Computer Security

Search:Vulnerability:09.06.2008
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Linux kernel multiple security vulnerabilities
Published:09.06.2008
Source:BUGTRAQ
SecurityVulns ID:9065
Type:remote
Level:8/10
Description:Buffer overflow in CIFS and SNMP ASN.1 parsing code. Buffer overflow in DCCP.
Affected:LINUX : kernel 2.6
CVE:CVE-2008-2358 (Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow.)
 CVE-2008-1673
Original documentdocumentDEBIAN, [SECURITY] [DSA 1592-1] New Linux 2.6.18 packages fix overflow conditions (09.06.2008)
Discuss:Read or add your comments to this news (0 comments)

Network General Enterprise Administrator privilege escalation
Published:09.06.2008
Source:BUGTRAQ
SecurityVulns ID:9066
Type:local
Level:5/10
Description:Administrative access doesn't require authentication.
Affected:NETWORKGENERAL : Visualizer V2100
 NETWORKGENERAL : Infinistream i1730
Original documentdocumentjgrove_2000_(at)_yahoo.com, Vulnerability in Network General/Net Scout product (09.06.2008)
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:09.06.2008
Source:BUGTRAQ
SecurityVulns ID:9064
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PIXELPOST : Pixelpost 1.7
 NEXTGENGALLERY : Nextgen gallery 0.96
Original documentdocumentEduardo Jorge, XSS - NEXTGEN GALLERY 0.96 WORDPRESS PLUGIN (09.06.2008)
 documentAlex Eden, webTA by kronos - XSS (09.06.2008)
 documentCharles "real" F., PixelPost 1.7.1 File Disclosure (09.06.2008)
Discuss:Read or add your comments to this news (0 comments)

Akamai Red Swoosh crossite scripting
Published:09.06.2008
Source:BUGTRAQ
SecurityVulns ID:9067
Type:client
Level:6/10
Description:Crossite request forgery to embedded web server is possible.
Affected:AKAMAI : Red Swoosh Client 3322
CVE:CVE-2008-1106
Original documentdocumentAKAMAI, Akamai Technologies Security Advisory 2008-0003 (Akamai Client Software) (09.06.2008)
 documentSECUNIA, Secunia Research: Akamai Red Swoosh Cross-Site Request Forgery (09.06.2008)
Discuss:Read or add your comments to this news (0 comments)

FreeSSHD buffer overflow
updated since 09.06.2008
Published:23.12.2008
Source:BUGTRAQ
SecurityVulns ID:9063
Type:local
Level:5/10
Description:sftp post authentication buffer overflow
Affected:FREESSHD : FreeSSHD 1.2
Original documentdocumentwrit3r_(at)_gmail.com, FreeSSHd Multiple Remote Stack Overflow Vulnerabilities (23.12.2008)
 documentwrit3r_(at)_gmail.com, freeSSHd (stf - rename) Buffer Overflow Vulnerability (26.10.2008)
 documentm.memelli_(at)_be4mind.com, FreeSSHD 1.2.1 (Post Auth) Remote Seh Overflow Exploit (09.06.2008)
Files:FreeSSHD 1.2.1 (Post Auth) Remote Seh Overflow http://freeddsshd.com/
 Exploits FreeSSHd Multiple Remote Stack Overflow Vulnerabilities
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server