 |
|
|
|
| Multiple Mozilla / Firefox / Netscape vulnerabilities | | Published: |  | 10.05.2005 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 4780 | | Type: |  | client | | Level: |  | 8/10 | | Description: |  | Few combined vulnerabilities allow to download and execute file on client machine. |
| Affected: |  | MOZILLA : Mozilla 1.0 | | | | MOZILLA : Mozilla 1.7 | | | | NETSCAPE : Netscape 7.2 | | | | MOZILLA : Firefox 1.0 |
| Original document |  | Paul, Firefox Remote Compromise Technical Details (10.05.2005) |
| Zoidcom network library DoS | | Published: | | 10.05.2005 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 4782 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Insufficient check of the network data. |
| Affected: | | ZOIDCOM : Zoidcom 1.0 |
| Original document | | Luigi Auriemma, [Full-disclosure] Crash in Zoidcom 1.0 beta 4 (10.05.2005) |
| IPSec information leak | | Published: | | 10.05.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4781 | | Type: | | remote | | Level: | | 6/10 | | Description: | | If ESP is used without integrity control it's possible to obtain plaintext data in ICMP error meesage by modifying source packet. |
| Original document | | albatross_(at)_tim.it, NISCC Vulnerability Advisory IPSEC - 004033 (10.05.2005) |
| Digital Video Surveillance System weak authentication | | Published: | | 10.05.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4783 | | Type: | | m-i-t-m | | Level: | | 5/10 | | Description: | | Authentication mechanism is vulnerable to man-in-the-midle attack (replay attack and cleartext recovery). |
| Affected: | | GEOVISION : GeoVision Digital Video Surveillance System 6.04 | | | | GEOVISION : GeoVision Digital Video Surveillance System 6.1 | | | | GEOVISION : GeoVision Digital Video Surveillance System 7.0 |
| Original document | | Tirath Rai, Esqo advisory: GeoVision Digital Video Surveillance System - Multiple authentication issues (10.05.2005) |
PHP, ASP, CGI web applications security vulnerabilities
updated since 10.05.2005 | | Published: | | 14.05.2005 | | Source: | | | | SecurityVulns ID: | | 4779 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, etc. |
| Affected: | | PHPBB : phpBB 2.0 | | | | OPENBB : OpenBB 1.0 | | | | ADVANCEDGUESTBOO : Advanced Guestbook 2.3 | | | | UPB : Ultimate PHP Board 1.9 | | | | PHPMYCHAT : phpMyChat 0.14 | | | | WORDPRESS : WordPress 1.5 | | | | PWSPHP : PwsPHP 1.2 | | | | GEOCENTRAL : Easy Message Board | | | | PSOFT : H-Sphere Winbox | | | | PSOFT : Site Studio | | | | CODETHATSHOPPING : CodeThatShoppingCart 1.3 | | | | WOWBB : WowBB 1.62 | | | | PIXYSOFT : Guestbook PRO 3.2 | | | | MAXWEBPORTAL : MaxWebPortal 1.3 | | | | YAPPANG : yappa-ng 2.3 | | | | DFORUM : DForum 1.0 | | | | DIRECTTOPICS : Directtopics 2.2 | | | | NUKEET : Nuke ET 3.1 | | | | QUICKCART : Quick.Cart 0.3 | | | | POSTMASTER : PostMaster 4.2 | | | | QUICKFORUM : Quick.Forum 2.1 | | | | BOASTMACHINE : BoastMachine 3.0 | | | | AVN : ASP Virtual News Manager 1.0 | | | | BOOBY : Booby 1.0 | | | | SHOWOFF : ShowOff! Digital Media Software 1.5 | | | | 1TWONEWS : 1Two News 1.0 |
| Original document | | Megasky, PHPHeaven PHPMyChat Cross-site Scripting Vulnerablitiy (14.05.2005) |
| | | Megasky, OpenBB SQL Injection & Cross-site Scripting Vulnerability (14.05.2005) |
| | | Morinex Eneco, Ultimate PHP Board (UPB) Security Advisory (13.05.2005) |
| | | SECUNIA, [SA15324] WordPress Unspecified Vulnerability (13.05.2005) |
| | | SECUNIA, [SA15344] 1Two News Script Insertion and Authentication Bypass (13.05.2005) |
| | | SECUNIA, [SA15300] ShowOff! Digital Media Software Two Vulnerabilities (13.05.2005) |
| | | SECUNIA, [SA15346] ASP Virtual News Manager "password" SQL Injection Vulnerability (13.05.2005) |
| | | SECUNIA, [SA15305] Booby Disclosure of Private Bookmarks (13.05.2005) |
| | | SECUNIA, [SA15312] BoastMachine File Upload Vulnerability (13.05.2005) |
| | | SECUNIA, [SA15200] Quick.Forum Topic Script Insertion Vulnerability (13.05.2005) |
| | | SECUNIA, [SA15268] PostMaster Multiple Vulnerabilities (13.05.2005) |
| | | SECUNIA, [SA15297] Quick.Cart "sWord" Cross-Site Scripting Vulnerability (13.05.2005) |
| | | SECUNIA, [SA15332] Nuke ET "codigo" Cross-Site Scripting Vulnerability (13.05.2005) |
| | | Morinex Eneco, Directtopics Multiple Vulnerabilities (Security Advisory) (13.05.2005) |
| | | 4пальца, "Старый добрый" DForum (12.05.2005) |
| | | JeiAr, Yappa-NG Multiple Vulnerabilities (12.05.2005) |
| | | Zinho, [HSC Security Group] MaxWebPortal - Multiple SQL injection/XSS (12.05.2005) |
| | | SoulBlack Group, [Full-disclosure] Guesbook Pro XSS & HTML Injection (11.05.2005) |
| | | Megasky, WowBB view_user.php SQL Injection Vulnerability (11.05.2005) |
| | | SECUNIA, [SA15251] CodeThatShoppingCart Multiple Vulnerabilities (10.05.2005) |
| | | morning_wood, [Full-disclosure] SiteStudio (10.05.2005) |
| | | morning_wood, [Full-disclosure] H-Sphere (10.05.2005) |
| | | SoulBlack Group, [Full-disclosure] Easy Message Board Directory Traversal and Remote Command (10.05.2005) |
| | | SoulBlack Group, Easy Message Board Directory Traversal and Remote Command (10.05.2005) |
| | | Spy Hat, Advanced Guestbook 2.3.1 (10.05.2005) |
| | | Paul Laudanski, phpbb 2.0.15 released - patches high critical vuln (10.05.2005) |
| | | SecuBox fRoGGz, PwsPHP v1.2.2 Final - Multiples vulnerabilities (10.05.2005) |
|
|
|
|
|
| |
|
| |
