gaim intant messenger buffer overflow
Published:		14.05.2005
Source:		FULL-DISCLOSURE
SecurityVulns ID:		4794
Type:		remote
Level:		6/10
Description:		Buffer oveflow during e-mail address displaying.

Affected:

GAIM : gaim 1.2

Original document

Ron, [Full-disclosure] Gaim 1.2.1 -- PoC Stack Overflow (14.05.2005)

Files:		demonstration of Gaim 1.2.1's stack overflow vulnerability
Discuss:		Read or add your comments to this news (0 comments)

PHP, ASP, CGI web applications security vulnerabilities updated since 10.05.2005
Published:		14.05.2005
Source:
SecurityVulns ID:		4779
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, etc.

Affected:		PHPBB : phpBB 2.0
		OPENBB : OpenBB 1.0
		ADVANCEDGUESTBOO : Advanced Guestbook 2.3
		UPB : Ultimate PHP Board 1.9
		PHPMYCHAT : phpMyChat 0.14
		WORDPRESS : WordPress 1.5
		PWSPHP : PwsPHP 1.2
		GEOCENTRAL : Easy Message Board
		PSOFT : H-Sphere Winbox
		PSOFT : Site Studio
		CODETHATSHOPPING : CodeThatShoppingCart 1.3
		WOWBB : WowBB 1.62
		PIXYSOFT : Guestbook PRO 3.2
		MAXWEBPORTAL : MaxWebPortal 1.3
		YAPPANG : yappa-ng 2.3
		DFORUM : DForum 1.0
		DIRECTTOPICS : Directtopics 2.2
		NUKEET : Nuke ET 3.1
		QUICKCART : Quick.Cart 0.3
		POSTMASTER : PostMaster 4.2
		QUICKFORUM : Quick.Forum 2.1
		BOASTMACHINE : BoastMachine 3.0
		AVN : ASP Virtual News Manager 1.0
		BOOBY : Booby 1.0
		SHOWOFF : ShowOff! Digital Media Software 1.5
		1TWONEWS : 1Two News 1.0

Original document		Megasky, PHPHeaven PHPMyChat Cross-site Scripting Vulnerablitiy (14.05.2005)
		Megasky, OpenBB SQL Injection & Cross-site Scripting Vulnerability (14.05.2005)
		Morinex Eneco, Ultimate PHP Board (UPB) Security Advisory (13.05.2005)
		SECUNIA, [SA15324] WordPress Unspecified Vulnerability (13.05.2005)
		SECUNIA, [SA15344] 1Two News Script Insertion and Authentication Bypass (13.05.2005)
		SECUNIA, [SA15300] ShowOff! Digital Media Software Two Vulnerabilities (13.05.2005)
		SECUNIA, [SA15346] ASP Virtual News Manager "password" SQL Injection Vulnerability (13.05.2005)
		SECUNIA, [SA15305] Booby Disclosure of Private Bookmarks (13.05.2005)
		SECUNIA, [SA15312] BoastMachine File Upload Vulnerability (13.05.2005)
		SECUNIA, [SA15200] Quick.Forum Topic Script Insertion Vulnerability (13.05.2005)
		SECUNIA, [SA15268] PostMaster Multiple Vulnerabilities (13.05.2005)
		SECUNIA, [SA15297] Quick.Cart "sWord" Cross-Site Scripting Vulnerability (13.05.2005)
		SECUNIA, [SA15332] Nuke ET "codigo" Cross-Site Scripting Vulnerability (13.05.2005)
		Morinex Eneco, Directtopics Multiple Vulnerabilities (Security Advisory) (13.05.2005)
		4пальца, "Старый добрый" DForum (12.05.2005)
		JeiAr, Yappa-NG Multiple Vulnerabilities (12.05.2005)
		Zinho, [HSC Security Group] MaxWebPortal - Multiple SQL injection/XSS (12.05.2005)
		SoulBlack Group, [Full-disclosure] Guesbook Pro XSS & HTML Injection (11.05.2005)
		Megasky, WowBB view_user.php SQL Injection Vulnerability (11.05.2005)
		SECUNIA, [SA15251] CodeThatShoppingCart Multiple Vulnerabilities (10.05.2005)
		morning_wood, [Full-disclosure] SiteStudio (10.05.2005)
		morning_wood, [Full-disclosure] H-Sphere (10.05.2005)
		SoulBlack Group, [Full-disclosure] Easy Message Board Directory Traversal and Remote Command (10.05.2005)
		SoulBlack Group, Easy Message Board Directory Traversal and Remote Command (10.05.2005)
		Spy Hat, Advanced Guestbook 2.3.1 (10.05.2005)
		Paul Laudanski, phpbb 2.0.15 released - patches high critical vuln (10.05.2005)
		SecuBox fRoGGz, PwsPHP v1.2.2 Final - Multiples vulnerabilities (10.05.2005)

Discuss:

Read or add your comments to this news (0 comments)

cdrdao privilege escalation
Published:		14.05.2005
Source:		SECUNIA
SecurityVulns ID:		4795
Type:		local
Level:		5/10
Description:		root privileges are not dropped before writing configuration file.

Affected:

CDRDAO : cdrdao 1.1

Original document

SECUNIA, [SA15354] cdrdao Unspecified Privilege Escalation Vulnerability (14.05.2005)

Discuss:

Read or add your comments to this news (0 comments)