 |
|
|
|
| Cisco Secure ACS DoS | | Published: |  | 07.09.2008 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 9266 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | Crash on EAP authentication parsing. |
| Affected: |  | CISCO : Secure ACS 3.3 | | | | CISCO : Secure ACS 4.1 | | | | CISCO : Secure ACS 4.2 | | CVE: |  | CVE-2008-2441 (Cisco Secure ACS 3.x before 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x before 4.1(4) Build 13 Patch 11, and 4.2.x before 4.2(0) Build 124 Patch 4 does not properly handle an EAP Response packet in which the value of the length field exceeds the actual packet length, which allows remote authenticated users to cause a denial of service (CSRadius and CSAuth service crash) or possibly execute arbitrary code via a crafted RADIUS (1) EAP-Response/Identity, (2) EAP-Response/MD5, or (3) EAP-Response/TLS Message Attribute packet.) |
| Atheros wireless drivers buffer overflow | | Published: | | 07.09.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9271 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow on oversized information element. |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 07.09.2008 | | Source: | | | | SecurityVulns ID: | | 9265 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
myPHPNuke: SQL injection. |
| Affected: | | MYPHPNUKE : myPHPNuke 1.8 | | | | DJANGO : django 0.95 | | | | ZENCART : Zen Cart | | | | ASPWEBALBUM : aspWebAlbum 3.2 | | CVE: | | CVE-2008-3664 (Multiple cross-site scripting (XSS) vulnerabilities in XRMS allow remote attackers to inject arbitrary web script or HTML via (1) the real name field, related to the user list; (2) the target parameter to login.php, (3) the title parameter to activities/some.php, (4) the company_name parameter to companies/some.php, (5) the last_name parameter to contacts/some.php, (6) the campaign_title parameter to campaigns/some.php, (7) the opportunity_title parameter to opportunities/some.php, (8) the case_title parameter to cases/some.php, (9) the file_id parameter to files/some.php, or (10) the starting parameter to reports/custom/mileage.php, a related issue to CVE-2008-1129.) |
| courier-autlib authentication library SQL injection | | Published: | | 07.09.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9268 | | Type: | | library | | Level: | | 6/10 |
| Affected: | | COURIER : courier-authlib 0.60 | | CVE: | | CVE-2008-2667 (SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.) | | | | CVE-2008-2380 (SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes.) |
| Marvell wireless drivers multiple security vulnerabilities | | Published: | | 07.09.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9270 | | Type: | | remote | | Level: | | 6/10 | | Description: | | DoS, buffer overflow. |
| dnsmasq multiple security vulnerabilities | | Published: | | 07.09.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9272 | | Type: | | remote | | Level: | | 5/10 | | Description: | | DNS records spoofing, DoS. |
| Affected: | | DNSMASQ : dnsmasq 2.4 | | CVE: | | CVE-2008-3350 (dnsmasq 2.43 allows remote attackers to cause a denial of service (daemon crash) by (1) sending a DHCPINFORM while lacking a DHCP lease, or (2) attempting to renew a nonexistent DHCP lease for an invalid subnet as an "unknown client," a different vulnerability than CVE-2008-3214.) | | | | CVE-2008-1447 (The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.") |
| HP OpenView Select Identity Connectors information leak | | Published: | | 07.09.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9269 | | Type: | | local | | Level: | | 5/10 |
FreeBSD multiple security vulnerabilities
updated since 07.09.2008 | | Published: | | 03.07.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9267 | | Type: | | remote | | Level: | | 7/10 | | Description: | | mount / nmount syscall implementcation buffer overflow. amd64 CPU registers privilege escalation. DoS через ICMPv6. |
| Affected: | | FREEBSD : FreeBSD 7.0 | | | | FREEBSD : FreeBSD 6.3 | | | | FREEBSD : FreeBSD 7.1 | | | | FREEBSD : FreeBSD 6.4 | | CVE: | | CVE-2008-3890 (The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call.) | | | | CVE-2008-3531 (Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.usermount is enabled, allows local users to gain privileges via a crafted (1) mount or (2) nmount system call, related to copying of "user defined data" in "certain error conditions.") | | | | CVE-2008-3530 (sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.) |
|
|
|
|
|
|
|
|
