Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows system services privilege escalation
updated since 01.02.2006
Published:11.04.2006
Source:
SecurityVulns ID:5721
Type:local
Threat Level:
8/10
Description:There are several local services SSDP Discovery service, Universal Plug and Play Host service) allow any authenticated user to configure service. It makes it possible to specify executable file and elevate privilege to Local System. Also vulnerable: HP Software: "Pml Driver HPZ12" (HP Printer Laserjet 4200L PCL 6) Audodesk: "Autodesk Licensing Service" Dell Power Managment Software for network cards: "NICCONFIGSVC" Macromedia: "Macromedia Licensing Service" Zonelabs.com TrueVector Device Driver: "vsdatant" C-Dilla Software: "C-DillaCdaC11BA" Macrovision SECURITY Driver (Security Windows NT): "CdaC15BA" Macrovision SECURITY Driver (Security Windows NT): "SecDrv"
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS06-011 Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798) (11.04.2006)
 documentyourname_(at)_yourdomain.com, Copy protection scheme SafeDisc allows privilege escalation (12.03.2006)
 documentAndres Tarasco , [Full-disclosure] Privilege Scalation for Windows Networks using weak Service restrictions v2.0 exploit (13.02.2006)
 documentsudhakar+bugtraq_(at)_cs.princeton.edu, Windows Access Control Demystified (01.02.2006)
Files:Windows Access Control Demystified
 Privilege Checker for Windows Services exploits weak service permissions
 Exploits Privilege Escalation for Windows Networks using weak Service restrictions v2.0
 Microsoft Security Bulletin MS06-011 Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:11.04.2006
Source:
SecurityVulns ID:5994
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MONOGOSEARCH : mnogosearch 3.2
 DOKEOS : Dokeos 1.6
 PHPWEBGALLERY : Phpwebgallery 1.4
 PHPNEWSMANAGER : phpNewsManager 1.48
 SHOPXS : ShopXS 4.0
 VEGADNS : Vegands 0.99
 JBOOK : Jbook 1.3
 PHPMYFORUM : phpMyForum 4.0
 DNGUESTBOOK : dnGuestbook 2.0
 SWSOFT : Confixx 3.1
Original documentdocumentsn4k3.23_(at)_gmail.com, Confixx 3.1.2 <= Cross Site Scripting Vuln (11.04.2006)
 documentSECUNIA, [SA19589] Debian mnogosearch Insecure Password Storage Security Issue (11.04.2006)
 documentSECUNIA, [SA19601] dnGuestbook admin.php SQL Injection Vulnerability (11.04.2006)
 documentSECUNIA, [SA19563] MAXdev MD-Pro ADOdb "server.php" Insecure Test Script Security Issue (11.04.2006)
 documentzeus olimpusklan, [Full-disclosure] JetPhoto Multiple Cross-Site Scripting Vulnerabilitie (11.04.2006)
 documentAlvaro Olavarria, [Full-disclosure] Dokeos 1.6.4 SQL Injection Vulnerability (11.04.2006)
 documentroot___(at)_linuxmail.org, PHPWebGallery Multiple Cross Site Scripting Vulnerabilities (11.04.2006)
 documentroot___(at)_linuxmail.org, phpMyForum Cross Site Scripting & CRLF injection (11.04.2006)
 documentroot___(at)_linuxmail.org, Jbook Cross Site Scripting (11.04.2006)
 documentAliaksandr Hartsuyeu, [eVuln] phpNewsManager Multiple SQL Injections (11.04.2006)
 documentking_purba_(at)_yahoo.co.uk, Vegadns blind sql injection and cross site scripting (11.04.2006)
 documentr0t, ShopXS v4.0 XSS vuln. (11.04.2006)

Microsoft Windows MDAC code execution
updated since 11.04.2006
Published:12.04.2006
Source:
SecurityVulns ID:5995
Type:client
Threat Level:
8/10
Description:RDS.Dataspace ActiveX object is marked as safe. Can be used for hidden malware installation with Internet Explorer.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentX-FORCE, ISS prtoection Brief: Microsoft MDAC Remote Code Execution (12.04.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-014 Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562) (11.04.2006)
Files:Microsoft Security Bulletin MS06-014 Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)

Microsoft Windows shell code execution
updated since 11.04.2006
Published:12.04.2006
Source:
SecurityVulns ID:5996
Type:client
Threat Level:
8/10
Description:COM object can execute code. Can be used for hidden malware installation with Internet Explorer.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS06-015 Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531) (11.04.2006)
Files:Microsoft Security Bulletin MS06-015 Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531)

Microsoft Outlook Express buffer overflow
updated since 11.04.2006
Published:12.04.2006
Source:
SecurityVulns ID:5997
Type:client
Threat Level:
6/10
Description:Buffer overflow on parsing WAB address book.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentZDI, ZDI-06-007: Microsoft Windows Address Book (WAB) File Format Parsing Vulnerability (12.04.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-016 Cumulative Security Update for Outlook Express (911567) (11.04.2006)
Files:Microsoft Security Bulletin MS06-016 Cumulative Security Update for Outlook Express (911567)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod