Computer Security
[EN] securityvulns.ru no-pyccku


ZyXEL ZyWALL USG unauthorized access
Published:05.05.2011
Source:
SecurityVulns ID:11648
Type:remote
Threat Level:
6/10
Description:Unauthenticated configuration access is possible, authorization is performed on client side.
Affected:ZYXEL : ZyWALL USG-20
 ZYXEL : ZyWALL USG-50
 ZYXEL : ZyWALL USG-100
 ZYXEL : ZyWALL USG-200
 ZYXEL : ZyWALL USG-300
 ZYXEL : ZyWALL USG-1000
 ZYXEL : ZyWALL USG-1050
 ZYXEL : ZyWALL USG-2000
Original documentdocumentRedTeam Pentesting, [RT-SA-2011-004] Client Side Authorization ZyXEL ZyWALL USG Appliances Web Interface (05.05.2011)
 documentRedTeam Pentesting, [RT-SA-2011-003] Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances (05.05.2011)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:05.05.2011
Source:
SecurityVulns ID:11650
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Original documentdocumentbolok.boloke80_(at)_gmail.com, CSRF (Cross-Site Request Forgery) in FREELANCER (05.05.2011)
 documentbolok.boloke80_(at)_gmail.com, XSS in CLASSIFIED ADS (05.05.2011)
 documentbolok.boloke80_(at)_gmail.com, Path disclousure in MEGA PORTAL (05.05.2011)

OpenSSH ssh-keysign information leak
Published:05.05.2011
Source:
SecurityVulns ID:11651
Type:local
Threat Level:
5/10
Description:File descriptor for private keys file is not closed on exeternal application execution.
Affected:OPENBSD : OpenSSH 5.8
Original documentdocumentOPENBSD, Revised: Portable OpenSSH security advisory: portable-keysign-rand-helper.adv (05.05.2011)

ICONICS WebHMI ActiveX buffer overflow
Published:05.05.2011
Source:
SecurityVulns ID:11652
Type:client
Threat Level:
5/10
Description:Stack buffer overflow in SetActiveXGUID method.
Original documentdocumentScott Bell, Security-Assessment.com Advisory: ICONICS WebHMI ActiveX Stack Overflow (05.05.2011)

SIPDroid information leak
Published:05.05.2011
Source:
SecurityVulns ID:11653
Type:remote
Threat Level:
4/10
Description:User information is leaked in reply to INVEITE message.
Affected:SIPDROID : SIPDroid 1.6
 SIPDROID : SIPDroid 2.0
 SIPDROID : SIPDroid 2.2
Original documentdocumentAnibal Aguiar, SIPDroid user/extension enum (05.05.2011)

perl multiple security vulnerabilities
updated since 05.05.2011
Published:20.05.2011
Source:
SecurityVulns ID:11649
Type:library
Threat Level:
5/10
Description:Data injection and protection bypass in lc, lcfirst, uc, ucfirst functions and CGI module.
Affected:PERL : perl 5.13
 PERL : perl 5.12
 PERL : perl 5.11
CVE:CVE-2011-1487 (The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.)
 CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.)
 CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters, a different vulnerability than CVE-2010-2761 and CVE-2010-3172.)
 CVE-2010-4334 (IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions.)
 CVE-2010-2761 (The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172.)
 CVE-2010-1447 (The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution.)
 CVE-2010-1168 (The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to "automagic methods.")
Original documentdocumentMANDRIVA, [ MDVSA-2011:092 ] perl-IO-Socket-SSL (20.05.2011)
 documentUBUNTU, [USN-1129-1] Perl vulnerabilities (05.05.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod