Computer Security
[EN] securityvulns.ru no-pyccku


Filezilla FTP Server DoS
Published:10.12.2006
Source:
SecurityVulns ID:6912
Type:remote
Threat Level:
5/10
Description:Crash on invalid FTP commands sequence.
Affected:FILEZILLA : Filezilla 0.9
Files:Exploits Filezilla FTP Server 0.9.20 beta / 0.9.21 "STOR" Denial Of Service
 Filezilla FTP Server 0.9.20 beta / 0.9.21 "LIST", "NLST" and "NLST -al" Denial Of Service

ClamAV antivirus DoS
updated since 08.12.2006
Published:10.12.2006
Source:
SecurityVulns ID:6899
Type:remote
Threat Level:
5/10
Description:High recursion of MIME parts causes antivirus to crash.
Affected:CLAMAV : ClamAV 0.88
Original documentdocumentDEBIAN, [SECURITY] [DSA 1232-1] New clamav packages fix denial of service (10.12.2006)
 documentTomasz Kojm, Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass (08.12.2006)
 document3APA3A, Re[2]: Multiple Vendor Unusual MIME Encoding Content Filter Bypass (08.12.2006)
 documentHendrik Weimer, Multiple Vendor Unusual MIME Encoding Content Filter Bypass (08.12.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:10.12.2006
Source:
SecurityVulns ID:6908
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:KDLAND : KDPics 1.16
 PRONEWS : ProNews 1.5
 SCRIPTHP : Messageriescripthp 2.0
 SCRIPTHP : AnnonceScriptHP 2.0
 MXBB : mxBB Module Profile Control Panel 0.91
Original documentdocumentbd0rk_(at)_hackermail.com, mxBB Module Profile Control Panel 0.91c Remote File Include Vulnerability (10.12.2006)
 documentHagbard Celine, [Full-disclosure] DadaIMC default configuration vulnerability (10.12.2006)
 documentMr_KaLiMaN, AnnonceScriptHP V2.0 Multiple Vulnerabilities (10.12.2006)
 documentMr_KaLiMaN, Messageriescripthp V2.0 XSS & SQL Injection (10.12.2006)
 documentMr_KaLiMaN, ProNews V1.5 XSS & SQL Injection (10.12.2006)
 documentMr_KaLiMaN, KDPics Multiple Vulnerabities (10.12.2006)
Files:TorrentFlux 2.2 Database Credentials Exposure Exploit
 TorrentFlux 2.2 Command Execution Exploit

AOL ActiveX element buffer overflow
Published:10.12.2006
Source:
SecurityVulns ID:6909
Type:client
Threat Level:
6/10
Description:Buffer overflow in CDDBControlAOL.CDDBAOLControl ActiveX control.
Affected:AOL : AOL 8.0
 AOL : AOL 9.0
 AOL : AOL 7.0
Original documentdocumentSECUNIA, [SA23043] AOL CDDBControl ActiveX Control "SetClientInfo()" Buffer Overflow (10.12.2006)

Newtone ImageKit ActiveX buffer overflow
Published:10.12.2006
Source:
SecurityVulns ID:6910
Type:client
Threat Level:
5/10
Description:Buffer overflow in Newtone ImageKit ActiveX Control.
Affected:NEWTONE : Newtone ImageKit 5
 NEWTONE : Newtone ImageKit 6
 CASIO : Casio Photo Loader 3.0
Original documentdocumentSECUNIA, [SA23286] Newtone ImageKit ActiveX Control Unspecified Buffer Overfow (10.12.2006)

Net-SNMP security protection bypass
Published:10.12.2006
Source:
SecurityVulns ID:6911
Type:remote
Threat Level:
5/10
Description:Under some conditions write access may be obtained to read-only community.
Affected:NETSNMP : Net-SNMP 5.3
Original documentdocumentSECUNIA, [SA23285] Net-SNMP "rocommunity" and "rouser" Security Bypass (10.12.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod