Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:06.10.2007
Source:
SecurityVulns ID:8219
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:AFTERLOGIC : MailBee WebMail Pro 3.4
Original documentdocumentAdvisory_(at)_Aria-Security.net, [Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN (06.10.2007)
 documentivan.sanchez_(at)_nullcode.com.ar, Reporting Vulnerable Public Web mail (06.10.2007)

Dropteam game multiple security vulnerabilities
Published:06.10.2007
Source:
SecurityVulns ID:8220
Type:remote
Threat Level:
5/10
Description:Buffer overflows, format string vulnerabilities.
Affected:BATTLEFRONT : Dropteam 1.3
Original documentdocumentLuigi Auriemma, Multiple vulnerabilities in Dropteam 1.3.3 (06.10.2007)
Files:Exploits Dropteam <= 1.3.3 multiple vulnerabilities

The Dawn of Time MUD game format string vulnerability
Published:06.10.2007
Source:
SecurityVulns ID:8221
Type:remote
Threat Level:
5/10
Description:Buffer overflow in HTTP authentication.
Affected:DAWNOFTIME : The Dawn of Time 1.69
Original documentdocumentLuigi Auriemma, Format string in The Dawn of Time 1.69s beta4 (06.10.2007)

Xen privilege escalation
updated since 06.10.2007
Published:16.10.2008
Source:
SecurityVulns ID:8222
Type:local
Threat Level:
5/10
Description:It's possible for DomU domain user to execute code in Dom0 context.
Affected:XEN : xen 3.0
CVE:CVE-2007-4993
Original documentdocumentJoanna Rutkowska, Paper: Adventures with a certain Xen vulnerability (16.10.2008)
 documentDEBIAN, [SECURITY] [DSA 1384-1] New xen-utils packages fix several vulnerabilities (06.10.2007)
Files:Adventures with a certain Xen vulnerability

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod