Computer Security
[EN] securityvulns.ru no-pyccku


gfax symbolic links vulnerability
Published:06.07.2007
Source:
SecurityVulns ID:7898
Type:local
Threat Level:
5/10
Description:Symbolic links vulnerability on temporary files creation.
Affected:GNOME : gfax 0.4
CVE:CVE-2007-2839 (gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1329-1] New gfax packages fix privilege escalation (06.07.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:06.07.2007
Source:
SecurityVulns ID:7899
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WEBMIN : Webmin 1.340
 ASTERIDEX : AsteriDex 3.0
 ENVIVOSOFT : enVivo!CMS Classic v3.54
CVE:CVE-2007-3156 (Multiple cross-site scripting (XSS) vulnerabilities in pam_login.cgi in Webmin before 1.350 and Usermin before 1.280 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) message, or (3) question parameter. NOTE: some of these details are obtained from third party information.)
Original documentdocumentdurito, SQL-инъекция в enVivo!CMS (06.07.2007)
 documentCarl Livitt, AsteriDex (Asterisk / Trixbox) remote code execution (06.07.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod