Computer Security
[EN] securityvulns.ru no-pyccku


Hostaupd IEEE 802.11 authentication daemon DoS
Published:06.05.2006
Source:
SecurityVulns ID:6099
Type:remote
Threat Level:
5/10
Description:DoS on invalid EAPoL frame.
Affected:HOSTAP : Hostapd 0.3
Original documentdocumentSECUNIA, [SA19966] Hostapd EAPoL Frame Handling Denial of Service (06.05.2006)

FileCopa FTP Server buffer overflow
Published:06.05.2006
Source:
SecurityVulns ID:6104
Type:remote
Threat Level:
5/10
Description:Buffer overflow on oversized USER command.
Affected:FILECOPA : FileCOPA 1.0
Files:FILECOPA DOS

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:06.05.2006
Source:
SecurityVulns ID:6096
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPBB : phpBB 2.0
 CUREPHP : CuteNews 1.4
 SAPHPLESSON : SaphpLesson 3.0
 ALBINATOR : Albinator 2.0
 EVOARTICLES : evoArticles 2.0
CVE:CVE-2006-2220 (phpBB 2.0.20 does not properly verify user-specified input variables used as limits to SQL queries, which allows remote attackers to obtain sensitive information via a negative LIMIT specification, as demonstrated by the start parameter to memberlist.php, which reveals the SQL query in the resulting error message.)
 CVE-2006-2219 (phpBB 2.0.20 does not verify user-specified input variable types before being passed to type-dependent functions, which allows remote attackers to obtain sensitive information, as demonstrated by the (1) mode parameter to memberlist.php and the (2) highlight parameter to viewtopic.php that are used as an argument to the htmlspecialchars or urlencode functions, which displays the installation path in the resulting error message.)
Original documentdocumentSECUNIA, [SA19952] Albinator File Inclusion and Cross-Site Scripting Vulnerabilities (06.05.2006)
 documentMaksymilian Arciemowicz, [Full-disclosure] phpBB 2.0.20 Full Path Disclosure and SQL Errors (06.05.2006)
 documento.y.6_(at)_hotmail.com, Invision Community Blog .. Bugs (06.05.2006)
 documentMster-X_(at)_hotmail.com, CuteNews 1.4.1 Multiple vulnerabilities (06.05.2006)
 documentMster-X_(at)_hotmail.com, modules name(Downloads)SQL Injection Exploit (06.05.2006)
 documentMster-X_(at)_hotmail.com, modules name(Sections)SQL Injection Exploit (06.05.2006)
 documentCyber Lords, SQL-Injection in evoArticles (06.05.2006)
Files:Exploits phpBB auction mod - Remote File Inclusion Vuln
 Statit V4 Remote File Inclusion exploit

rsync integer overflow
Published:06.05.2006
Source:
SecurityVulns ID:6097
Type:remote
Threat Level:
5/10
Description:receive_xattr() integer overflow.
Affected:RSYNC : rsync 2.6
Original documentdocumentGENTOO, [Full-disclosure] [ GLSA 200605-05 ] rsync: Potential integer overflow (06.05.2006)

Linux VServer privilege escalation
Published:06.05.2006
Source:
SecurityVulns ID:6100
Type:local
Threat Level:
5/10
Description:Some crytical capabilities are not limited for guest account.
Affected:LINUXVSERVER : Linux-VServer 2.0
 LINUXVSERVER : Linux-VServer 1.2
Original documentdocumentSECUNIA, [SA19961] Linux-VServer "ccaps" Insecure Capabilities Security Issue (06.05.2006)

Kerio Winroute Firewall DoS
Published:06.05.2006
Source:
SecurityVulns ID:6101
Type:remote
Threat Level:
6/10
Description:Crash on scanning POP3 / SMTP messages.
Affected:KERIO : WinRoute Firewall 6.2
Original documentdocumentSECUNIA, [SA19947] Kerio WinRoute Firewall Protocol Inspection Denial of Service (06.05.2006)

Cryptomathic TDC Digital signature ActiveX buffer overflow
Published:06.05.2006
Source:
SecurityVulns ID:6098
Type:client
Threat Level:
5/10
Description:Buffer overflow in ActiveX element of Danish OCES certificate policy.
Original documentdocumentCIRT Advisory, Cryptomathic ActiveX Buffer Overflow (TDC Digital signature) (06.05.2006)

acFtpd buffer overflow
Published:06.05.2006
Source:
SecurityVulns ID:6103
Type:remote
Threat Level:
5/10
Description:Buffer overflow on oversized USER command.
Affected:ACFTP : acFTP 1.4
Files:Exploits USER command in acFtpd

Quake 3 engine buffer overflow
updated since 06.05.2006
Published:09.05.2006
Source:
SecurityVulns ID:6102
Type:client
Threat Level:
6/10
Description:Buffer overflow on remapShader command processing.
Affected:ID : Quake3Arena 1.32
 GRAYMATTER : Return to Castle Wolfenstein 1.41
 GRAYMATTER : Wolfenstein: Enemy Territory 2.60
Original documentdocumentThilo Schulz, [Full-disclosure] Two independent vulnerabilities (client and server side) in Quake3 engine and many derived games (09.05.2006)
 documentSECUNIA, [SA19984] Quake 3 Engine "remapShader" Command Buffer Overflow (06.05.2006)
Files:"R_RemapShader()" q3 engine 1.32b client remote bof exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod