Computer Security
[EN] securityvulns.ru no-pyccku


HP Select Identity unauthorized access
updated since 15.10.2007
Published:07.02.2008
Source:
SecurityVulns ID:8257
Type:remote
Threat Level:
5/10
Affected:HP : Select Identity 4.13
 HP : Select Identity 4.20
CVE:CVE-2007-6194 (Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 and 4.1x before 4.13.003 allows remote attackers to obtain unspecified access via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBMA02309 SSRT080013 rev.1 - HP Select Identity Software, Remote Unauthorized Access (07.02.2008)
 documentHP, [security bulletin] HPSBMA02293 SSRT071494 rev.1 - HP Select Identity, Remote Unauthorized Access (06.12.2007)
 documentHP, [security bulletin] HPSBMA02230 SSRT071436 rev.1 - HP Select Identity, Remote Unauthorized Access (15.10.2007)

IPSwitch WS_FTP Server Manager / Whats Up unauthorized access
Published:07.02.2008
Source:
SecurityVulns ID:8644
Type:remote
Threat Level:
6/10
Description:It's possible to access script files with localhostnull account without password. Scripts source code leak.
Affected:IPSWITCH : WS_FTP Server Manager 6.1
 IPSWITCH : What's Up Gold 11.03
Original documentdocumentSteve Shockley, Re: Logs visualization in WS_FTP Server Manager 6.1.0.0 (07.02.2008)
 documentLuigi Auriemma, Logs visualization in WS_FTP Server Manager 6.1.0.0 (07.02.2008)

Symantec Backup Exec System Recovery Manager unauthorized access
Published:07.02.2008
Source:
SecurityVulns ID:8645
Type:remote
Threat Level:
7/10
Description:It's possible to upload files with TCP/8080 Web server.
Affected:SYMANTEC : Backup Exec System Recovery Manager 7.0
CVE:CVE-2008-0457 (Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.)
Original documentdocumentZDI, ZDI-08-003: Symantec Backup Exec Remote File Upload Vulnerability (07.02.2008)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:07.02.2008
Source:
SecurityVulns ID:8646
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MYNEWS : MyNews 1.6
 MODXCMS : MODx CMS 0.9
 MINIPUB : mini-pub 0.3
Original documentdocumentSkyOut, [Full-disclosure] MyNews 1.6.X HTML/JS Injection Vulnerability (07.02.2008)
 documentDigital Security Research Group [DSecRG], [DSECRG-08-013] Modx 0.9.6.1, 0.9.6.1p1 Multiple Security Vulnerabilities (07.02.2008)

TinTin++ MUD client multiple security vulnerabilities
Published:07.02.2008
Source:
SecurityVulns ID:8647
Type:remote
Threat Level:
5/10
Affected:TINTIN : TinTin++ 1.97
 TINTIN : WinTin++ 1.97
Original documentdocumentLuigi Auriemma, Chat vulnerabilities in TinTin++ 1.97.9 (07.02.2008)
Files:Exploits TinTin++ <= 1.97.9 chat vulnerabilities

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod