 |
|
|
|
Linux kernel multiple security vulnerabilities
updated since 11.02.2008 | | Published: |  | 12.02.2008 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 8659 | | Type: |  | local | | Level: |  | 7/10 | | Description: |  | Kernel memory access with vmsplice syscall, access between virtual machines with /proc |
| Affected: |  | LINUX : kernel 2.6 | | CVE: |  | CVE-2008-0600 (The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.) | | | | CVE-2008-0163 | | | | CVE-2008-0010 |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 12.02.2008 | | Source: | | | | SecurityVulns ID: | | 8660 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Power Phlogger: crossite scripting, information leakage. |
| Original document |  | hackturkiye.hackturkiye_(at)_gmail.com, joomla (k12.tr)(com_iomezun)SQL Injection (12.02.2008) |
| | | hackturkiye.hackturkiye_(at)_gmail.com, joomll(k12.tr)(com_mezun)SQL Injection (12.02.2008) |
| | | hackturkiye.hackturkiye_(at)_gmail.com, joomla (k12.tr)(com_iomezun)SQL Injection (12.02.2008) |
| | | hackturkiye.hackturkiye_(at)_gmail.com, Kommentare zum Download script SQL Injection (12.02.2008) |
| | | db_(at)_rawsecurity.org, my little forum XSS (12.02.2008) |
| | | rxhr_(at)_hotmail.com, aliboard Beta Upload Shell From ControlPanel (12.02.2008) |
| | | no-reply_(at)_aria-security.net, Mercury v1.1.5 Send Message Cross-Site Scripting (12.02.2008) |
| | | enterth3dragon_(at)_gmail.com, Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS (12.02.2008) |
| | | f10_(at)_by-f10.com, hi (12.02.2008) |
| | | staad1_(at)_gmail.com, Default Multiple Joomla! Component com_rapidrecipe "user_id=" Remote SQL Inj. (12.02.2008) |
| | | p_s3rver_(at)_yahoo.com, Vwar 1.5.0 (12.02.2008) |
| | | MustLive, Vulnerabilities in Power Phlogger (12.02.2008) |
Adobe Acrobat / Reader multiple security vulnerabilities
updated since 10.02.2008 | | Published: | | 12.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8651 | | Type: | | client | | Level: | | 8/10 | | Description: | | Multiple buffer overflows and integer overflows, unsafe methods, unsafe dynamic library loading. |
| Affected: | | ADOBE : Adobe Reader 8.1 | | | | ADOBE : Adobe Acrobat 8.1 | | CVE: | | CVE-2008-0726 (Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.) | | | | CVE-2008-0667 (The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655.) | | | | CVE-2007-5666 | | | | CVE-2007-5663 | | | | CVE-2007-5659 | | | | CVE-2007-5609 |
| Apache mod_jk2 multiple security vulnerabilities | | Published: | | 12.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8663 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Multiple buffer overflows, including oversized Host: header. |
| Microsoft Windows Active Directory DoS | | Published: | | 12.02.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 8667 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Crash on LDAP request handling. |
| Microsoft Windows Vista DoS | | Published: | | 12.02.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 8668 | | Type: | | client | | Level: | | 4/10 | | Description: | | Crash on DHCP server response parsing. |
| Microsoft Windows Web Client service buffer overflow | | Published: | | 12.02.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 8670 | | Type: | | client | | Level: | | 7/10 | | Description: | | Buffer overflow on WebDAV server response parsing. |
| Microsoft Internet Information Services privilege escalation | | Published: | | 12.02.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 8669 | | Type: | | local | | Level: | | 6/10 | | Description: | | Privilege escalation through file change notification. ASP files processing privilege escalation. |
| Cyansoftware Opium OPI Server / cyanPrintIP multiple security vulnerabilities | | Published: | | 12.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8665 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Format string vulnerability, DoS conditions. |
| Larson Software Technology Network Print Server multiple security vulnerabilities | | Published: | | 12.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8666 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Format string vulnerability and buffer overflow. |
| WML symbolic links vulnerability | | Published: | | 12.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8662 | | Type: | | local | | Level: | | 5/10 | | Description: | | Symbolic links problem on temporary files creation. |
| Affected: | | WML : wml 2.0 | | CVE: | | CVE-2008-0666 (Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files used by wml_backend/p3_eperl/eperl_sys.c.) | | | | CVE-2008-0665 (wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file.) |
| Grouplogic EztremeZ-IP file and print server multiple security vulnerabilities | | Published: | | 12.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8664 | | Type: | | remote | | Level: | | 5/10 | | Description: | | DoS conditions, directory traversal. |
| Microsoft Windows OLE buffer overflow | | Published: | | 12.02.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 8671 | | Type: | | client | | Level: | | 7/10 | | Description: | | Heap buffer overflow |
| Microsoft Word memory corruption | | Published: | | 12.02.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 8672 | | Type: | | client | | Level: | | 6/10 | | Description: | | Memory corruption on .doc file parsing. |
Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.02.2008 | | Published: | | 13.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8673 | | Type: | | remote | | Level: | | 8/10 | | Description: | | Multiple memory corruptions. |
F5 BIG-IP crossite scripting
updated since 12.02.2008 | | Published: | | 24.05.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8661 | | Type: | | remote | | Level: | | 4/10 | | Description: | | Crossite scripting in web admin console. |
|
|
|
|
|
|
|
|
