SquirrelMail PGP plugin unfiltered shell characters updated since 11.07.2007
Published:		12.07.2007
Source:		SECURITEAM
SecurityVulns ID:		7918
Type:		remote
Level:		6/10
Description:		Unfiltered shell characters on external application invocation in fpr parameter of keyring_main.php script and in different places.

Original document		IDEFENSE, iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_recv_key() Command Injection Vulnerability (12.07.2007)
		IDEFENSE, iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin deleteKey() Command Injection Vulnerability (12.07.2007)
		IDEFENSE, iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_help.php Local File Inclusion Vulnerability (12.07.2007)
		IDEFENSE, iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_check_sign_pgp_mime() Command Injection Vulnerability (12.07.2007)
		does_not_exist_(at)_jmp-esp.kicks-ass.net, SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability (11.07.2007)
		SECURITEAM, [EXPL] SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability (11.07.2007)

Discuss:

Read or add your comments to this news (0 comments)

Symantec Backup buffer overflow
Published:		12.07.2007
Source:		BUGTRAQ
SecurityVulns ID:		7921
Type:		remote
Level:		7/10
Description:		Buffer overflow in RPC/based service (TCP/6106).

Affected:

SYMANTEC : Backup Exec 10

Original document

IDEFENSE, iDefense Security Advisory 07.11.07: Symantec Backup Exec RPC Remote Heap Overflow Vulnerability (12.07.2007)

Discuss:

Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 12.07.2007
Published:		12.07.2007
Source:
SecurityVulns ID:		7926
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		DVBBS : Dvbbs 7.1
CVE:		CVE-2007-3693 (Cross-site scripting (XSS) vulnerability in Gobi as of 20070711, built on Helma, allows remote attackers to inject arbitrary web script or HTML via the q parameter to the search function.)

Original document		Susam Pal, [Full-disclosure] HomestayFinder XSS Vulnerability in Wikipedia Mirror (12.07.2007)
		Hanno Bock, [Full-disclosure] CVE-2007-3693: Cross site scripting and information disclosure in gobi/helma (12.07.2007)
		Calyptix Advisories, [Full-disclosure] Calyptix Security Advisory CX-2007-05 - eSoft InstaGate EX2 Cross-Site Request Forgery Attack (12.07.2007)
		Sacha, Dotclear remote script execution (12.07.2007)
		RaeD Hasadya, Powered By Dvbbs Version 7.1.0 Sp1 By Pass (12.07.2007)

Discuss:

Read or add your comments to this news (0 comments)

3COM Tippingpoint multiple protection bypass ways
Published:		12.07.2007
Source:		BUGTRAQ
SecurityVulns ID:		7919
Type:		remote
Level:		5/10
Description:		Invalid fragmented IP reassembly, some attacks against IIS may pass undetected.

Affected:		3COM : TippingPoint 2.1
		3COM : TippingPoint 2.2

Original document		Paul Craig, TippingPoint IPS Signature Evasion (12.07.2007)
		Andres Riancho, TippingPoint detection bypass (12.07.2007)

Discuss:

Read or add your comments to this news (0 comments)

Cisco Unified Communications Manager / Presence Server multiple security vulnerabilities
Published:		12.07.2007
Source:		BUGTRAQ
SecurityVulns ID:		7920
Type:		remote
Level:		7/10
Description:		Unauthorized SNMP access, buffer overflow in Certificate Trust List (TCP/2444) and Real-Time Information Server Data Collector (TCP/2556).

Affected:		CISCO : Cisco Unified CallManager 5.0
		CISCO : Cisco Unified CallManager 4.1
		CISCO : Cisco Unified CallManager 4.2
		CISCO : Cisco Unified CallManager 4.3
		CISCO : Cisco Unified CallManager 5.1
		CISCO : Cisco Unified CallManager 3.3
		CISCO : Cisco Unified Communications Manager 5.1
		CISCO : Cisco Unified Presence Server 1.0

Original document		CISCO, Cisco Security Advisory: Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities (12.07.2007)
		CISCO, Cisco Security Advisory: Cisco Unified Communications Manager Overflow Vulnerabilities (12.07.2007)

Discuss:

Read or add your comments to this news (0 comments)

XnView buffer overflow updated since 12.07.2007
Published:		12.07.2007
Source:		BUGTRAQ
SecurityVulns ID:		7923
Type:		client
Level:		6/10
Description:		Buffer overflow on parsing XPM image files.

Affected:		XNVIEW : XnView 1.90
CVE:		CVE-2007-2194 (Stack-based buffer overflow in XnView 1.90.3 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information.)

Original document

GENTOO, [ GLSA 200707-06 ] XnView: Stack-based buffer overflow (12.07.2007)

Discuss:

Read or add your comments to this news (0 comments)

IPSwitch WS_FTP logging daemon DoS
Published:		12.07.2007
Source:		FULL-DISCLOSURE
SecurityVulns ID:		7924
Type:		remote
Level:		5/10
Description:		Denial of service UDP/515 on network packet parsing.

Affected:

IPSWITCH : WS_FTP 7.5

Original document

Jared DeMott, [Full-disclosure] IPSwitch WS_FTP Logging Server Remote Denial of Service -- a VDA Labs, LLC discovery (12.07.2007)

Files:		Exploits IPSwitch WS_FTP Logging Server Remote Denial of Service
Discuss:		Read or add your comments to this news (0 comments)

Adobe Flash player multiple security vulnerabilities updated since 12.07.2007
Published:		12.07.2007
Source:		CERT
SecurityVulns ID:		7927
Type:		client
Level:		8/10
Description:		Multiple vulnerabilities lead to code execution and denial of service.

Affected:		ADOBE : Flash Player 9.0
		ADOBE : Flash Player 7.070
		ADOBE : Flex 2.0
		ADOBE : Flash CS3 Professional
		ADOBE : Flash Basic
		ADOBE : Flash Player 8.0.
CVE:		CVE-2007-3457 (Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which potentially allows remote attackers to conduct a CSRF attack via a crafted SWF file.)
		CVE-2007-3456 (Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative.)

Original document		Minded Security Research Labs, [MSA01110707] Flash Player/Plugin Video file parsing Remote Code Execution (14.07.2007)
		CERT, US-CERT Technical Cyber Security Alert TA07-192A -- Adobe Flash Player Updates for Multiple Vulnerabilities (12.07.2007)

Discuss:

Read or add your comments to this news (0 comments)

Multiple applications security vulnerabilities
Published:		12.07.2007
Source:		BUGTRAQ
SecurityVulns ID:		7928
Level:		5/10
Description:		Mozilla Firefox pop-ups DoS, Microsoft Register Server DoS, FreeWRL ActiveX memory corruption, Nonnoi ASP Barcode files overwrite, Eltima Software VSPAX DoS, Media Player Classic memory corruption, Eltima Software RunService AX DoS, Symantec Norton Ghost ActiveX DoS and code execution, ctiveReportsExcelReport, NMSDVDXLib, InnovaDSXP2.OCX ActiveX DoS.

Affected:		MOZILLA : Firefox 2.0
		FREEWRL : FreeWRL 1.19
		MPC : Media Player Classic 6.4
		SYMANTEC : Norton Ghost 12.0

Original document

sapheal_(at)_hack.pl, [Eleytt] 7LIPIEC2007 (12.07.2007)

Discuss:

Read or add your comments to this news (0 comments)

Apple QuickTime buffer overflow updated since 12.07.2007
Published:		13.07.2007
Source:		FULL-DISCLOSURE
SecurityVulns ID:		7925
Type:		library
Level:		7/10
Description:		Buffer overflow on SMIL format parsing.

Affected:		APPLE : QuickTime 7.1
CVE:		CVE-2007-2394 (Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation.)

Original document		CERT, US-CERT Technical Cyber Security Alert TA07-193A -- Apple Releases Security Updates for QuickTime (13.07.2007)
		IDEFENSE, [Full-disclosure] iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability (12.07.2007)

Discuss:

Read or add your comments to this news (0 comments)

Symantec Antivirus privilege escalation updated since 12.07.2007
Published:		11.09.2007
Source:		BUGTRAQ
SecurityVulns ID:		7922
Type:		local
Level:		6/10
Description:		It's possible to overwrite system memory regions with IOCTL 0x83022323 of \\symTDI\ device.

Affected:

SYMANTEC : Symantec AntiVirus 5.5

Original document		SYMANTEC, Symantec Product Security: Symantec Device Driver Local Elevation of Privilege (11.09.2007)
		IDEFENSE, iDefense Security Advisory 07.11.07: Symantec AntiVirus symtdi.sys Local Privilege Escalation Vulnerability (12.07.2007)

Discuss:

Read or add your comments to this news (0 comments)