Search:Vulnerability:12.10.2007 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Asterisk malformed MIME boundary multiple buffer overflows and DoS
updated since 27.08.2007
Published: 12.10.2007
Source: BUGTRAQ
SecurityVulns ID: 8094
Type: remote
Level: 6/10
Description: Multiple buffer overflows and crash on malformed MIME boundary if IMAP storage is used for Voicemail.

Affected: ASTERISK : Asterisk 1.4
CVE: CVE-2007-4521 (Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an IMAP voicemail storage backend, allows remote attackers to cause a denial of service via an e-mail with an "invalid/corrupted" MIME body, which triggers a crash when the recipient listens to voicemail.)

Original document ASTERISK, AST-2007-022: Buffer overflows in voicemail when using IMAP storage (12.10.2007)

ASTERISK, AST-2007-021: Crash from invalid/corrupted MIME bodies when using voicemail with IMAP storage (27.08.2007)

Discuss: Read or add your comments to this news (0 comments)

World in Conflict game server DoS
Published: 12.10.2007
Source: BUGTRAQ
SecurityVulns ID: 8237
Type: remote
Level: 5/10
Description: NULL pointer dereference on invalid TCP/52999 port data.

Affected: MASSIVE : World in Conflict 1.000

Original document Luigi Auriemma, NULL pointer crash in World in Conflict 1.000 (12.10.2007)

Discuss: Read or add your comments to this news (0 comments)

Linux initscripts weak permissions
Published: 12.10.2007
Source: BUGTRAQ
SecurityVulns ID: 8238
Type: local
Level: 5/10
Description: Weak permissions for /var/log/btmp files cause information leak about unsuccessful logon attempt.

Original document RPATH, rPSA-2007-0214-1 initscripts (12.10.2007)

Discuss: Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 12.10.2007
Published: 12.10.2007
Source:
SecurityVulns ID: 8239
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: CMSMADESIMPLE : CMS Made Simple 1.1
JOMMLA : swMenuFree 4.6 component for Joomla!
WORDPRESS : Simple Forum for WordPres 1.0
WORDPRESS : Simple Forum for WordPres 1.1
WORDPRESS : Simple Forum for WordPres 1.9

Original document Ivan Bolgar, Simple Forum (for WordPress) sql-inject exploit (public version) (12.10.2007)

Ivan Bolgar, Simple Forum (for WordPress) sql-inject exploit (public version) (12.10.2007)

Guns_(at)_0x90.com.ar, Joomla! swMenuFree 4.6 Component Remote File Include (12.10.2007)

document Omid, Several vulnerabilities in CMS Made Simple 1.1.3.1 (12.10.2007)

cyber-crime_(at)_sibersavascilar.com, wmtrssreader joomla component 1.0 Remote File Include Vulnerability (12.10.2007)

Files: Simple Forum (for WordPress) sql-inject exploit (public version)
Discuss: Read or add your comments to this news (0 comments)

3Com 3CRWER100-75 unauthorized access
Published: 12.10.2007
Source:
SecurityVulns ID: 8240
Type: remote
Level: 3/10
Description: Under specific conditions it's possible to access wireless router administration interface from external network.

Affected: 3COM : 3CRWER100-75

Original document Guy Mizrahi, 3Com WIFI router remote administration vulnerability. (12.10.2007)

Discuss: Read or add your comments to this news (0 comments)

CiscoWorks Wireless LAN Solution Engine Cisco Wireless Control System Conversion Utility default password
Published: 12.10.2007
Source: BUGTRAQ
SecurityVulns ID: 8241
Type: remote
Level: 5/10
Description: Conversion utility adds default password.

Affected: CISCO : Wireless Control System Conversion Utility 4.1

Original document CISCO, Cisco Security Advisory: Cisco Wireless Control System Conversion Utility Adds Default Password (12.10.2007)

Discuss: Read or add your comments to this news (0 comments)

G Data antivirus buffer overflow
Published: 12.10.2007
Source: BUGTRAQ
SecurityVulns ID: 8242
Type: remote
Level: 6/10
Description: ScanObjectBrowser.DLL SelectPath() function buffer overflow.

Original document Michal Bucko, [ELEYTT] 10PAZDZIERNIK2007 (12.10.2007)

Discuss: Read or add your comments to this news (0 comments)

CA BrightStor ARCServe BackUp multiple security vulnerabilities
Published: 12.10.2007
Source: BUGTRAQ
SecurityVulns ID: 8243
Type: remote
Level: 7/10
Description: TCP/6504 RPC-based requests processing multiple buffer overflows.

Affected: CA : Brightstor ARCserve Backup 11.1
CA : Brightstor ARCserve Backup 11.0
CA : BrightStor ARCserve Backup 10.5
CA : BrightStor ARCserve Backup 9.01
CA : Brightstor ARCserve Backup 11.5
CVE: CVE-2007-5332 (Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, have unknown impact and attack vectors related to memory corruption.)
CVE-2007-5331 (Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers.)
CVE-2007-5330 (The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to (1) execute arbitrary code via stack-based buffer overflows in unspecified RPC procedures, and (2) trigger memory corruption related to the use of "handle" RPC arguments as pointers.)
CVE-2007-5329 (Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption.)
CVE-2007-5328 (CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code via a "Privileged function exposure.")
CVE-2007-5327 (Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum.)
CVE-2007-5326 (Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.)
CVE-2007-5325 (Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.)

Original document EEYE, [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities (12.10.2007)

EEYE, EEYE: CA BrightStor ArcServe Backup Server Arbitrary Pointer Dereference (12.10.2007)

hfli, CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability (12.10.2007)

Discuss: Read or add your comments to this news (0 comments)

OpenBSD DHCP server buffer overflow
updated since 12.10.2007
Published: 05.11.2007
Source: BUGTRAQ
SecurityVulns ID: 8244
Type: remote
Level: 7/10
Description: Integer overflow with "maximum message size" option leads to buffer overflow.

Affected: OPENBSD : OpenBSD 4.0
OPENBSD : OpenBSD 4.1
OPENBSD : OpenBSD 4.2
CVE: CVE-2007-5365 (Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.)
CVE-2007-0063

Original document CORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSD�s DHCP server (12.10.2007)

Files: DoS Exploit for DHCPd bug
Discuss: Read or add your comments to this news (0 comments)