Computer Security
[EN] securityvulns.ru no-pyccku


Multiple nCipher products cryptographic problems
updated since 08.03.2006
Published:09.03.2006
Source:
SecurityVulns ID:5872
Type:remote
Threat Level:
5/10
Description:Weak pseudo-random numbers generation, vulnerabilities in network protocol.
Affected:NCIPHER : nForce
 NCIPHER : nShield
 NCIPHER : netHSM
 NCIPHER : payShield
 NCIPHER : SecureDB
 NCIPHER : DSE200
 NCIPHER : Time Source Master Clock
Original documentdocumentNCIPHER, nCipher Advisory #14: Presence of flaws in firmware security (09.03.2006)
 documentNCIPHER, nCipher Advisory #13: CBC-MAC IV misleading programming interface (09.03.2006)
 documentNCIPHER, nCipher Advisory #12: Insecure Generation of Diffie-Hellman keys (09.03.2006)
 documentSECUNIA, [SA19137] nCipher Products Multiple Vulnerabilities (08.03.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:09.03.2006
Source:
SecurityVulns ID:5877
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:GALLERY : Gallery 2.0
 MYBLOGGIE : myBloggie 2.1
 NOAH : Classifieds 1.3
 ADPFORUM : ADP Forum 2.0
 HITHOST : HitHost 1.0
 MPHORUM : m-phorum 0.2
 D2KSOFT : d2kBlog 1.0
 REDBLOG : RedBloG 0.5
 CILEMHABER : Cilem Haber 1.1
 ZOPH : zoph 0.3
 DCPPORTAL : DCP Portal 6.1
 TXTFORUM : txtForum 1.0
 NODEZ : Nodez 4.6
Original documentdocumentenji_(at)_seclab.tuwien.ac.at, txtForum: Script Injection Vulnerability (09.03.2006)
 documentSECUNIA, [SA19165] Nodez "op" File Inclusion and Cross-Site Scripting (09.03.2006)
 documentenji_(at)_seclab.tuwien.ac.at, txtForum: Multiple XSS Vulnerabilities (09.03.2006)
 documentenji_(at)_seclab.tuwien.ac.at, MyBloggie: Multiple XSS Vulnerabilities (09.03.2006)
 documentenji_(at)_seclab.tuwien.ac.at, DCP Portal: Multiple XSS Vulnerabilities (09.03.2006)
 documentDEBIAN, [Full-disclosure] [SECURITY] [DSA 989-1] New zoph packages fix SQL injection (09.03.2006)
 documentSECUNIA, [SA19155] HitHost Cross-Site Scripting and Directory Deletion (09.03.2006)
 documentSECUNIA, [SA19157] Cilem Haber "haber_id" SQL Injection Vulnerability (09.03.2006)
 documentSECUNIA, [SA19156] manas tungare Site Membership Script Cross-Site Scripting and SQL Injection (09.03.2006)
 documentSECUNIA, [SA19175] Gallery "stepOrder[]" Local File Inclusion Vulnerability (09.03.2006)
 documentSECUNIA, [SA19181] RedBLoG "cat_id" SQL Injection Vulnerability (09.03.2006)
 documentzeus olimpusklan, [Full-disclosure] Noah's Classifieds Multiple Cross-Site Scripting Vulnerabilities (09.03.2006)
 document:) :), ADP Forum 2.0,* script İnjection (09.03.2006)
 documentokan alp, M-Phorum Cross Site Scripting (09.03.2006)

Norton Antivirus DoS
Published:09.03.2006
Source:
SecurityVulns ID:5878
Type:local
Threat Level:
5/10
Description:Antivirus crash on scanning malformed PE files.
Files:Norton AntiVirus Crash by NAV.kill File

Multiple Easy File Sharing Web server security vulnerabilities
Published:09.03.2006
Source:
SecurityVulns ID:5879
Type:remote
Threat Level:
5/10
Description:File upload with absolute path, denial of service, crossite scripting.
Affected:SHARINGFILE : Easy File Sharing Web Server 3.2
Original documentdocumentrevnic_(at)_gmail.com, Easy File Sharing Web Server Multiple Vulnerablilities (09.03.2006)

PeerCast peer-to-peer streaming server buffer overflow
Published:09.03.2006
Source:
SecurityVulns ID:5880
Type:remote
Threat Level:
5/10
Description:Buffer overflow on parsing request like http://localhost:7144/stream/?AAAAAAAAAAAAAAAAAAAAAAA....(800)
Affected:PEERCAST : PeerCast 0.1215
Original documentdocumentinfocus, INFIGO-2006-03-01: PeerCast streaming server remote buffer overflow (09.03.2006)
Files:PeerCast <= 0.1215 remote exploit
 GNU PeerCast <= v0.1216 Remote Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod