Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 05.03.2007
Published:05.03.2007
Source:
SecurityVulns ID:7347
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:UPLOADSCRIPT : UploadScript 1.02
 WORDPRESS : WordPress 2.1
 RRDBROWSE : rrdbrowse 1.6
 EPORTFOLIO : ePortfolio 1.0
 SAVASPLACE : Sava's GuestBook 23.11.2006
 LISCRIPTS : LI-Guestbook 1.1
 VCARD : vCard 2.6
CVE:CVE-2007-1332 (Multiple cross-site request forgery (CSRF) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to perform unspecified restricted actions in the context of certain accounts by bypassing the client-side protection scheme.)
 CVE-2007-1331 (Multiple cross-site scripting (XSS) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to inject arbitrary web script or HTML via unspecified vectors that bypass the client-side protection scheme, one of which may be the q parameter to the search program. NOTE: some of these details are obtained from third party information.)
 CVE-2007-1305 (Multiple cross-site scripting (XSS) vulnerabilities in add2.php in Sava's Guestbook 23.11.2006 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) country, (3) email, and (4) website parameters.)
 CVE-2007-1304 (Multiple SQL injection vulnerabilities in add2.php in Sava's Guestbook 23.11.2006, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) country, (3) email, (4) website, and (5) message parameters.)
 CVE-2007-1303 (Directory traversal vulnerability in rb.cgi in RRDBrowse 1.6 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.)
 CVE-2007-1302 (SQL injection vulnerability in guestbook.php in LI-Guestbook 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the country parameter.)
Original documentdocumentciri_(at)_virtuax.be, Wordpress <= v2.1.0 (05.03.2007)
 documentRaeD Hasadya, XSS Remote In vCard 2.6 (c)2002 (05.03.2007)
 documentSebastian Wolfgarten, Arbitrary file disclosure vulnerability in rrdbrowse <= 1.6 (05.03.2007)
 documentbugtraq_(at)_belsec.com, LI-Guestbook SQL Injection Vulnerability (05.03.2007)
 documentbugtraq_(at)_belsec.com, Sava's GuestBook Multiple Vulnerabilities (05.03.2007)
 documentRaeD Hasadya, XXS in script Phorum (05.03.2007)
 documentRaeD Hasadya, Show Password Admin In Script Uploadscript (05.03.2007)
 documentStefan Friedli, ePortfolio version 1.0 Java Multiple Input Validation Vulnerabilities (05.03.2007)
 documentSebastian Wolfgarten, [Full-disclosure] Arbitrary file disclosure vulnerability in rrdbrowse <= 1.6 (05.03.2007)

Multiple FTP clients FTP bounce attack
updated since 05.03.2007
Published:05.01.2009
Source:
SecurityVulns ID:7348
Type:client
Threat Level:
5/10
Description:Passive FTP implementation in multiple client allows to use FTP bounce attack for port scanning.
Affected:KDE : KDE 3.5
 MOZILLA : Firefox 1.5
 MOZILLA : Firefox 2.0
 OPERA : Opera 9.10
 DEV0 : 0irc 1.3
 GOOGLE : Chrome 1.0
CVE:CVE-2007-1565 (Konqueror 3.5.5 allows remote attackers to cause a denial of service (crash) by using JavaScript to read a child iframe having an ftp:// URI.)
 CVE-2007-1564 (The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.)
 CVE-2007-1563 (The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.)
 CVE-2007-1562 (The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.)
 CVE-2007-1308 (ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.)
Original documentdocumentAditya K Sood, Google Chrome FTP PASV IP Malicious Port Scanning Vulnerability. (05.01.2009)
 documentmark, [Full-disclosure] Konqueror DoS Via JavaScript Read Of FTP Iframe (05.03.2007)
 documentmark, [Full-disclosure] Extending JavaScript Portscanning to Include Banner Grabbing (05.03.2007)
Files:Manipulating FTP Clients Using The PASV Command PoC
 Demo of how to make Konqueror 3.5.5 crash
 Manipulating FTP Clients Using The PASV Command

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod