Computer Security

Search:Vulnerability:07.10.2009
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Bulletproof FTP client buffer overflow
Published:07.10.2009
Source:BUGTRAQ
SecurityVulns ID:10297
Type:local
Level:4/10
Description:Buffer overflow on .bps files parsing.
Affected:BULLETPROOF : BulletProof FTP Client 2.63
Original documentdocumentrafa.de.sousa_(at)_hotmail.com, BulletProof FTP Client Buffer Overflow (SEH) (07.10.2009)
Files:BulletProof FTP Client Buffer Overflow (SEH) exploit
Discuss:Read or add your comments to this news (0 comments)

Dopewars game server DoS
Published:07.10.2009
Source:BUGTRAQ
SecurityVulns ID:10299
Type:remote
Level:5/10
Description:Crash on parsing TCP/7902 data.
Affected:DOPEWARS : Dopewars 1.5
Original documentdocumentdougtko_(at)_gmail.com, Dopewars 1.5.12 Server Denial of Service (07.10.2009)
Discuss:Read or add your comments to this news (0 comments)

wget certificate spoofing
Published:07.10.2009
Source:BUGTRAQ
SecurityVulns ID:10295
Type:client
Level:5/10
Description:It's possible to spoof ceritificate by using NULL character in the Common Name.
Affected:GNU : wget 1.11
CVE:CVE-2009-3490 (GNU Wget before 1.12 does not properly handle a '\0' character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.)
Original documentdocumentUBUNTU, [USN-842-1] Wget vulnerability (07.10.2009)
Discuss:Read or add your comments to this news (0 comments)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:07.10.2009
Source:
SecurityVulns ID:10298
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:JETTY : Jetty 6.1
 AIOCP : Aiocp 1.4
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2009-0922: Jetty Persistent XSS in Sample Cookies Application (07.10.2009)
 documenthadikiamarsi_(at)_hotmail.com, Remote File Inclusion In AIOCP (07.10.2009)
Discuss:Read or add your comments to this news (0 comments)

XLPD LPD server DoS
Published:07.10.2009
Source:BUGTRAQ
SecurityVulns ID:10300
Type:remote
Level:5/10
Description:Crash on invalid LPR request.
Affected:XLPD : XLPD 3.0
Original documentdocumentProtek Research Lab, {PRL} XLPD 3.0 Remote DoS (07.10.2009)
Discuss:Read or add your comments to this news (1 comments)

HP printers crossite scripting
updated since 07.10.2009
Published:09.10.2009
Source:BUGTRAQ
SecurityVulns ID:10296
Type:remote
Level:4/10
Description:Crossite scripting in Jetdirect web interface for LaserJet and Color LaserJet printers.
CVE:CVE-2009-2684 (Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL parameter in an Apply action to the support_param.html/config script.)
Original documentdocumentDSecRG, [DSECRG-09-048] HP LaserJet printers - Multiple Stored XSS vulnerabilities (09.10.2009)
 documentHP, [security bulletin] HPSBPI02463 SSRT090061 rev.1 - HP LaserJet Printers, HP Color LaserJet Printers, Remote Cross Site Scripting (XSS) (07.10.2009)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server