Computer Security
[EN] no-pyccku

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 11.09.2010
SecurityVulns ID:11131
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:HORDE : Horde 3.3
 CUBECART : CubeCart 4.3
 TYPO3 : typo3 4.3
 JOOMLA : Aardvertiser 2.1
 ZENPHOTO : Zenphoto 1.3
 JOOMLA : Clantools 1.5
 CHILLIYCMS : chillyCMS 1.1
 SMBIND : smbind 0.4
 OPENCLASSIFIELDS : Open Classifieds 1.3
 NETARTMEDIA : Real Estate Portal 2.0
 NETARTMEDIA : iBoutique.MALL 1.2
 POWERSTORE : PowerStore 3
 IBPRO : IB Pro CMS 1.0
 IBPRO : IB Pro CMS 2.0
 MEMBERMANAGEMENT : Member Management System 4.0
Original documentdocumentr0t, Member Management System v 4.0 XSS vuln. (12.09.2010)
 documentMustLive, Уязвимости в IB Promotion Advanced Business Web Suite (12.09.2010)
 documentr0t, NetArtMEDIA Car Portal v2.0 XSS vuln. (12.09.2010)
 documentr0t, PowerStore™ 3 XSS vuln. (12.09.2010)
 documentr0t, iBoutique.MALL 1.2 XSS vuln. (12.09.2010)
 documentr0t, NetArtMEDIA Real Estate Portal v2.0 XSS vuln. + NetArtMEDIA lfi. (12.09.2010)
 documentr0t, Open Classifieds version XSS Vuln. (12.09.2010)
 documentDEBIAN, [SECURITY] [DSA-2103-1] New smbind packages fix sql injection (12.09.2010)
 documentadmin_(at), chillyCMS Multiple Vulnerabilities (12.09.2010)
 documentsattler_(at), Joomla Component Clantools version 1.2.3 Multiple Blind SQL Injection Vulnerabilities (12.09.2010)
 documentsattler_(at), Joomla Component Clantools version 1.5 Blind SQL Injection Vulnerability (12.09.2010)
 documentMoritz Naumann, XSS in Horde Application Framework <=3.3.8, icon_browser.php (12.09.2010)
 documentBogdan Calin, Security problems in Zenphoto version 1.3 (12.09.2010)
 documentDEBIAN, [SECURITY] [DSA 2098-2] New typo3-src packages fix regression (12.09.2010)
 documentsattler_(at), Joomla Component Aardvertiser 2.1 free Blind SQL Injection Vulnerability (12.09.2010)
 documentBogdan Calin, SQL Injection and XSS vulnerabilities in CubeCart version 4.3.3 (11.09.2010)

Apple Safari code execution
SecurityVulns ID:11132
Threat Level:
Description:Under some conditions, explorer.exe is executed with relative name.
Affected:APPLE : Safari 4.0
 APPLE : Safari 4.1
Original documentdocumentACROS Security, ACROS Security: Remote Binary Planting in Apple Safari for Windows (ASPR #2010-09-08-1) (12.09.2010)

couchdb code execution
SecurityVulns ID:11133
Threat Level:
Description:Ralative path for dynamic library loading.
Affected:COUCHDB : CouchDB 0.11
CVE:CVE-2010-2953 (Untrusted search path vulnerability in a certain Debian GNU/Linux patch for the couchdb script in CouchDB 0.8.0 allows local users to gain privileges via a crafted shared library in the current working directory.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2107-1] New couchdb package fixes arbitrary code execution (12.09.2010)

sudo privilege escalation
SecurityVulns ID:11134
Threat Level:
Description:Under some conditions, user can execute arbitrary code as root if sudo was configured to allow the attacker to use a program as a group when the attacker was not a part of that group
Affected:SUDO : sudo 1.7
CVE:CVE-2010-2956 (Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.)
Original documentdocumentUBUNTU, [USN-983-1] Sudo vulnerability (12.09.2010)

LVM2 unauthorized access
SecurityVulns ID:11135
Threat Level:
Description:Access to management commands is not authorized for local socket.
Affected:LVM2 : LVM2 2.02
Original documentdocumentMANDRIVA, [ MDVSA-2010:171 ] lvm2 (12.09.2010)

quagga BGP daemon DoS
SecurityVulns ID:11136
Threat Level:
Description:Few DoS conditions on BGP traffic parsing.
Affected:QUAGGA : quagga 0.99
CVE:CVE-2010-2949 (bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.)
 CVE-2010-2948 (Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Outbound Route Filtering (ORF) record in a BGP ROUTE-REFRESH (RR) message.)
Original documentdocumentDEBIAN, [SECURITY] [DSA-2104-1] New quagga packages fix denial of service (12.09.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod