Computer Security
[EN] securityvulns.ru no-pyccku


Linux cored ump files privilege escalation
Published:12.07.2006
Source:
SecurityVulns ID:6365
Type:local
Threat Level:
7/10
Description:Application can create coredump file in any directory by setting rlimits.
Affected:LINUX : kernel 2.6
Original documentdocumentRoman Medina, [Full-disclosure] Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) (12.07.2006)
 documentRPATH, [Full-disclosure] rPSA-2006-0122-1 kernel (12.07.2006)
 documentPaul Starzetz, [Full-disclosure] Re: rPSA-2006-0122-1 kernel (12.07.2006)
Files:Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 )

Finjan Appliance cleartext password
Published:12.07.2006
Source:
SecurityVulns ID:6367
Type:local
Threat Level:
5/10
Description:ps.fdb.bak file contains Firebird database server password.
Affected:FINJAN : Finjan Appliance 5100
 FINJAN : Finjan Appliance 8100 NG
Original documentdocumentfinde_schwachstelle_(at)_gmx.net, [Full-disclosure] [SECURITY] Plain text password in Finjan Appliance 5100/8100 NG backup file (12.07.2006)

Cisco Router Web Setup weak default security settings
Published:12.07.2006
Source:
SecurityVulns ID:6368
Type:remote
Threat Level:
5/10
Description:By default it's possible to access IOS Web interface without authentication with highest access security level.
Affected:CISCO : Cisco Router Web Setup 3.3
Original documentdocumentCISCO, [Full-disclosure] Cisco Security Advisory: Cisco Router Web Setup Ships with Insecure Default IOS Configuration (12.07.2006)

Multiple Cisco Unified CallManager security vulnerabilities
Published:12.07.2006
Source:
SecurityVulns ID:6369
Type:remote
Threat Level:
6/10
Description:Multiple vulnerabilities with Command Line Interface and SIP protocol processing.
Affected:CISCO : Cisco Unified CallManager 5.0
Original documentdocumentCISCO, [Full-disclosure] Cisco Security Advisory: Multiple Cisco Unified CallManager Vulnerabilities (12.07.2006)

Cisco Intrusion Prevention System DoS
Published:12.07.2006
Source:
SecurityVulns ID:6370
Type:remote
Threat Level:
6/10
Description:Device failure on malformed network packet.
Affected:CISCO : IDS-4235
 CISCO : IPS-4240
 CISCO : IDS-4250
 CISCO : IPS-4255
Original documentdocumentCISCO, [Full-disclosure] Cisco Security Advisory: Cisco Intrusion Prevention System Malformed Packet Denial of Service (12.07.2006)

eBay Enhanced Picture Services buffer overflow
Published:12.07.2006
Source:
SecurityVulns ID:6372
Type:remote
Threat Level:
5/10
Affected:EBAY : eBay Enhanced Picture Services ActiveX Control 1.0
Original documentdocumentSECUNIA, [SA20969] eBay Enhanced Picture Services ActiveX Control Buffer Overflow (12.07.2006)

Ruby Safe Level security bypass
updated since 12.07.2006
Published:04.08.2006
Source:
SecurityVulns ID:6371
Type:library
Threat Level:
5/10
Description:"alias" can be exploited to replace safe function, directory access protection bypass. Few potentially dangerous methods are not limited.
Affected:RUBY : Ruby 1.6
 RUBY : ruby 1.8
Original documentdocumentDEBIAN, [SECURITY] [DSA 1139-1] New ruby1.6 packages fix privilege escalation (04.08.2006)
 documentSECUNIA, [SA21009] Ruby Safe Level Security Bypass Vulnerabilities (12.07.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod