Computer Security
[EN] securityvulns.ru
no-pyccku

  

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:09.10.2006
Source:
SecurityVulns ID:6694
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PAFILEDB : paFileDB 3.1
 PHPWEBSITE : phpWebSite 0.10
 MOODLE : Moodle 1.6
 4HOMEPAGES : 4images 1.7
 PSYCHOSTATS : PsychoStats 3.01
 ISEARCH : iSearch 2.16
 DOCMINT : docmint 2.0
 PHPMYNEWS : PHPMyNews 1.4
 OPENDOC : Easy Doc 1.4
 OPENDOC : Easy Blog 1.4
 OBDEV : WebYep 1.1
 FREENEWS : Freenews 1.1
 OPENDOCK : Easy Gallery 1.4
 PROXY2 : Advanced Poll 2.02
Original documentdocumenterdc_(at)_echo.or.id, [ECHO_ADV_52$2006]OpenDock Easy Gallery <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability (09.10.2006)
 documentdisfigure, SQL injection - moodle (09.10.2006)
 documentdisfigure, SQL injection - 4images (09.10.2006)
 documentXORON, Freenews v1.1 <= (chemin) Remote File Include Vulnerability (09.10.2006)
 documentzarloule04_(at)_hotmail.fr, XSS IN paFileDB 3.1 (09.10.2006)
 documentcrackers child, phpWebSite 0.10.2 Remote File Include Vulnerabilities (09.10.2006)
 documenterdc_(at)_echo.or.id, [ECHO_ADV_48$2006] WebYep <= 1.1.9 (webyep_sIncludePath) Multiple Remote File Inclusion Vulnerability (09.10.2006)
 documenterdc_(at)_echo.or.id, [ECHO_ADV_49$2006]OpenDock Easy Doc <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability (09.10.2006)
 documenterdc_(at)_echo.or.id, [ECHO_ADV_50$2006]OpenDock Easy Blog <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability (09.10.2006)
 documentXORON, PHPMyNews 1.4 <= (cfg_include_dir) Remote File Include Vulnerability (09.10.2006)
 documenterdc_(at)_echo.or.id, [ECHO_ADV_51$2006] docmint <= 2.0 (MY_ENV[BASE_ENGINE_LOC]) Remote File Inclusion Vulnerability (09.10.2006)
 documentalguidy_(at)_hotmail.com, Advanced Poll v2.02 :) <= Remote File Inclusion (09.10.2006)
 documentxp1o_(at)_msn.com, The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit (09.10.2006)
Files:PsychoStats v3.x Remote File view exploit
 docmint <= 2.0 (MY_ENV[BASE_ENGINE_LOC]) Remote File Inclusion Exploit

PHP integer overflow
Published:09.10.2006
Source:
SecurityVulns ID:6695
Type:library
Threat Level:
6/10
Description:unserialize() function integer overflow.
Affected:PHP : PHP 4.3
 PHP : PHP 5.1
CVE:CVE-2006-4812 (Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote attackers to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function (Zend/zend_alloc.c).)
Original documentdocumentStefan Esser, Advisory 09/2006: PHP unserialize() Array Creation Integer Overflow (09.10.2006)

PHP open_basedir protection bypass
updated since 04.10.2006
Published:09.10.2006
Source:
SecurityVulns ID:6681
Type:local
Threat Level:
5/10
Description:By using symbolic links in race period of time it's possible to bypass open_basedir protection.
Affected:PHP : PHP 4.4
 PHP : PHP 5.2
Original documentdocumentpaisterist.nst_(at)_gmail.com, PHP open_basedir with symlink() function Race Condition PoC exploit (09.10.2006)
 documentStefan Esser, Advisory 08/2006: PHP open_basedir Race Condition Vulnerability (04.10.2006)

OpenSSH timing attacks
updated since 03.05.2003
Published:09.10.2006
Source:
SecurityVulns ID:2789
Type:remote
Threat Level:
5/10
Description:It's possible to check user's validity by measuring response time.
Affected:OPENSSH : OpenSSH 3.6
 NOKIA : IPSO 3.0
 OPENSSH : OpenSSH 4.1
Original documentdocumentMarco Ivaldi, yet another OpenSSH timing leak? (09.10.2006)
 documentMarco Ivaldi, OpenSSH/PAM timing attack allows remote users identification (03.05.2003)
Files:OpenSSH <= 3.6.p1 - User Identification

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru