Computer Security
[EN] securityvulns.ru no-pyccku


Multiple Sun Solaris vulnerabilities
Published:14.12.2006
Source:
SecurityVulns ID:6926
Type:local
Threat Level:
6/10
Description:Buffer overflow in ld.so doprf(), directory traversal on parsing different environment variables in ld.so.
Affected:ORACLE : Solaris 10
Original documentdocumentIDEFENSE, iDefense Security Advisory 12.12.06: Sun Microsystems Solaris ld.so 'doprf()' Buffer Overflow Vulnerability (14.12.2006)
 documentIDEFENSE, iDefense Security Advisory 12.12.06: Sun Microsystems Solaris ld.so Directory Traversal Vulnerability (14.12.2006)

IBM DB2 database server DoS
Published:14.12.2006
Source:
SecurityVulns ID:6928
Type:remote
Threat Level:
5/10
Description:NULL pointer dereference on malformed SQLJRA packet.
Affected:IBM : DB2 8.1
 IBM : DB2 8.2
Original documentdocumentSHATTER, IBM DB2 Remote DoS during CONNECT processing (14.12.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:14.12.2006
Source:
SecurityVulns ID:6931
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:RADINKS : Rad Upload 3.02
 GENESIS : GenesisTrader 1.0
Original documentdocumentHackers Center Security Group, shopsite advisory (14.12.2006)
 documentMr_KaLiMaN, GenesisTrader v1.0 - Multiple Vulnerabilities (14.12.2006)
 documentHACKERS PAL, BLOG:CMS Remote file include Vulnerability (14.12.2006)
 documentrko.thelegendkiller_(at)_gmail.com, Web Apps- Rad Upload Version 3.02 Remote File Include Vulnerability (14.12.2006)

enemies-of-carlotta mailing list processor shell characters
Published:14.12.2006
Source:
SecurityVulns ID:6933
Type:remote
Threat Level:
5/10
Description:Shell characters problem on e-mail address parsing.
Affected:ENEMIESOFCARLOTT : enemies-of-carlotta 1.3
Original documentdocumentDEBIAN, [SECURITY] [DSA-1236-1] New enemies-of-carlotta package fix missing sanity checks (14.12.2006)

Multiple HyperAccess telnet / ssh terminal security vulnerabilities
Published:14.12.2006
Source:
SecurityVulns ID:6932
Type:client
Threat Level:
6/10
Description:Code execution with .HAW files and telnet: protocol handler.
Affected:HILGRAEVE : HyperAccess 8.4
Original documentdocumentBrett Moore, HyperAccess - Multiple Vulnerabilities (14.12.2006)

SiteKiosk security protection bypass
Published:14.12.2006
Source:
SecurityVulns ID:6930
Type:local
Threat Level:
5/10
Description:It's possible to access disk content with broser path ABOUT:hello<a href=\>click here</a>.
Affected:SITEKIOSK : SiteKiosk 6.5
Original documentdocumentBrett Moore, [SBDA] SiteKiosk - FileSystem Access (14.12.2006)

kdegraphics KDE graphics library DoS
Published:14.12.2006
Source:
SecurityVulns ID:6924
Type:library
Threat Level:
5/10
Description:Malformed EXIF section of JPEG file causes infinite recursion with stack overflow (stack memory consumption).
Affected:KDE : KDE 3.5
Original documentdocumentMANDRIVA, [ MDKSA-2006:227 ] - Updated kdegraphics packages fix EXIF vulnerability (14.12.2006)

OpenLDAP slapd LDAP server buffer overflow
Published:14.12.2006
Source:
SecurityVulns ID:6925
Type:remote
Threat Level:
6/10
Description:Buffer overflow on Kerberos v4 authentication.
Affected:OPENLDAP : OpenLDAP 2.4
Original documentdocumentSolar Eclipse, OpenLDAP kbind authentication buffer overflow (14.12.2006)
Files:OpenLDAP kbind remote exploit

Quicktime crossite scripting
Published:14.12.2006
Source:
SecurityVulns ID:6927
Type:client
Threat Level:
6/10
Description:XML file with .MOV extension allows to execute script in local zone with qtnext parameter of EMBED tag with embedded short movie.
Affected:APPLE : QuickTime 7.1
Original documentdocumentMaximize Designs, Unpatchable Quicktime XSS (14.12.2006)

Multiple Symantec Veritas NetBackup security vulnerabilities
Published:14.12.2006
Source:
SecurityVulns ID:6929
Type:remote
Threat Level:
7/10
Description:CONNECT_OPTIONS and oversized requests to bpcd.exe buffer overflows.
Affected:SYMANTEC : Veritas NetBackup 5.1
 SYMANTEC : Veritas NetBackup 5.0
 SYMANTEC : Veritas NetBackup 6.0
Original documentdocumentZDI, ZDI-06-049: Symantec Veritas NetBackup Long Request Buffer Overflow Vulnerability (14.12.2006)
 documentZDI, ZDI-06-050: Symantec Veritas NetBackup CONNECT_OPTIONS Buffer Overflow Vulnerability (14.12.2006)

GNOME gdmchooser format string vulnerability
Published:14.12.2006
Source:
SecurityVulns ID:6934
Type:local
Threat Level:
6/10
Description:Format string vulnerability in remote hostname.
Affected:GNUME : gdm 2.14
Original documentdocumentIDEFENSE, [Full-disclosure] iDefense Security Advisory 12.14.06: GNOME Foundation Display Manager gdmchooser Format String Vulnerability (14.12.2006)

CA Anti-Virus multiple DoS conditions
Published:14.12.2006
Source:
SecurityVulns ID:6935
Type:local
Threat Level:
5/10
Description:Multiple NULL pointer dereferences.
Affected:CA : CA Anti-Virus 2007 8.1
 CA : CA Internet Security Suite 2007 3.0
Original documentdocumentCA, [Full-disclosure] [CAID 34870]: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local Denial of Service Vulnerabilities (14.12.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod