Computer Security
[EN] securityvulns.ru no-pyccku


CA eTrust antivirus multiple security vulnerabilities
updated since 11.05.2007
Published:12.05.2007
Source:
SecurityVulns ID:7696
Type:remote
Threat Level:
6/10
Description:Local buffer overflow in task scheduler, remote buffer overflow in antiviral server (TCP/12168).
Affected:CA : eTrust Integrated Threat Management 8
 CA : eTrust AntiVirus Server 8
 CA : eTrust Antivirus Agent 8
 CA : CA Anti-Spyware 8
 CA : CA Protection Suites 3
CVE:CVE-2007-2523 (CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 use weak permissions (NULL security descriptor) for the Task Service shared file mapping, which allows local users to modify this mapping and gain privileges by triggering a stack-based buffer overflow in InoCore.dll before 8.0.448.0.)
 CVE-2007-2522 (Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.)
Original documentdocumentCA, [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities (12.05.2007)
 documentbinagres_(at)_gmail.com, Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability (11.05.2007)
 documentZDI, ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability (11.05.2007)
 documentIDEFENSE, iDefense Security Advisory 05.09.07: Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability (11.05.2007)
Files:Exploit for eTrust Antivirus Agent r8

vim sandbox protection bypass
Published:12.05.2007
Source:
SecurityVulns ID:7697
Type:local
Threat Level:
5/10
Description:Potentially dangerous functions are allowed in modeline processing.
Affected:VIM : vim 7.0
CVE:CVE-2007-2438 (The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.)
Original documentdocumentMANDRIVA, [ MDKSA-2007:101 ] - Updated vim packages fix vulnerability (12.05.2007)

ISC BIND named DoS
Published:12.05.2007
Source:
SecurityVulns ID:7698
Type:remote
Threat Level:
6/10
Description:DoS on SOA records processing if recursion is enabled.
Affected:BIND : bind 9.4
 BIND : bind 9.5
CVE:CVE-2007-2241 (Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function.)
Original documentdocumentMANDRIVA, [ MDKSA-2007:100 ] - Updated bind packages fix vulnerability (12.05.2007)

McAfee multiple antiviral products Security Center ActiveX buffer overflow
Published:12.05.2007
Source:
SecurityVulns ID:7699
Type:client
Threat Level:
6/10
Description:Buffer overflow in IsOldAppInstalled() function.
Affected:MCAFEE : Security Center 7.2
 MCAFEE : Security Center 6.0
 MCAFEE : Virus Scan 10.0
Original documentdocumentIDEFENSE, iDefense Security Advisory 05.08.07: McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability (12.05.2007)

Symantec Norton Internet Security Code Execution
Published:12.05.2007
Source:
SecurityVulns ID:7701
Type:client
Threat Level:
5/10
Description:Invalid processing of exceptional conditions allows to access ActiveX not makrked as safe for scripting.
Affected:SYMANTEC : Norton Internet Security 2006
 SYMANTEC : Norton AntiVirus 2006
CVE:CVE-2006-3456 (The Symantec NAVOPTS.DLL ActiveX control (aka Symantec.Norton.AntiVirus.NAVOptions) 12.2.0.13, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, is designed for use only in application-embedded web browsers, which allows remote attackers to "crash the control" via unspecified vectors related to content on a web site, and place Internet Explorer into a "defunct state" in which remote attackers can execute arbitrary code in addition to other Symantec ActiveX controls, regardless of whether they are marked safe for scripting. NOTE: this CVE was inadvertently used for an E-mail Auto-Protect issue, but that issue has been assigned CVE-2007-3771.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 05.09.07: Symantec Norton Internet Security 2006 COM Object Security ByPass Vulnerability (12.05.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 12.05.2007
Published:12.05.2007
Source:
SecurityVulns ID:7702
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SQUIRRELMAIL : squirrelmail 1.4
 PHPMUR : phpMUR 2006.09
 PHILBOARD : Philboard 0.2
 EFILECABINET : eFileCabinet 3.3
 TEAMSPEAK : Teamspeak Server 2.0
Original documentdocumentGilberto Ficara, [Full-disclosure] Teamspeak Server 2.0.20.1 Vulnerabilities (12.05.2007)
 documentsuresync_(at)_gmail.com, Multiple Denial of Service attacks possible for Webspeed OpenEdge (12.05.2007)
 documentVulnerabilityResearch_(at)_digitaldefense.net, eFileCabinet Authentication Bypass (12.05.2007)
 documentabsamu_(at)_gmail.com, fotolog xss (12.05.2007)
 documentALEMIN KRALI, W1L3D4 Philboard v0.2 sql injection (12.05.2007)
 documentthe_3dit0r_(at)_yahoo.com, phpMUR Cross Site Scripting (12.05.2007)
 documentp3rlhax_(at)_gmail.com, squirrelmail CSRF vulnerability (12.05.2007)

Multiple ActiveX security vulnerabilities
Published:12.05.2007
Source:
SecurityVulns ID:7703
Type:client
Threat Level:
4/10
Description:DoS conditions.
Affected:AUDIOCDRIPPER : Audio CD Ripper OCX 1.0
Original documentdocumentsapheal_(at)_hack.pl, Multiple vulnerabilities (12.05.2007)

PHP libxmlrpc buffer overflow
Published:12.05.2007
Source:
SecurityVulns ID:7704
Type:library
Threat Level:
6/10
Affected:PHP : PHP 4.4
 PHP : PHP 5.2
CVE:CVE-2007-1864 (Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.)

Sun Solaris srsexec unauthorized files accesss
Published:12.05.2007
Source:
SecurityVulns ID:7705
Type:local
Threat Level:
5/10
Description:By using combination of -d and -v command line options it's possible to read first line of any file.
Affected:ORACLE : Solaris 10
Original documentdocumentIDEFENSE, iDefense Security Advisory 05.10.07: Sun Microsystems Solaris SRS Proxy Core srsexec Arbitrary File Read Vulnerability (12.05.2007)

Novell NetMail buffer overflow
Published:12.05.2007
Source:
SecurityVulns ID:7706
Type:remote
Threat Level:
6/10
Description:Stack based overflow in NMDMC.EXE on SSL access.
Affected:NOVELL : NetMail 3.52
Original documentdocumentIDEFENSE, iDefense Security Advisory 05.10.07: Novell NetMail NMDMC Buffer Overflow Vulnerability (12.05.2007)

Apple Darwin Streaming Proxy multiple buffer overflows
Published:12.05.2007
Source:
SecurityVulns ID:7707
Type:remote
Threat Level:
6/10
Description:Multiple buffer overflows on parsing different commands.
Affected:APPLE : Darwin Streaming Proxy 4.1
Original documentdocumentIDEFENSE, iDefense Security Advisory 05.10.07: Apple Darwin Streaming Proxy Multiple Vulnerabilities (12.05.2007)

TFTPdWin TFTP server directory traversal
Published:12.05.2007
Source:
SecurityVulns ID:7708
Type:remote
Threat Level:
5/10
Affected:TFTPDWIN : TFTPdWin 0.4
Original documentdocumentVulnerabilityResearch_(at)_digitaldefense.net, TFTPdWin 0.4.2 Server Directory Traversal Vulnerability (12.05.2007)

Apple QuickTime / iTunes multiple vulnerabilities
updated since 12.01.2006
Published:12.05.2007
Source:
SecurityVulns ID:5620
Type:client
Threat Level:
6/10
Description:Heap overflow on GIF images parsing, stack overflow on QTIF parsing, heap overflow on video samples parsing.
Affected:APPLE : QuickTime 7.0
CVE:CVE-2007-0754 (Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted Sample Table Sample Descriptor (STSD) atom size in a QuickTime movie.)
Original documentdocument3COM, TPTI-07-07: Apple QuickTime STSD Parsing Heap Overflow Vulnerability (12.05.2007)
 documentFortinet Research, [VulnWatch] Fortinet Advisory: Apple QuickTime Player Color Map Entry Size Buffer Overflow (13.01.2006)
 documentFortinet Research, [VulnWatch] Fortinet Advisory: "Apple QuickTime Player ImageWidth Integer Overflow Vulnerability" (13.01.2006)
 documentFortinet Research, [VulnWatch] Fortinet Security Advisory: "Apple QuickTime Player Improper Memory Access Vulnerability" (13.01.2006)
 documentFortinet Research, [VulnWatch] Fortinet Advisory: Apple Quick Time Player ImageWidth Denial of Service Vulnerability (13.01.2006)
 documentFortinet Research, [VulnWatch] Fortinet Advisory - Apple QuickTime Player StripOffsets Improper Memory Acces (13.01.2006)
 documentFortinet Research, [VulnWatch] Fortinet Advisory - Apple QuickTime Player StripByteCounts Buffer Overflow Vulnerability (13.01.2006)
 documentCERT, US-CERT Technical Cyber Security Alert TA06-011A -- Apple QuickTime Vulnerabilities (12.01.2006)
 documentEEYE, [EEYEB-20051117A] Apple QuickTime STSD Atom Heap Overflow (12.01.2006)
 documentEEYE, [EEYEB-20051117B] Apple iTunes (QuickTime.qts) Heap Overflow (12.01.2006)
 documentEEYE, [EEYEB-20051220] Apple QuickTime QTIF Stack Overflow (12.01.2006)
 documentEEYE, [EEYEB-20051117B] Apple iTunes (QuickTime.qts) Heap Overflow (12.01.2006)

Cisco IOS embedded FTP server multiple security vulneraiblities
updated since 12.05.2007
Published:21.08.2008
Source:
SecurityVulns ID:7700
Type:remote
Threat Level:
6/10
Description:DoS, unauthorized access, directory traversal.
Affected:CISCO : IOS 12.1
 CISCO : IOS 12.2
 CISCO : IOS 12.3
 CISCO : IOS 12.4
Original documentdocumentAndy Davis, Version-independent IOS shellcode (21.08.2008)
 documentAndy Davis, Step-by-step instructions for debugging Cisco IOS using gdb (15.08.2008)
 documentAndy Davis, Cisco IOS shellcode explanation - additional (31.07.2008)
 documentAndy Davis, Remote Cisco IOS FTP exploit (30.07.2008)
 documentAndy Davis, Cisco IOS shellcode explanation (30.07.2008)
 documentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in the IOS FTP Server (12.05.2007)
Files:Cisco IOS FTP server remote exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod