Computer Security
[EN] securityvulns.ru no-pyccku


VMWare ESX Server multiple security vulnerabilities
Published:14.11.2006
Source:
SecurityVulns ID:6817
Type:local
Threat Level:
5/10
Description:Invalid AMD fxsave/restore instructions handling. Vulnerabilities in embedded packages.
Affected:VMWARE : VMware ESX Server 2.0
 VMWARE : VMware ESX Server 2.1
 VMWARE : VMware ESX Server 2.5
 VMWARE : VMware ESX Server 3.0
Original documentdocumentVMWARE, VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 (14.11.2006)
 documentVMWARE, VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 (14.11.2006)
 documentVMWARE, VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2 (14.11.2006)
 documentVMWARE, VMSA-2006-0009 - VMware ESX Server 3.0.0 AMD fxsave/restore issue (14.11.2006)
 documentVMWARE, VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1 (14.11.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:14.11.2006
Source:
SecurityVulns ID:6818
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPKIT : PHPKIT 1.6
 PHPWCMS : phpwcms 1.2
 EXOSCRIPTS : ExoPHPDesk 1.2
 AMPACHE : ampache 3.3
 ELOG : ELOG 2.6
 CPANEL : CPanel 10
 SHOPSYSTEMS : ShopSystems 4.0
 TOPSTORY : TOPSTORY BASIC 1.0
 MYSTATS : MyStats 1.0
 PHPMANTA : phpManta - Mdoc 1.0
 ASPIRED2POLL : AspPired2 Poll 1.0
 USTORE : UStore 1.0
 NUCOMMUNITY : NuCommunity 1.0
 NUREMS : NuRems 1.0
 NUSCHOOL : NuSchool 1.0
 MAMBO : shambo2 Mambo component 4.5
 VBULLETIN : vBulletin 3.6
 PHPJOBSCHEDULER : phpjobscheduler 3.0
 PHPDEBUG : Phpdebug 1.1
 ULTRASITE : UltraSite 1.0
 ASPSCRIPTER : ASP Scripter Easy Portal 1.4
 ASPSCRIPTER : ASP Scripter Live Support 1.3
 PROPERTYPRO : Property Pro 1.0
 ASPPORTAL : ASPPortal 4.0
 UPUBLISHER : UPublisher 1.0
 ESTATEAGENTMANAG : Estate Agent Manager 1.3
 DIRECTADMIN : DirectAdmin 1.28
 MINIBB : MiniBB 2
 ONLINEEVENTREGIS : Online Event Registration 2.0
 RAMACMS : Rama CMS 0.68
 PHPWIND : PHPWind 5.0
 MUNCHPRO : Munch Pro 1.0
 STORYSTREAM : Storystream 4.0
 CONTENTNOW : ContentNow 1.30
 VALLHERU : Vallheru 1.0
 OPENSOLUTIONS : Quick.Cart 2.0
 PHPPEANUTS 1.1 : Phppeanuts 1.1
 NETQUERY : Netquery 4.0
 DOTDEB : Dotdeb PHP 5.2
CVE:CVE-2007-0179 (SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the subid parameter.)
 CVE-2006-7185 (PHP remote file inclusion vulnerability in includes/user_standard.php in CMSmelborp Beta allows remote attackers to execute arbitrary PHP code via a URL in the relative_root parameter.)
 CVE-2006-7020 (CRLF injection vulnerability in (1) include/inc_act/act_formmailer.php and possibly (2) sample_ext_php/mail_file_form.php in phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to modify HTTP headers and send spam e-mail via a spoofed HTTP Referer (HTTP_REFERER).)
 CVE-2006-7019 (phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to execute arbitrary code via crafted arguments to the (1) text_evento and (2) email_eventonome_evento parameters to phpwcms_code_snippets/mail_file_form.php and sample_ext_php/mail_file_form.php, which is processed by the render_PHPcode function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)
 CVE-2006-7018 (phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to execute arbitrary code via a crafted argument to the nome_evento parameter to phpwcms_code_snippets/mail_file_form.php and (2) sample_ext_php/mail_file_form.php, which is processed by the render_PHPcode function.)
Original documentdocumentAdvisory_(at)_Aria-Security.net, SiteXpress SQL Injection (14.11.2006)
 documentAdvisory_(at)_Aria-Security.net, SiteXpress SQL Injection (14.11.2006)
 documentStefan Esser, [Full-disclosure] Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability (14.11.2006)
 documentAdvisory_(at)_Aria-Security.net, ASPintranet SQL Injection (14.11.2006)
 documentSECUNIA, [SA22842] Ampache Unauthorized Guest Access (14.11.2006)
 documentSECUNIA, [SA22864] Netquery "User-Agent" HTTP Header Script Insertion (14.11.2006)
 documentHidayat Sagita, Phppeanuts 1.1 Remote File Include (14.11.2006)
 documentnavairum_(at)_gmail.com, ContentNow Directory Traversal(upload.php) (14.11.2006)
 documenttimq_(at)_hackernetwork.com, ContentNow Directory Traversal(upload.php) (14.11.2006)
 documentSECUNIA, [SA22812] Vallheru mail.php SQL Injection Vulnerabilities (14.11.2006)
 documentwrit3r_(at)_gmail.com, StoryStream 4.0 (baseDir) Remote File Include Vulnerabilities (14.11.2006)
 documentv1per-haCker, StoryStream 4.0 (baseDir) Remote File Include Vulnerabilities (14.11.2006)
 documentphilip anselmo, New Bug MiniBB Forum <= 2 Remote File Include (index.php) (14.11.2006)
 documentAdvisory_(at)_Aria-Security.net, DirectAdmin Multiple Cross Site Scription (14.11.2006)
 documentajannhwt_(at)_hotmail.com, Estate Agent Manager <= v1.3 (default.asp) Remote Login ByPass SQL Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, Property Pro v1.0 (vir_Login.asp) Remote Login ByPass SQL Injection Vulnerability (14.11.2006)
 documentAdvisory_(at)_Aria-Security.net, CPanel Multiple Cross Site Scription (14.11.2006)
 documentajannhwt_(at)_hotmail.com, Asp Scripter Products (cpLogin.asp) Remote SQL ByPass Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, Asp Scripter Products (cpLogin.asp) Remote SQL ByPass Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, UltraSite 1.0 (update.asp) Remote SQL Injection Vulnerability (14.11.2006)
 documentOS2A BTO, ELOG Web Logbook Remote Denial of Service Vulnerability (14.11.2006)
 documentfirewall1954_(at)_hotmail.com, Phpdebug 1.1.0 - Remote File Include by Firewall (14.11.2006)
 documentfirewall1954_(at)_hotmail.com, Phpjobscheduler 3.0 - Multiple Remote File Include (14.11.2006)
 documentnavairum_(at)_gmail.com, Aigaion Web Interface remote file inclusion (14.11.2006)
 documentlaurent gaffié, infinicart [ multiples injection sql & xss (post) ] (14.11.2006)
 documentajannhwt_(at)_hotmail.com, NuStore 1.0 (Products.asp) Remote SQL Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, NuRems 1.0 Remote XSS/SQL Injection Exploit (14.11.2006)
 documentajannhwt_(at)_hotmail.com, UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability (14.11.2006)
 documentlaurent gaffié, Mega Mall [ multiples injection sql & full path disclosure ] (14.11.2006)
 documentbenjilenoob_(at)_hotmail.com, MyStats <=1.0.8 [injection sql, multiples xss, array & full path disclosure] (14.11.2006)
 documentAesthetico, TOPSTORY BASIC Version 1.0 => Remote File Include Vulnerability (14.11.2006)
 documentAesthetico, [MajorSecurity Advisory #33]ShopSystems - SQL Injection Issue (14.11.2006)
 documentvannovax_(at)_gmail.com, Wordpress File Inclusion (14.11.2006)
 documentfirewall1954_(at)_hotmail.com, Exophpdesk V1.2 - Remote File Include (14.11.2006)
 documentphilipp.niedziela_(at)_gmx.de, PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit (14.11.2006)
Files:PHPWind <= 5.0.1 "AdminUser" blind SQL injection exploit
 Script Name: Munch Pro 1.0 (switch.asp) Remote SQL Injection Exploit
 CMSmelborp(user_standard.php) Remote File Inclusion Exploit
 Quick.Cart <= 2.0 Remote Code Execution Exploit
 phpManta - Mdoc 1.0
 AspPired2 Poll 1.0
 NuCommunity 1.0 (cl_CatListing.asp) Remote SQL Injection Exploit
 NuRems 1.0 (propertysdetails.asp) Remote SQL Injection Exploit
 NuSchool 1.0 (CampusNewsDetails.asp) Remote SQL Injection Exploit
 shambo2 Component For Mambo 4.5 Remote File Inclusion Exploit
 VBulletin DoS Exploit
 AspPortal Password Decrypter
 Online Event Registration <= v2.0 (save_profile.asp) Remote User Pass Change Exploit
 phpwcms <= 1.2.6 (Cookie: wcs_user_lang) Local File Include Exploit
 Rama CMS <= 0.68 (Cookie: lang) Local File Include Exploit

Digipass Go3 tokens weak encryption
Published:14.11.2006
Source:
SecurityVulns ID:6819
Type:local
Threat Level:
3/10
Description:Weakened implementation of 3DES is used.
Original documentdocumentfcollyer_(at)_gmail.com, Digipass Go3 Token Dumper (at least for 2006) (14.11.2006)
Files:Digipass Go3 Token Dumper

GraphicsMagick buffer overflow
Published:14.11.2006
Source:
SecurityVulns ID:6820
Type:library
Threat Level:
5/10
Description:Buffer overflows on parsing PALM and DCM formats.
Original documentdocumentGENTOO, [ GLSA 200611-07 ] GraphicsMagick: PALM and DCM buffer overflows (14.11.2006)

D-Link wireless drivers buffer overflow
Published:14.11.2006
Source:
SecurityVulns ID:6821
Type:remote
Threat Level:
7/10
Description:Buffer overflow on oversized 802.11 beacon frame Rates parameter.
Affected:DLINK : D-Link DWL-G132
Files:D-Link DWL-G132 Wireless Driver Beacon Rates Overflow

Novell BorderManager ISAKMP weak cryptography
Published:14.11.2006
Source:
SecurityVulns ID:6822
Type:m-i-t-m
Threat Level:
5/10
Description:Predictable cookie generation allows DoS and replay attacks.
Affected:NOVEL : BorderManager 3.8
Original documentdocumentSECUNIA, [SA22699] Novell BorderManager ISAKMP Predictable Cookie Security Issue (14.11.2006)

Multiple PowerDNS vulnerabilities
Published:14.11.2006
Source:
SecurityVulns ID:6823
Type:remote
Threat Level:
6/10
Description:Buffer overflow and DoS.
Affected:POWERDNS : PowerDNS 3.1
Original documentdocumentSECUNIA, [SA22824] PowerDNS Recursor Two Vulnerabilities (14.11.2006)

3Com SuperStack 3 switch SNMP information leak
Published:14.11.2006
Source:
SecurityVulns ID:6824
Type:remote
Threat Level:
5/10
Description:It's possible to get SNMP community string with management packets.
Affected:3COM : SuperStack 3 4400
Original documentdocumentSECUNIA, [SA22818] 3Com SuperStack 3 Switch 4400 Information Disclosure (14.11.2006)

Macromedia Flash Player buffer overflow
updated since 13.09.2006
Published:14.11.2006
Source:
SecurityVulns ID:6608
Type:client
Threat Level:
8/10
Description:Buffer overflow on .swf files playing. Vulnerability can be used for hidden malware installation through browser.
Affected:MICROSOFT : Windows XP
 ADOBE : Flash MX 2004
 ADOBE : Flash Player 8.0
 ADOBE : Flex 1.5
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS06-069 Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789) (14.11.2006)
 documentirc_(at)_computerterrorism.com, Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability (13.09.2006)
Files:Microsoft Security Bulletin MS06-069 Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789)

Microsoft Agent memory corruption
updated since 14.11.2006
Published:30.01.2007
Source:
SecurityVulns ID:6826
Type:client
Threat Level:
7/10
Description:Memory corruption on parsing .ACF files.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Microsoft XML Core Services 6.0
 MICROSOFT : Microsoft XML Core Services 4.0
CVE:CVE-2006-3445 (Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length value in an .ACF file, which results in a heap-based buffer overflow.)
Original documentdocumentCoseinc, COSEINC Alert: Microsoft Agent Heap Overflow Vulnerability Technical Details (Patched) (30.01.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS06-068 Vulnerability in Microsoft Agent Could Allow Remote Code Execution (920213) (14.11.2006)
Files:Microsoft Security Bulletin MS06-068 Vulnerability in Microsoft Agent Could Allow Remote Code Execution (920213)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod