Computer Security

Search:Vulnerability:14.09.2006
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Roxio Toast 7 privilege escalation
updated since 18.08.2006
Published:14.09.2006
Source:FULL-DISCLOSURE
SecurityVulns ID:6512
Type:local
Level:5/10
Description:External applications are launched with relative path.
Affected:ROXIO : Toast 7
Original documentdocumentNetragard Security Advisories, [Full-disclosure] [NETRAGARD-20060822 SECURITY ADVISORY] [ APPLE COMPUTER CORPORATION KEXTLOAD VULNERABILITY + ROXIO TOAST TITANUM 7 HELPER APP - LOCAL ROOT COMROMISE] (14.09.2006)
 documentNetragard Security Advisories, [Full-disclosure] [NETRAGARD-20060624 SECURITY ADVISORY] [ ROXIO TOAST 7 TITANIUM LOCAL ROOT COMPROMISE - DEJA VU RACE CONDITION] (12.09.2006)
 documentNetragard Security Advisories, [Full-disclosure] NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ] (18.08.2006)
Discuss:Read or add your comments to this news (0 comments)

Multiple Mailman mail lists manager security vulnerabilities
updated since 04.09.2006
Published:14.09.2006
Source:BUGTRAQ
SecurityVulns ID:6573
Type:remote
Level:5/10
Description:Crossite scripting, DoS, log entris spoofing.
Affected:MAILMAN : Mailman 2.1
Original documentdocumentsecurity_(at)_moritz-naumann.com, Mailman 2.1.8 Multiple Security Issues (14.09.2006)
 documentSECUNIA, [SA21732] Mailman Multiple Vulnerabilities (04.09.2006)
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:14.09.2006
Source:BUGTRAQ
SecurityVulns ID:6615
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SNITZ : Snitz Forums 3.4
 ZOPE : zope 2.7
 SOFTCOMPLEX : PHP Event Calendar 1.5
 DOIKA : Doika guestbook 2.5
 CITYFORFREE : indexcity 1.0
 NEWSSCRIPT : Newsscript 0.5
 TUALBLOG : TualBLOG 1.0
 NX5 : NX5Linkx 1.0
 CLOUDNINEINTERAC : Tag Board 3.0
 CLOUDNINEINTERAC : Links Manager
 FORUMJBC : ForumJBC 4
 VENTURENINE : Tagger LE
 DCPPORTAL : DCP-Portal SE 6.0
 KNOWLEDGEBUILDER : knowledgeBuilder 2.2
 MAGICNEWSPRO : Magic News Pro 1.0
 MAMBO : com_serverstat Mambo component 0.4
 PHPQUIZ : phpQuiz 0.01
 EMUCMS : emuCMS 0.3
Original documentdocumentSECUNIA, [SA21883] emuCMS "query" and "page" Cross-Site Scripting Vulnerabilities (14.09.2006)
 documentchris_hasibuan_(at)_yahoo.com, phpQuiz v0.01 design and coding byJule Slootbeek (pagename) Remote File Inclusion (14.09.2006)
 documentMILW0RM, Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability (14.09.2006)
 documentSaudi Hackrz, Magic News Pro => 1.0.3 (script_path) Remote File Inclusion Exploit (14.09.2006)
 documenthamidreza_(at)_mineduc.gov.rw, KnowledgeBuilder.v2.2.PHP.NULL-WDYL Remote File Inclusion (14.09.2006)
 documentdaftrix_(at)_gmail.com, Newsscript <= 0.5 Remote and Local File Include Vulnerability (14.09.2006)
 documentHACKERS PAL, DCP-Portal SE 6.0 multiple injections (14.09.2006)
 documentHACKERS PAL, ADOdb Date Library Full path Bugs (14.09.2006)
 documentSECUNIA, [Full-disclosure] Secunia Research: Tagger LE PHP "eval()" Injection Vulnerabilities (14.09.2006)
 documentx17_(at)_hotmail.fr, # ForumJBC v4 < = Cross-Site Scripting - XSS Exploit ; (14.09.2006)
 documentOS2A BTO, PHP Event Calendar Multiple Parameter Cross Site Scripting Vulnerability (14.09.2006)
 documentajannhwt_(at)_hotmail.com, Snitz Forums 2000 v3.4.06 (14.09.2006)
 documentAliaksandr Hartsuyeu, [eVuln] Doika guestbook 'page' XSS Vulnerability (14.09.2006)
 documentAliaksandr Hartsuyeu, [eVuln] indexcity SQL Injection and XSS Vulnerabilities (14.09.2006)
 documentAliaksandr Hartsuyeu, [eVuln] Links Manager Multiple XSS and SQL Injection Vulnerabilities (14.09.2006)
 documentAliaksandr Hartsuyeu, [eVuln] CJ Tag Board XSS Vulnerability (14.09.2006)
 documentAliaksandr Hartsuyeu, [eVuln] NX5Linkx Multiple Vulnerabilities (14.09.2006)
 documentDj_ReMix_20_(at)_hotmail.com, TualBLOG v 1.0 multiple sql injection (14.09.2006)
 documentMoritz Muehlenhoff, [SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure (14.09.2006)
Discuss:Read or add your comments to this news (0 comments)

HP-UX ARPA Transport Software DoS
Published:14.09.2006
Source:BUGTRAQ
SecurityVulns ID:6617
Type:local
Level:5/10
Affected:HP : HP-UX 11.11
 HP : HP-UX 11.23
Original documentdocumentHP, [security bulletin] HPSBUX02151 SSRT051021 rev.1 - HP-UX Running ARPA Transport Software, Local Denial of Service (DoS) (14.09.2006)
Discuss:Read or add your comments to this news (0 comments)

Cisco routers and Catalist switches multiple VTP security vulnerabilities
updated since 13.09.2006
Published:14.09.2006
Source:FULL-DISCLOSURE
SecurityVulns ID:6611
Type:remote
Level:7/10
Description:DoS, integer overflow and buffer oveflow on VTP (VLAN Trunking Protocol) packets parsing.
Affected:CISCO : IOS 12.1
Original documentdocumentCISCO, Re: Cisco IOS VTP issues (14.09.2006)
 documentFX, bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk, darklab@darklab.org (13.09.2006)
Discuss:Read or add your comments to this news (0 comments)

OpenView Operations unauthorized access
Published:14.09.2006
Source:BUGTRAQ
SecurityVulns ID:6616
Type:remote
Level:5/10
Affected:HP : OpenView Operations 8.0
 HP : OpenView Operations 7.1
 HP : OpenView Operations 8.1
 HP : OpenView Operations for Windows a.07.21
 HP : OpenView Operations for Windows a.07.20
 HP : OpenView Operations for Windows a.07.10
 HP : OpenView Operations for Windows a.07.00
Original documentdocumentHP, [security bulletin] HPSBMA02149 SSRT050968 rev.1 - HP OpenView Operations, Remote Unauthorized Access and Denial of Service (DoS) (14.09.2006)
Discuss:Read or add your comments to this news (0 comments)

Symantec Antivirus format string security vulnerability
updated since 14.09.2006
Published:19.09.2006
Source:BUGTRAQ
SecurityVulns ID:6618
Type:local
Level:5/10
Description:Format string vulnerability in Virus Alert Notification Message templates.
Affected:SYMANTEC : Symantec AntiVirus Corporate Edition 9.0
 SYMANTEC : Symantec Client Security 3.0
 SYMANTEC : Symantec AntiVirus Corporate Edition 10.0
 SYMANTEC : Symantec AntiVirus Corporate Edition 8.1
Original documentdocumentSYMANTEC, Symantec Security Advisory: Symantec AntiVirus Corporate Edition (19.09.2006)
 documentDeral Heiland, [Full-disclosure] Layered Defense Advisory: Symantec AV Corporate Edition Format String Vulnerability (14.09.2006)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru