bat
Affected:MIRC : mIRC 6.3
Original documentdocumentjinc4fareijj_(at)_hotmail.com, 0day: mIRC pwns Windows (04.10.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:04.10.2007
Source:
SecurityVulns ID:8213
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:ORIGINALPHOTOGAL : Original Photo Gallery 0.11
 CONTENTBUILDER : Content Builder 0.7
 CART32 : Cart32 6.3
Original documentdocumentPaul Craig, Cart32 Arbitrary File Download Vulnerability (04.10.2007)
 documentMehrad1989_(at)_gmail.com, Content Builder 0.7.5 RFI Bug (04.10.2007)
 documentgokhankaya_(at)_hotmail.com, DRBGuestbook Remote XSS Vulnerability (04.10.2007)
 documentascii, Original Photo Gallery Remote Command Execution (04.10.2007)

Borland Interbase / Firebird database server multiple buffer overflows
Published:04.10.2007
Source:
SecurityVulns ID:8215
Type:library
Threat Level:
6/10
Description:Buffer overflows on multiple functions arguments.
Affected:BORLAND : InterBase 6.0
 BORLAND : InterBase 6.5
 FIREBIRD : Firebird 1.5
 FIREBIRD : Firebird 2.0
 BORLAND : InterBase 8.1
 BORLAND : InterBase 8.0
 BORLAND : InterBase 7.5
 BORLAND : InterBase 7.0
Original documentdocumentRISE Security, [RISE-2007002] Borland InterBase Multiple Buffer Overflow Vulnerabilities (04.10.2007)
 documentRISE Security, [RISE-2007003] Firebird Relational Database Multiple Buffer Overflow Vulnerabilities (04.10.2007)

Sun Solaris FIFO filesystem information leak
Published:04.10.2007
Source:
SecurityVulns ID:8218
Type:local
Threat Level:
5/10
Description:Integer overflow on IOCTL processing allows large memory regions reading.
Original documentdocumentIDEFENSE, iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability (04.10.2007)

Multiple FPS game servers buffer overflow with PunkBuster
Published:04.10.2007
Source:
SecurityVulns ID:8212
Type:remote
Threat Level:
6/10
Description:Buffer overflow on oversized packet if PunkBuster protection is turned on.
Affected:AMERICASARMY : America's Army 2.8
 DOOM : Doom 3 1.3
 QUAKE : Quake 4 1.4
 PREY : Prey 1.3
Original documentdocumentLuigi Auriemma, Format string in F.E.A.R. 1.08 through PB (04.10.2007)
 documentLuigi Auriemma, Format string in the Doom 3 engine through PB (04.10.2007)
 documentLuigi Auriemma, Unexploitable buffer-overflow in America's Army 2.8.2 through PB (04.10.2007)
Files:Exploits America's Army <= 2.8.2 buffer-overflow through Punkbuster
 Doom 3 engine format string exploitation through Punkbuster
 F.E.A.R. <= 1.08 format string exploitation through Punkbuster

X11 X Font Server integer overflow
Published:04.10.2007
Source:
SecurityVulns ID:8214
Type:remote
Threat Level:
7/10
Description:Integer overflow in QueryXBitmaps / QueryXExtents requests.
CVE:CVE-2007-4990
 CVE-2007-4989
 CVE-2007-4568
Original documentdocumentIDEFENSE, iDefense Security Advisory 10.02.07: Multiple Vendor X Font Server Multiple Vulnerabilities (04.10.2007)

CA BrightStor Hierarchical Storage Manager multiple security vulnerabilities
updated since 27.09.2007
Published:04.10.2007
Source:
SecurityVulns ID:8195
Type:remote
Threat Level:
6/10
Description:Buffer overflows, integer overflows and SQL injections.
Affected:CA : BrightStor Hierarchical Storage Manager 11.5
CVE:CVE-2007-5084 (Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via unspecified CsAgent service commands.)
 CVE-2007-5083 (Multiple integer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands that trigger a heap-based buffer overflow.)
 CVE-2007-5082 (Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands.)
Original documentdocument3COM, TPTI-07-17: CA BrightStor Hierarchical Storage Manager SQL Injection Vulnerabilities (04.10.2007)
 document3COM, TPTI-07-16: CA BrightStor Hierarchical Storage Manager Buffer Overflow Vulnerabilities (04.10.2007)
 documentIDEFENSE, iDefense Security Advisory 09.27.07: Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities (28.09.2007)
 documentCA, [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities (27.09.2007)

FSD flight simulator game server buffer overflows
updated since 04.10.2007
Published:05.10.2007
Source:
SecurityVulns ID:8211
Type:remote
Threat Level:
5/10
Description:Multiple buffer overflows, including HELP command.
Affected:MCDU : FSD 2.052
 MCDU : FS FDT 3.000
Original documentdocumentweak_(at)_fraglab.at, Re: Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9[EXPLOIT] (05.10.2007)
 documentLuigi Auriemma, Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9 (04.10.2007)
Files:FSFDT remote exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod