Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		11.11.2006
Source:
SecurityVulns ID:		6810
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		DRAKECMS : Drake CMS 0.2
		ENCAPSCMS : EncapsCMS 0.3
		BREWBLOGGER : BrewBlogger 1.3
		WORKSYSTEM : worksystem 3.0

Original document		SlimTim10, WORK System E-Commerce (g_include) Remote File Inclusion Vulnerability (11.11.2006)
		firewall1954_(at)_hotmail.com, encapscms 0.3.6 - Remote File Include by Firewall (11.11.2006)
		CorryL, [x0n3-h4ck]Drake CMS v 0.2 XSS exploit (11.11.2006)

Files:		BrewBlogger 1.3.1 SQL Injection Exploit
Discuss:		Read or add your comments to this news (0 comments)

OpenLDAP DoS
Published:		11.11.2006
Source:		BUGTRAQ
SecurityVulns ID:		6811
Type:		remote
Level:		5/10
Description:		Certain combination of of LDAP bind request cause service crash.

Affected:

OPENLDAP : OpenLDAP 2.3

Original document

OPENPKG, [OpenPKG-SA-2006.033] OpenPKG Security Advisory (openldap) (11.11.2006)

Discuss:

Read or add your comments to this news (0 comments)

Avahi privilege escalation
Published:		11.11.2006
Source:		FULL-DISCLOSURE
SecurityVulns ID:		6812
Type:		local
Level:		5/10
Description:		Insufficient Netlink parameters validation allow to manipulate server parameters.

Affected:

AVAHI : Avahi 0.6

Original document

UBUNTU, [Full-disclosure] [USN-380-1] Avahi vulnerability (11.11.2006)

Discuss:

Read or add your comments to this news (0 comments)

Mac OS X fpathconf() DoS
Published:		11.11.2006
Source:		BUGTRAQ
SecurityVulns ID:		6813
Type:		local
Level:		5/10
Description:		fpathconf() call for unsupported file type causes system panic.

Original document

, MOKB-09-11-2006 (11.11.2006)

Discuss:

Read or add your comments to this news (0 comments)