Computer Security
[EN] securityvulns.ru no-pyccku


Suid utilities (vixie-cron, shadow, ppp) user limits privilege escalation
updated since 26.05.2006
Published:06.07.2006
Source:
SecurityVulns ID:6191
Type:local
Threat Level:
8/10
Description:setuid() return code is not checked. It makes it possible to execute code with root privileges by exhausting user limits.
Affected:PPP : ppp 2.4
 Shadow : shadow 4.0
 VIXIE : cron 4.1
Original documentdocumentUBUNTU, [Full-disclosure] [USN-310-1] ppp vulnerability (06.07.2006)
 documentUBUNTU, [Full-disclosure] [USN-308-1] shadow vulnerability (06.07.2006)
 documentJustin M. Forbes, rPSA-2006-0082-1 vixie-cron (26.05.2006)

Touch ActiveX control code execution
Published:06.07.2006
Source:
SecurityVulns ID:6341
Type:client
Threat Level:
5/10
Description:Execute() method allows execution of arbitrary files.
Original documentdocumentAlex Park, Touch arbitrary file execute vulnerability (06.07.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:06.07.2006
Source:
SecurityVulns ID:6342
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:HORDE : Horde 3.0
 JELSOFT : vBulletin 3.5
 SNEWS : sNews 1.3
 HORDE : Horde 3.1
 GLENDOWN : Shopping Cart 0.9
 BLOGCMS : BLOG:CMS 4.1
 TIGERTOM : TTCalc 1.0
Original documentdocumentMoritz Naumann, [Full-disclosure] Public Advisory: Horde 3.1.1, 3.0.10 Multiple Security Issues (06.07.2006)
 documentluny_(at)_youfucktard.com, TigerTom Scripts (06.07.2006)
 documentCarcaBotx_(at)_yahoo.com, vBulletin 3.5.4 (install_path) Exploit (06.07.2006)
 documentsecurityconnection_(at)_gmail.com, BLOG:CMS 4.1.0 SQL injection File Include Vulnerability (06.07.2006)
 documentsecurityconnection_(at)_gmail.com, sNews 1.3 XSS SQL (06.07.2006)
 documentluny_(at)_youfucktard.com, Shopping Cart V0.9 (06.07.2006)
 documentCrAzY.CrAcKeR_(at)_hotmail.com, Invision Power Board "v1.X & 2.X" SQL Injection (06.07.2006)

libmms multimedia stream library buffer overflows
Published:06.07.2006
Source:
SecurityVulns ID:6343
Type:library
Threat Level:
5/10
Description:Multiple buffer overflows.
Affected:LIBMMS : libmms 0.1
 GSTREAMER : gstreamer 0.8
Original documentdocumentUBUNTU, [Full-disclosure] [USN-309-1] libmms vulnerability (06.07.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod