ProFTPd SQL injection
Published:		12.02.2009
Source:		BUGTRAQ
SecurityVulns ID:		9673
Type:		remote
Level:		7/10
Description:		SQL injections in database modules.

Affected:		PROFTPD : ProFTPD 1.3
CVE:		CVE-2009-0543 (ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.)
		CVE-2009-0542 (SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 allows remote attackers to execute arbitrary SQL commands via a "%" (percent) character in the username, which introduces a "'" (single quote) character during variable substitution by mod_sql.)

Original document		gat3way_(at)_gat3way.eu, Re: Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) (12.02.2009)
		Sergio Aguayo, Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) (12.02.2009)
		Shino, Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) (12.02.2009)
		gat3way_(at)_gat3way.eu, Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) (12.02.2009)

Files:		ProFTPd with mod_mysql Authentication Bypass Exploit
Discuss:		Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 12.02.2009
Published:		12.02.2009
Source:
SecurityVulns ID:		9675
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		TYPO3 : TYPO3 4.0
		PHOTOLIBRARY : Photolibrary 1.009

Original document		ivan.sanchez_(at)_nullcode.com.ar, [Suspected Spam][Fwd: Re: Novell-QuickFinder Server Xss & Java remote execution Code] (12.02.2009)
		DEBIAN, [SECURITY] [DSA 1720-1] New TYPO3 packages fix several vulnerabilities (12.02.2009)
		XiaShing_(at)_gmail.com, Full Path Disclosure In Photolibrary 1.009 (12.02.2009)

Discuss:

Read or add your comments to this news (0 comments)

Swann DVR4 video monitoring digital video recorder information leakage
Published:		12.02.2009
Source:		BUGTRAQ
SecurityVulns ID:		9679
Type:		remote
Level:		5/10
Description:		Unauthenticated access to configuration files is possible.

Affected:		SWANNSECURITY : Swann DVR4
		SWANNSECURITY : Swann DVR9

Original document

tez_(at)_spilsby.net, Remote Authentication Bypass - Swann DVR4 SecuraNet (possibly DVR9 as well) (12.02.2009)

Discuss:

Read or add your comments to this news (0 comments)

pam_kerberos multiple security vulnerabilities
Published:		12.02.2009
Source:		BUGTRAQ
SecurityVulns ID:		9674
Type:		local
Level:		5/10
Description:		Privilege escalation, DoS.

CVE:		CVE-2009-0361 (Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, does not properly handle calls to pam_setcred when running setuid, which allows local users to overwrite and change the ownership of arbitrary files by setting the KRB5CCNAME environment variable, and then launching a setuid application that performs certain pam_setcred operations.)
		CVE-2009-0360 (Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.)

Original document		DEBIAN, [SECURITY] [DSA 1722-1] New libpam-heimdal packages fix local privilege escalation (12.02.2009)
		Russ Allbery, pam-krb5 security advisory (3.12 and earlier) (12.02.2009)

Discuss:

Read or add your comments to this news (0 comments)

Geovision Digital Video Surveillance System directory traversal
Published:		12.02.2009
Source:		BUGTRAQ
SecurityVulns ID:		9677
Type:		remote
Level:		5/10

Affected:

GEOVISION : Geovision Digital Video Surveillance System 8.2

Original document

dejan.levaja_(at)_netsec.rs, Directory traversal vulnerability in Geovision Digital Video Surveillance System (geohttpserver) (12.02.2009)

Discuss:

Read or add your comments to this news (0 comments)

Nokia Phoenix Service Software ActiveX buffer overflow
Published:		12.02.2009
Source:		BUGTRAQ
SecurityVulns ID:		9678
Type:		client
Level:		5/10
Description:		SelectDevice method buffer overflow

Affected:

NOKIA : Phoenix Service Software 2008.04

Original document

murderskill_(at)_gmail.com, Nokia Phoenix Service Software 2008.04.007.32837 overflow POC (12.02.2009)

Discuss:

Read or add your comments to this news (0 comments)

Mozilla DoS
Published:		12.02.2009
Source:		BUGTRAQ
SecurityVulns ID:		9676
Type:		client
Level:		3/10
Description:		Server reply with 206 code causes application to hang.

Affected:

MOZILLA : Firefox 3.0

Original document

XiaShing_(at)_gmail.com, Denial of Service using Partial GET Request in Mozilla Firefox 3.06 (12.02.2009)

Discuss:

Read or add your comments to this news (0 comments)

Google Chrome, Mozilla Firefox, Opera, Internet Explorer browsers DoS updated since 30.09.2008
Published:		12.02.2009
Source:
SecurityVulns ID:		9318
Type:		client
Level:		5/10
Description:		Calling window.print() function in loop causes browser to hang. Uncontrollable memory allocation. Script can close window without user approval.

Affected:		MICROSOFT : Windows 2000 Server
		MICROSOFT : Windows 2000 Professional
		MICROSOFT : Windows XP
		MICROSOFT : Windows 2003 Server
		MICROSOFT : Windows Vista
		MICROSOFT : Windows 2008 Server
		MOZILLA : Firefox 3.0
		GOOGLE : Chrome 0.2
		OPERA : Opera 9.52

Original document		MustLive, DoS vulnerability in Internet Explorer 7 (12.02.2009)
		MustLive, DoS vulnerability in Mozilla, Opera and Google Chrome (01.11.2008)
		MustLive, DoS vulnerability in Firefox, Internet Explorer and Google Chrome (01.11.2008)
		Aditya K Sood, Google Chrome OnbeforeUload and OnUnload Null Check Vulnerability. (26.10.2008)
		MustLive, DoS vulnerabilities in Mozilla, Internet Explorer, Google Chrome and Opera (24.10.2008)
		MustLive, DoS vulnerability in Internet Explorer (01.10.2008)
		UniquE_(at)_UniquE-Key.Org, MS Internet Explorer 7 Denial Of Service Exploit (30.09.2008)
		Aditya K Sood, Advisory: Google Chrome Window Object Suppressing Remote Denial of Service. (30.09.2008)
		Aditya K Sood, Advisory : Opera Window Object Suppressing Remote Denial of Service (30.09.2008)
		Aditya K Sood, Advisory: Mozilla Firefox User Interface Null Pointer Dereference Dispatcher Crash and Remote Denial of Service. (30.09.2008)
		MustLive, DoS vulnerability in Google Chrome (30.09.2008)
		MustLive, DoS vulnerability in Opera (30.09.2008)
		MustLive, DoS vulnerability in Firefox (30.09.2008)

Files:		Internet Explorer memory bomb exploit
		Firefox, Opera, Chrome window priting DoS exploit
Discuss:		Read or add your comments to this news (0 comments)