Computer Security
[EN] securityvulns.ru no-pyccku


Multiple Mailman mail lists manager security vulnerabilities
updated since 04.09.2006
Published:14.09.2006
Source:
SecurityVulns ID:6573
Type:remote
Threat Level:
5/10
Description:Crossite scripting, DoS, log entris spoofing.
Affected:MAILMAN : mailman 2.1
Original documentdocumentMoritz Naumann, Mailman 2.1.8 Multiple Security Issues (14.09.2006)
 documentSECUNIA, [SA21732] Mailman Multiple Vulnerabilities (04.09.2006)

Cisco routers and Catalist switches multiple VTP security vulnerabilities
updated since 13.09.2006
Published:14.09.2006
Source:
SecurityVulns ID:6611
Type:remote
Threat Level:
7/10
Description:DoS, integer overflow and buffer oveflow on VTP (VLAN Trunking Protocol) packets parsing.
Affected:CISCO : IOS 12.1
Original documentdocumentCISCO, Re: Cisco IOS VTP issues (14.09.2006)
 documentFX, [email protected], [email protected], [email protected] (13.09.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:14.09.2006
Source:
SecurityVulns ID:6615
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SNITZ : Snitz Forums 3.4
 ZOPE : zope 2.7
 SOFTCOMPLEX : PHP Event Calendar 1.5
 DOIKA : Doika guestbook 2.5
 CITYFORFREE : indexcity 1.0
 NEWSSCRIPT : Newsscript 0.5
 TUALBLOG : TualBLOG 1.0
 NX5 : NX5Linkx 1.0
 CLOUDNINEINTERAC : Tag Board 3.0
 CLOUDNINEINTERAC : Links Manager
 FORUMJBC : ForumJBC 4
 VENTURENINE : Tagger LE
 DCPPORTAL : DCP-Portal SE 6.0
 KNOWLEDGEBUILDER : knowledgeBuilder 2.2
 MAGICNEWSPRO : Magic News Pro 1.0
 MAMBO : com_serverstat Mambo component 0.4
 PHPQUIZ : phpQuiz 0.01
 EMUCMS : emuCMS 0.3
Original documentdocumentSECUNIA, [SA21883] emuCMS "query" and "page" Cross-Site Scripting Vulnerabilities (14.09.2006)
 documentchris_hasibuan_(at)_yahoo.com, phpQuiz v0.01 design and coding byJule Slootbeek (pagename) Remote File Inclusion (14.09.2006)
 documentMILW0RM, Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability (14.09.2006)
 documentSaudi Hackrz, Magic News Pro => 1.0.3 (script_path) Remote File Inclusion Exploit (14.09.2006)
 documenthamidreza_(at)_mineduc.gov.rw, KnowledgeBuilder.v2.2.PHP.NULL-WDYL Remote File Inclusion (14.09.2006)
 documentdaftrix_(at)_gmail.com, Newsscript <= 0.5 Remote and Local File Include Vulnerability (14.09.2006)
 documentHACKERS PAL, DCP-Portal SE 6.0 multiple injections (14.09.2006)
 documentHACKERS PAL, ADOdb Date Library Full path Bugs (14.09.2006)
 documentSECUNIA, [Full-disclosure] Secunia Research: Tagger LE PHP "eval()" Injection Vulnerabilities (14.09.2006)
 documentx17_(at)_hotmail.fr, # ForumJBC v4 < = Cross-Site Scripting - XSS Exploit ; (14.09.2006)
 documentOS2A BTO, PHP Event Calendar Multiple Parameter Cross Site Scripting Vulnerability (14.09.2006)
 documentajannhwt_(at)_hotmail.com, Snitz Forums 2000 v3.4.06 (14.09.2006)
 documentAliaksandr Hartsuyeu, [eVuln] Doika guestbook 'page' XSS Vulnerability (14.09.2006)
 documentAliaksandr Hartsuyeu, [eVuln] indexcity SQL Injection and XSS Vulnerabilities (14.09.2006)
 documentAliaksandr Hartsuyeu, [eVuln] Links Manager Multiple XSS and SQL Injection Vulnerabilities (14.09.2006)
 documentAliaksandr Hartsuyeu, [eVuln] CJ Tag Board XSS Vulnerability (14.09.2006)
 documentAliaksandr Hartsuyeu, [eVuln] NX5Linkx Multiple Vulnerabilities (14.09.2006)
 documentDj_ReMix_20_(at)_hotmail.com, TualBLOG v 1.0 multiple sql injection (14.09.2006)
 documentMoritz Muehlenhoff, [SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure (14.09.2006)

HP-UX ARPA Transport Software DoS
Published:14.09.2006
Source:
SecurityVulns ID:6617
Type:local
Threat Level:
5/10
Affected:HP : HP-UX 11.11
 HP : HP-UX 11.23
Original documentdocumentHP, [security bulletin] HPSBUX02151 SSRT051021 rev.1 - HP-UX Running ARPA Transport Software, Local Denial of Service (DoS) (14.09.2006)

Symantec Antivirus format string security vulnerability
updated since 14.09.2006
Published:19.09.2006
Source:
SecurityVulns ID:6618
Type:local
Threat Level:
5/10
Description:Format string vulnerability in Virus Alert Notification Message templates.
Affected:SYMANTEC : Symantec AntiVirus Corporate Edition 9.0
 SYMANTEC : Symantec Client Security 3.0
 SYMANTEC : Symantec AntiVirus Corporate Edition 10.0
 SYMANTEC : Symantec AntiVirus Corporate Edition 8.1
Original documentdocumentSYMANTEC, Symantec Security Advisory: Symantec AntiVirus Corporate Edition (19.09.2006)
 documentDeral Heiland, [Full-disclosure] Layered Defense Advisory: Symantec AV Corporate Edition Format String Vulnerability (14.09.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod