Computer Security
[EN] securityvulns.ru no-pyccku


stunnel protection bypass
Published:08.08.2008
Source:
SecurityVulns ID:9208
Type:remote
Threat Level:
4/10
Description:Revoked certificate status is incorrectly checked.
Affected:STUNNEL : stunnel 4.23
CVE:CVE-2008-2420 (The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.)
Original documentdocumentGENTOO, [ GLSA 200808-08 ] stunnel: Security bypass (08.08.2008)

NoticeWare Email Server DoS
Published:08.08.2008
Source:
SecurityVulns ID:9209
Type:remote
Threat Level:
5/10
Description:Crash on oversized IMAP LOGIN command.
Affected:NOTICEWARE : NoticeWare Email Server NG 4.6
Original documentdocumentJoгo Antunes, [AJECT] NoticeWare IMAP Email Server 4.6.2 DoS vulnerability (08.08.2008)

WinGate Mail Server DoS
Published:08.08.2008
Source:
SecurityVulns ID:9210
Type:remote
Threat Level:
5/10
Description:IMAP LIST command resources exhaustion.
Affected:QBIK : WinGate 6.2
Original documentdocumentJoгo Antunes, [AJECT] WinGate Email Server (IMAP) vulnerability (08.08.2008)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:08.08.2008
Source:
SecurityVulns ID:9207
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Contact Form ][: antiautomation protection bypass, crossite scripting.
Affected:GALLERY : Gallery 1.5
 E107 : e107 0.7
 WORDPRESS : Contact Form ][ 2.0
Original documentdocumentJeiAr, e107 <= 0.7.11 Arbitrary Variable Overwriting (08.08.2008)
 documentDigital Security Research Group [DSecRG], [DSECRG-08-035] Local File Include Vulnerability in Gallery 1.5.7, 1.6-alpha3 (08.08.2008)
 documentMustLive, Vulnerabilities in Contact Form ][ for WordPress (08.08.2008)
 documentAlemin_Krali Krali, Magnet Blog Sql Injection Vulnerability (08.08.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod