Microsoft Windows DNS server and DNS client DNS reply spoofing updated since 14.11.2007
Published:		09.07.2008
Source:		MICROSOFT
SecurityVulns ID:		8336
Type:		remote
Level:		6/10
Description:		Weak pseudo-random generator is used to generate DNS request ID.

Affected:		MICROSOFT : Windows 2000 Server
		MICROSOFT : Windows 2000 Professional
		MICROSOFT : Windows XP
		MICROSOFT : Windows 2003 Server
		MICROSOFT : Windows Vista
CVE:		CVE-2008-1454
		CVE-2008-1447
		CVE-2008-0087
		CVE-2007-3898

Original document		MICROSOFT, Microsoft Security Bulletin MS08-037 – Important Vulnerabilities in DNS Could Allow Spoofing (953230) (09.07.2008)
		Amit Klein, Microsoft Windows DNS Stub Resolver Cache Poisoning (MS08-020) (08.04.2008)
		MICROSOFT, Microsoft Security Bulletin MS08-020 – Important Vulnerability in DNS Client Could Allow Spoofing (945553) (08.04.2008)
		Alla Bezroutchko, [Full-disclosure] Predictable DNS transaction IDs in Microsoft DNS Server (14.11.2007)
		Amit Klein, After 6 months - fix available for Microsoft DNS cache poisoning attack (14.11.2007)
		MICROSOFT, Microsoft Security Bulletin MS07-062 – Important Vulnerability in DNS Could Allow Spoofing (941672) (14.11.2007)

Files:		program for DNS id spoofing
		Microsoft Security Bulletin MS07-062 – Important Vulnerability in DNS Could Allow Spoofing (941672)
		Microsoft Security Bulletin MS08-020 – Important Vulnerability in DNS Client Could Allow Spoofing (945553)
		Microsoft Security Bulletin MS08-037 – Important Vulnerabilities in DNS Could Allow Spoofing (953230)
Discuss:		Read or add your comments to this news (0 comments)

Microsoft Windows Explorercode execution
Published:		09.07.2008
Source:		MICROSOFT
SecurityVulns ID:		9134
Type:		client
Level:		7/10
Description:		Problem while parsing saved search files .search-ms.

Affected:		MICROSOFT : Windows Vista
		MICROSOFT : Windows 2008 Server
CVE:		CVE-2008-1435

Original document

MICROSOFT, Microsoft Security Bulletin MS08-038 – Important Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582) (09.07.2008)

Files:		Microsoft Security Bulletin MS08-038 – Important Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)
Discuss:		Read or add your comments to this news (0 comments)

F5 FirePass SNMP DoS
Published:		09.07.2008
Source:		BUGTRAQ
SecurityVulns ID:		9138
Type:		remote
Level:		5/10
Description:		Crash on 1.3.6.1.2.1.25.6 traversing.

Affected:

F5 : FirePass 1200

Original document

nnposter_(at)_disclosed.not, F5 FirePass 1200 SNMP daemon DoS (09.07.2008)

Discuss:

Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 09.07.2008
Published:		09.07.2008
Source:
SecurityVulns ID:		9140
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. RavenNuke: CAPTCHA bypass.

Affected:		VBULLETIN : vBulletin 3.7
		RAVENNUKE : RavenNuke 2.20
		PHPNUKE : 4ndvddb module for PHP-Nuke 0.91

Original document		lovebug_(at)_hotmail.it, XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower (09.07.2008)
		lovebug_(at)_hotmail.it, PHP-NUKE SQL Module's Name 4ndvddb (09.07.2008)
		MustLive, Insufficient Anti-automation vulnerability in RavenNuke (09.07.2008)

Discuss:

Read or add your comments to this news (0 comments)

HP OpenView Network Node Manager multiple security vulnerabilities
Published:		09.07.2008
Source:		BUGTRAQ
SecurityVulns ID:		9141
Type:		remote
Level:		6/10
Description:		Unauthorized access, code execution.

Affected:		HP : OpenView Network Node Manager 7.51
CVE:		CVE-2008-1697 (Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.51 allows remote attackers to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView request. NOTE: some of these details are obtained from third party information.)
		CVE-2008-0068

Original document		HP, [security bulletin] HPSBMA02349 SSRT080043 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data (09.07.2008)
		HP, [security bulletin] HPSBMA02348 SSRT080033 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) (09.07.2008)

Discuss:

Read or add your comments to this news (0 comments)

libpoppler library uninitialized pointer updated since 09.07.2008
Published:		10.07.2008
Source:		BUGTRAQ
SecurityVulns ID:		9139
Type:		library
Level:		6/10
Description:		Uninitialized pointer dereference on PDF parsing.

Affected:		POPPLER : Poppler 0.8
CVE:		CVE-2008-2950 (The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.)

Original document		Felipe Andres Manzano, [Full-disclosure] #2008-007 libpoppler uninitialized pointer - POC (10.07.2008)
		Andrea Barisani, [oCERT-2008-007] libpoppler uninitialized pointer (09.07.2008)

Files:		libpoppler uninitialized pointer exploit
Discuss:		Read or add your comments to this news (0 comments)

Microsoft SQL Server multiple security vulnerabilities updated since 09.07.2008
Published:		10.07.2008
Source:		MICROSOFT
SecurityVulns ID:		9136
Type:		local
Level:		6/10
Description:		Buffer overflows, memorry corruptions, information leak.

Affected:		MICROSOFT : SQL Server 7.0
		MICROSOFT : SQL Server 2000
		MICROSOFT : SQL Server 2005
CVE:		CVE-2008-0107
		CVE-2008-0106
		CVE-2008-0086
		CVE-2008-0085

Original document		Brett Moore, Insomnia : ISVA-080709.1 - Microsoft SQL Server - Corrupt Backup File Heap Overflow (10.07.2008)
		IDEFENSE, iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability (10.07.2008)
		MICROSOFT, Microsoft Security Bulletin MS08-040 – Important Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203) (09.07.2008)

Files:		Microsoft Security Bulletin MS08-040 – Important Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
Discuss:		Read or add your comments to this news (0 comments)

Microsoft Outlook Web Access crossite scripting updated since 09.07.2008
Published:		12.07.2008
Source:		MICROSOFT
SecurityVulns ID:		9135
Type:		remote
Level:		5/10
Description:		Crossite scripting on different pages.

Affected:		MICROSOFT : Exchange 2003
		MICROSOFT : Exchange 2007
CVE:		CVE-2008-2248
		CVE-2008-2247

Original document		disclosure_(at)_contextis.co.uk, Context IS Advisory - MS08-39 OWA XSS (12.07.2008)
		MICROSOFT, Microsoft Security Bulletin MS08-039 – Important Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747) (09.07.2008)

Files:		Microsoft Security Bulletin MS08-039 – Important Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)
Discuss:		Read or add your comments to this news (0 comments)

Microsoft Access ActiveX file download updated since 09.07.2008
Published:		12.08.2008
Source:		MICROSOFT
SecurityVulns ID:		9137
Type:		client
Level:		7/10
Description:		SnapShot Viewer ActiveX allows file download to any location.

Affected:		MICROSOFT : Office 2000
		MICROSOFT : Office XP
		MICROSOFT : Office 2003
		MICROSOFT : Office 2007
CVE:		CVE-2008-2463

Original document		MICROSOFT, Microsoft Security Bulletin MS08-041 – Critical Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617) (12.08.2008)
		CERT, US-CERT Technical Cyber Security Alert TA08-189A -- Microsoft Office Snapshot Viewer ActiveX Vulnerability (09.07.2008)

Files:		Microsoft Security Bulletin MS08-041 – Critical Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution
		Microsoft Security Advisory (955179) Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution
Discuss:		Read or add your comments to this news (0 comments)