 |
|
|
|
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: |  | 13.03.2008 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 8778 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| McAfee Framework / ePolicy Orchestrator format string vulnerability | | Published: | | 13.03.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8780 | | Type: | | library | | Level: | | 6/10 | | Description: | | Format string vulnerability in logging functions. |
| Argon Client Management Services directory traversal | | Published: | | 13.03.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8782 | | Type: | | remote | | Level: | | 5/10 | | Description: | | directory traversal in built-in TFTP server. |
| Remotely Anywhere DoS | | Published: | | 13.03.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8783 | | Type: | | remote | | Level: | | 5/10 | | Description: | | TCP/2000 HTTP request invalid Accept-Charset header NULL pointer dereference. |
Cisco SecureACS buffer overflow
updated since 12.03.2008 | | Published: | | 13.03.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8777 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow on UCP (user changeable passwords). |
| Acronis TrueImage multiple DoS conditions | | Published: | | 13.03.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8781 | | Type: | | remote | | Level: | | 5/10 | | Description: | | unallocated memory access, NULL pointer dereference. |
| Zabbix DoS | | Published: | | 13.03.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8784 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Invalid data to TCP/10050 приводят к отказу службы. |
Motorola Timbuktu multiple security vulnerabilities
updated since 12.03.2008 | | Published: | | 13.03.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8775 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Directory traversal, DoS and log spoofing. |
| Sun java WebStart multiple security vulnerabilities | | Published: | | 13.03.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8779 | | Type: | | client | | Level: | | 7/10 | | Description: | | Buffer overflow in useEncodingDecl(). |
| Affected: |  | SUN : JRE 5.0 | | | | ORACLE : JRE 6 | | CVE: |  | CVE-2008-1188 (Multiple buffer overflows in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1189.) | | | | CVE-2008-1188 (Multiple buffer overflows in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1189.) |
Squid Analysis Report Generator buffer overflow
updated since 03.03.2008 | | Published: | | 13.03.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8741 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow and crossite scripting on oversized User-Agent in squid log. |
| Affected: | | SARG : Squid Analysis Report Generator 2.2 | | CVE: | | CVE-2008-1168 (Cross-site scripting (XSS) vulnerability in Squid Analysis Report Generator (Sarg) 2.2.3.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.) | | | | CVE-2008-1167 (Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator (Sarg) 2.2.3.1 allows remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header. NOTE: some of these details are obtained from third party information.) |
|
|
|
|
|
|
|
|
