Computer Security
[EN] securityvulns.ru no-pyccku


Weak initial sequence number generation
updated since 03.05.2001
Published:06.02.2008
Source:
SecurityVulns ID:1169
Type:remote
Threat Level:
5/10
Description:Weak initial sequence number generation allows to spoof TCP connection.
Affected:SGI : Irix 6.5
 FREEBSD : FreeBSD 3.5
 FREEBSD : FreeBSD 4.2
 SONICWALL : Sonicwall SOHO 5.0
 AXENT : Raptor Firewall 6.5
 IBM : AIX 5.1
 HP : HP-UX 11.11
 COMPAQ : Tru64 DIGITAL UNIX 5.1
 COMPAQ : OpenVMS 7.2
 NOVELL : Netware 6.0
 ORACLE : Solaris 9
 SYMANTEC : Enterprise Firewall 6.5
 SYMANTEC : Enterprise Firewall 7.0
 SYMANTEC : Gateway Security 5110
 SYMANTEC : Gateway Security 5200
 SYMANTEC : Gateway Security 5300
 SYMANTEC : VelociRaptor 500
 SYMANTEC : VelociRaptor 700
 SYMANTEC : VelociRaptor 1000
 SYMANTEC : VelociRaptor 1100
 SYMANTEC : VelociRaptor 1200
 SYMANTEC : VelociRaptor 1300
 CRAY : UNICOS 10.0
 THOMPSON : SpeedTouch
 PACKETEER : PacketShaper 7.5
 PACKETEER : PacketShaper 7.3
Original documentdocumentAmit Klein, A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability" (06.02.2008)
 documentnnposter_(at)_disclosed.not, Predictable TCP ISN in Packeteer PacketShaper (19.05.2007)
 documentIDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 08.05.04: Thompson SpeedTouch Home ADSL Modem Predictable TCP ISN Generation (06.08.2004)
 documentMichal Zalewski, Strange Attractors and TCP/IP Sequence Number Analysis - One Year Later (10.09.2002)
 documentKristof Philipsen, Security Advisory: Raptor Firewall Weak ISN Vulnerability (03.08.2002)
 documentDan Ferris, Weak TCP Sequence Numbers in Sonicwall SOHO Firewall (26.07.2001)
 documentFREEBSD, Security Advisory FreeBSD-SA-01:39.tcp-isn (03.05.2001)
 documentCERT, Advisory CA-2001-09 (03.05.2001)
Files:Razor Paper: Strange Attractors and TCP/IP Sequence Number Analysis
 Strange Attractors and TCP/IP Sequence Number Analysis - One Year Later

IPSwitch FTP Log Server DoS
Published:06.02.2008
Source:
SecurityVulns ID:8632
Type:remote
Threat Level:
5/10
Description:Few large packets to UDP/5151 port cause server to stop normal operations.
Affected:IPSWITCH : FTP Log Server 7,9
Original documentdocumentLuigi Auriemma, Socket termination in FTP Log Server 7.9.14.0 (06.02.2008)
Files:Exploits Socket termination in FTP Log Server

SAPlpd LPD server multiple security vulnerabilities
Published:06.02.2008
Source:
SecurityVulns ID:8633
Type:remote
Threat Level:
5/10
Description:Multiple buffer overflows and DoS conditions on lpd commands.
Affected:SAP : SAPlpd 6.28
CVE:CVE-2006-7220 (Unspecified vulnerability in SAP SAPLPD and SAPSPRINT allows remote attackers to cause a denial of service (application crash) via a certain print job request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)
Original documentdocumentLuigi Auriemma, Multiple vulnerabilities in SAPlpd 6.28 (06.02.2008)
Files:Exploits SAPlpd <= 6.28 multiple vulnerabilities

WinCom LPD Server multiple security vulnerabilities
Published:06.02.2008
Source:
SecurityVulns ID:8634
Type:remote
Threat Level:
5/10
Description:LPD buffer overflow with oversized filename, unauthorized web admin interface access, buffer and integer overflows.
Affected:WINCOM : WinCom LPD Total 3.0
Original documentdocumentLuigi Auriemma, Multiple vulnerabilities in WinCom LPD Total 3.0.2.623 (06.02.2008)
Files:Exploits Wincom LPD <= 3.0.2.623 multiple vulnerabilities

IBM Informix Dynamic Server multiple security vulnerabilities
Published:06.02.2008
Source:
SecurityVulns ID:8635
Type:remote
Threat Level:
5/10
Description:SQLIDEBUG and onedcu operators allow to access arbitrary files.
Affected:IBM : Informix Dynamic Server 10.00
CVE:CVE-2008-0369 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows attackers to create files via unspecified vectors involving the SQLIDEBUG environment variable.)
 CVE-2008-0368 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows attackers to create files via unspecified vectors involving the onedcu program.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server onedcu File Creation Vulnerability (06.02.2008)
 documentIDEFENSE, iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server SQLIDEBUG File Creation Vulnerability (06.02.2008)

Nero Media Player buffer overflow
Published:06.02.2008
Source:
SecurityVulns ID:8636
Type:client
Threat Level:
6/10
Description:Buffer overflow on M3U files parsing.
Affected:NERO : NERO Media Player 1.4
Original documentdocumentsecurfrog_(at)_gmail.com, NERO Media Player <= 1.4.0.35b Remote Buffer Overflow( .M3U) (06.02.2008)
Files:NERO Media Player <= 1.4.0.35b Remote Buffer Overflow( .M3U) PoC

HP OpenView Network Node Manager DoS
updated since 06.02.2008
Published:06.02.2008
Source:
SecurityVulns ID:8637
Type:remote
Threat Level:
5/10
Description:DoS against Topology Manager Service (TCP/2532)
Affected:HP : OpenView Network Node Manager 6.41
 HP : OpenView Network Node Manager 7.51
CVE:CVE-2008-0212 (ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access.)
 CVE-2008-0212 (ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access.)
Original documentdocumentIDEFENSE, [Full-disclosure] iDefense Security Advisory 02.04.08: Hewlett-Packard Network Node Manager Topology Manager Service DoS Vulnerability (07.02.2008)
 documentHP, [security bulletin] HPSBMA02307 SSRT071420 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Denial of Service (DoS) (06.02.2008)

HP Storage Essentials SRM unauthorized access
Published:06.02.2008
Source:
SecurityVulns ID:8638
Type:remote
Threat Level:
6/10
CVE:CVE-2008-0215
Original documentdocumentHP, [security bulletin] HPSBST02302 SSRT071474 rev.1 - HP Storage Essentials SRM, Remote Unauthorized Access (06.02.2008)

HP Virtual Rooms unauthorized access
Published:06.02.2008
Source:
SecurityVulns ID:8639
Type:client
Threat Level:
6/10
Description:Unauthorized access is possible via ActiveX component under Windows.
CVE:CVE-2008-0213 (Unspecified vulnerability in a certain ActiveX control for HP Virtual Rooms (HPVR) 6 and earlier allows remote attackers to execute arbitrary code via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBGN02310 SSRT080007 rev.1 - HP Virtual Rooms Running on Windows, Remote Execution of Arbitrary Code (06.02.2008)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:06.02.2008
Source:
SecurityVulns ID:8640
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:AZUCARCMS : Azucar CMS 1.3
 DOCUMENTUM : Documentum Administrator 5.3
 DOCUMENTUM : Documentum Webtop 5.3
 WEBMIN : Webmin 1.390
Original documentdocumentsub, [Full-disclosure] The Everything Development System - SQL Injection (06.02.2008)
 documentno-reply_(at)_aria-security.net, Tested on Webmin 1.390 (06.02.2008)
 documentCYBSEC Advisories, CYBSEC Security Advisory: Arbitrary file overwrite in Documentum Administrator / Documentum Webtop (06.02.2008)
 documentDigital Security Research Group [DSecRG], [DSECRG-08-012] Multiple LFI in Azucar CMS 1.3 (06.02.2008)

Yahoo JukeBox ActiveX buffer overflow
Published:06.02.2008
Source:
SecurityVulns ID:8642
Type:client
Threat Level:
5/10
Description:Buffer overflow in AddBitmap() method.
Original documentdocumentElazar Broad, [Full-disclosure] Yahoo! JukeBox MediaGrid ActiveX Control AddBitmap() Buffer Overflow (06.02.2008)

FaceBook / Aurigma Image / PhotoUploader / Piczo ImageUploader / ActiveX buffer overflow
updated since 06.02.2008
Published:20.03.2008
Source:
SecurityVulns ID:8643
Type:client
Threat Level:
6/10
Description:Multiple buffer overflows in different properties.
Affected:FACEBOOK : FaceBook PhotoUploader 4.5
 AURIGMA : Aurigma ImageUploader 4.6
Original documentdocumentdavid130490_(at)_hotmail.com, Pizco vulnerable to buffer overflow in activex (20.03.2008)
 documentElazar Broad, [Full-disclosure] FaceBook/Aurigma Image/PhotoUploader Buffer Overflow (06.02.2008)

dBpowerAMP Audio Player buffer overflow
updated since 06.02.2008
Published:31.01.2009
Source:
SecurityVulns ID:8641
Type:client
Threat Level:
6/10
Description:Buffer overflow on m3u and pls files parsing.
Affected:DBPOWERAMP : dBpowerAMP 2
Original documentdocumentalphanix00_(at)_gmail.com, dBpowerAMP Audio Player v2 ( .pls file) LoCaL BufferOverFlow Exploit (31.01.2009)
 documentsecurfrog_(at)_gmail.com, dBpowerAMP Audio Player Release 2 Remote Buffer Overflow (06.02.2008)
Files:dBpowerAMP Audio Player local buffer overflow exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod