Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:07.08.2008
Source:
SecurityVulns ID:9201
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress ME for XOOPS: crossite scripting.
Affected:WORDPRESS : WordPress ME 0.3 module for XOOPS
 XAMPP : Xampp Linux 1.6
 IGES : IGES CMS 2.0
 PLUCK : Pluck 4.5
CVE:CVE-2008-3389 (Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport.)
 CVE-2008-3357 (Untrusted search path vulnerability in ingvalidpw in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges via a crafted shared library, related to a "pointer overwrite vulnerability.")
 CVE-2008-3356 (verifydb in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and other Unix platforms sets the ownership or permissions of an iivdb.log file without verifying that it is the application's own log file, which allows local users to overwrite arbitrary files by creating a symlink with an iivdb.log filename.)
Original documentdocumentCA, CA Products That Embed Ingres Multiple Vulnerabilities (07.08.2008)
 documentlovebug_(at)_hotmail.it, MyClan Sql Injection (07.08.2008)
 documentlovebug_(at)_hotmail.it, PHP-NUKE module Kleinanzeigen SQL injection (lid) (07.08.2008)
 documentadmin_(at)_bugreport.ir, Pluck 4.5.2 Multiple Cross Site Scripting Vulnerabilities (07.08.2008)
 documentadmin_(at)_bugreport.ir, IGES CMS <=2.0 Multiple Vulnerabilities (07.08.2008)
 documentirancrash_(at)_gmail.com, Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities (07.08.2008)
 documentMustLive, Cross-Site Scripting vulnerabilities in WordPress ME for XOOPS (07.08.2008)

8e6 Technologies R3000 Internet Filter URL filtering bypass
updated since 17.01.2008
Published:07.08.2008
Source:
SecurityVulns ID:8577
Type:remote
Threat Level:
4/10
Description:Stateful-filtering is not used. X-DecoyHost header may be used to bypass filtering.
Original documentdocumentnnposter_(at)_disclosed.not, 8e6 Technologies R3000 Internet Filter Bypass with Host Decoy (07.08.2008)
 documentnnposter_(at)_disclosed.not, 8e6 Technologies R3000 Internet Filter Bypass by Request Split (17.01.2008)

Wireshark multiple security vulnerabilities
Published:07.08.2008
Source:
SecurityVulns ID:9202
Type:remote
Threat Level:
6/10
Description:Multiple vulnerabilities in protocol dissectors, causing application to crash.
CVE:CVE-2008-3140 (The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors, possibly related to an "incomplete SS7 MSU syslog encapsulated packet.")
 CVE-2008-3139 (The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.)
 CVE-2008-3138 (The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.)
 CVE-2008-3137 (The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.)
Original documentdocumentGENTOO, [ GLSA 200808-04 ] Wireshark: Denial of Service (07.08.2008)

Apache mod_proxy_ftp crossite scripting
Published:07.08.2008
Source:
SecurityVulns ID:9203
Type:remote
Threat Level:
5/10
Description:Crossite scripting on FTP server content displaying.
Affected:APACHE : Apache 2.0
 APACHE : Apache 2.2
CVE:CVE-2008-2939 (Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.)
Original documentdocumentmarc_bevand_(at)_rapid7.com, Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting (07.08.2008)

OpenVMS fingerd buffer overflow
Published:07.08.2008
Source:
SecurityVulns ID:9204
Type:remote
Threat Level:
7/10
Description:Buffer overflow on oversized username.
Original documentdocumentShaun Colley, OpenVMS fingerd remote stack overflow (07.08.2008)

Nokia series 40 phones multiple security vulnerabilities
Published:07.08.2008
Source:
SecurityVulns ID:9205
Type:remote
Threat Level:
8/10
Description:Multiple J2ME implementation vulnerabilities allow complete device compromization.
Original documentdocumentSecurity Explorations, [SE-2008-01] J2ME Security Vulnerabilities 2008 (07.08.2008)

Sun xVM privilege escalation
Published:07.08.2008
Source:
SecurityVulns ID:9206
Type:local
Threat Level:
5/10
Description:VBoxDrv.sys driver kernel mode code execution.
Affected:SUN : xVM VirtualBox 1.6
CVE:CVE-2008-3431 (The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\.\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.)
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2008-0716 - Sun xVM VirtualBox Privilege Escalation Vulnerability (07.08.2008)

Ingres database server multiple security vulnerabilities
updated since 04.08.2008
Published:07.08.2008
Source:
SecurityVulns ID:9198
Type:local
Threat Level:
5/10
Description:Weak file permissions, insecure shared library loading, buffer overflow in different utilities.
Affected:INGRES : Ingres Database 2006
CVE:CVE-2008-3389 (Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport.)
 CVE-2008-3357 (Untrusted search path vulnerability in ingvalidpw in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges via a crafted shared library, related to a "pointer overwrite vulnerability.")
 CVE-2008-3356 (verifydb in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and other Unix platforms sets the ownership or permissions of an iivdb.log file without verifying that it is the application's own log file, which allows local users to overwrite arbitrary files by creating a symlink with an iivdb.log filename.)
Original documentdocumentCA, CA Products That Embed Ingres Multiple Vulnerabilities (07.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.01.08: Ingres Database for Linux ingvalidpw Untrusted Library Path Vulnerability (04.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.01.08: Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability (04.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.01.08: Ingres Database for Linux verifydb Insecure File Permissions Modification Vulnerability (04.08.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod