Computer Security
[EN] securityvulns.ru no-pyccku


Multiple PHP scripting language security vulnerabilities
updated since 18.08.2006
Published:08.09.2006
Source:
SecurityVulns ID:6515
Type:library
Threat Level:
6/10
Description:"file_exists()", "imap_open()", and "imap_reopen()" function and cURL extension safe mode restriction bypass, buffer overflows in different functions on 64-bit systems, buffer overflow in GD extension on GIFs processing, stripos() out-of-memory reading, Incorrect memory_limit restrictions on 64-bit systems. Buffer overflow in LWZReadByte().
Affected:PHP : PHP 4.4
 PHP : PHP 5.1
Original documentdocumentMANDRIVA, [Full-disclosure] [ MDKSA-2006:162 ] - Updated php packages fix vulnerabilities (08.09.2006)
 documentPHP, PHP 4.4.4 and PHP 5.1.5 Released (18.08.2006)

Ipswitch IMail SMTP Server code execution
updated since 07.09.2006
Published:08.09.2006
Source:
SecurityVulns ID:6590
Type:remote
Threat Level:
6/10
Description:Stack buffer overflow on oversized hostname string within characters '@' and ':'.
Affected:IPSWITCH : IMail 2006
 IPSWITCH : Ipswitch Collaboration 2006
Original documentdocumentZDI, ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow (08.09.2006)
 documentSECUNIA, [SA21795] Ipswitch IMail Server SMTP Service Unspecified Vulnerability (07.09.2006)

Alvila Avast! antivirus buffer overflow
Published:08.09.2006
Source:
SecurityVulns ID:6591
Type:remote
Threat Level:
6/10
Description:Buffer overflow on LHA archives parsing.
Affected:ALWIL : avast! Antivirus 4.7
Original documentdocumentRyan Smith, [Full-disclosure] Hustle -- alwil Anti-Virus Kernel -- Remote & Local Vulnerability (08.09.2006)

ICQ 2003 buffer overflow
Published:08.09.2006
Source:
SecurityVulns ID:6592
Type:remote
Threat Level:
9/10
Description:Heap buffer overflow on specific messages parsing.
Affected:ICQ : ICQ 2003b
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2006-0321: AOL ICQ Pro 2003b heap overflow vulnerability (08.09.2006)

Multiple ICQ Toolbar vulnerabilities
Published:08.09.2006
Source:
SecurityVulns ID:6593
Type:client
Threat Level:
5/10
Description:RSS crossite scripting, web configuration interface remote control.
Affected:ICQ : ICQ Toolbar 1.3
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2006-0322: Multiple vulnerabilities in ICQ Toolbar 1.3 for Internet Explorer (08.09.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:08.09.2006
Source:
SecurityVulns ID:6594
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:FANTASTICNEWS : Fantastic News 2.1
 MKPORTAL : MKPortal 1.1
 SOMERY : Somery 0.4
 BLOGCMS : BLOG:CMS 4.1
 BINGOPHPNEWS : BinGoPHP News 3.01
 DOKUWIKI : DokuWiki 2006-03-09
 PHPFUSION : PHPFusion 6.01
 ACKERTODO : AckerTodo 4.0
 RUNCMS : RunCMS 1.4
 WMNEWS : WM-News 0.5
 PHOTOKORN : photokorn 1.52
CVE:CVE-2007-0704 (PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation.)
 CVE-2007-0145 (PHP remote file inclusion vulnerability in bn_smrep1.php in BinGoPHP News (BP News) 3.01 allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter, a different vector than CVE-2006-4648 and CVE-2006-4649.)
 CVE-2006-7006 (** DISPUTED ** PHP remote file inclusion vulnerability in upload/admin/team.php in Robin de Graff Somery 0.4.4 allows remote attackers to execute arbitrary PHP code via a URL in the checkauth parameter. NOTE: CVE disputes this vulnerability because the checkauth parameter is only used in conditionals.)
 CVE-2006-6965 (CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks.)
 CVE-2006-4669 (PHP remote file inclusion vulnerability in admin/system/include.php in Somery 0.4.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter.)
 CVE-2006-4649 (PHP remote file inclusion vulnerability in bp_news.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter.)
 CVE-2006-4648 (PHP remote file inclusion vulnerability in bp_ncom.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter.)
Original documentdocumentSECUNIA, [SA21807] Fantastic News "CONFIG[script_path]" File Inclusion Vulnerabilities (08.09.2006)
 documentSECUNIA, [SA21796] photokorn "dir_path" File Inclusion Vulnerabilities (08.09.2006)
 documentSOMERY, [SA21825] Somery "skindir" File Inclusion Vulnerability (08.09.2006)
 documenterne_(at)_ernealizm.com, WM-News v0.5 - Remote File Include Vulnerabilities (08.09.2006)
 documentOmid, Sql injection in RunCMS (08.09.2006)
 documentviz.security_(at)_gmail.com, XSS in AckerTodo v4.0 (08.09.2006)
 documentKw3rLn, BinGoPHP News <= 3.01 [bnrep] Remote File Include Vulnerability (08.09.2006)
Files:DokuWiki <= 2006-03-09b release /bin/dwpage.php remote commands execution xploit
 PHPFusion <= 6.01.4 extract()/_SERVER[REMOTE_ADDR] sql injection exploit

UnixWare / Solaris X11R6 buffer overflow
updated since 08.09.2006
Published:09.09.2006
Source:
SecurityVulns ID:6595
Type:local
Threat Level:
5/10
Description:Buffer overflow in XKEYBOARD extension.
Affected:ORACLE : Solaris 8
 SCO : UnixWare 7.1
 ORACLE : Solaris 9
 ORACLE : Solaris 10
Original documentdocumentRISE Security, [RISE-2006001] X11R6 XKEYBOARD extension Strcmp() buffer overflow (09.09.2006)
Files:X11R6 XKEYBOARD extension Strcmp() for Sun Solaris 8 9 10 SPARC
 X11R6 XKEYBOARD extension Strcmp() for Sun Solaris 8 9 10 x86
 X11R6 <= 6.4 XKEYBOARD Local Buffer Overflow Exploit (sco/x86)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod