Computer Security
[EN] securityvulns.ru no-pyccku


JDK java applet disk space DoS
Published:15.05.2006
Source:
SecurityVulns ID:6143
Type:client
Threat Level:
6/10
Description:It's possible to consume all available disk space with temporary file.
Affected:SUN : JDK 1.4
 SUN : JDK 1.5
Original documentdocumentMarc Schoenefeld, JDK 1.4.2_11, 1.5.0_06, unsigned applets consuming all free harddisk space (15.05.2006)

Novell client fro Windows buffer overflow
updated since 10.05.2006
Published:15.05.2006
Source:
SecurityVulns ID:6121
Type:client
Threat Level:
5/10
Description:Buffer overflow in DPRPC library on XDR stream decoding.
Affected:NOVELL : Novell Client for Windows NT/2000/XP 4.91
Original documentdocumentRyan Smith, [Full-disclosure] Novell NDPS Remote Vulnerability (Server & Client) (15.05.2006)
 documentSECUNIA, [SA20048] Novell Client DPRPCW32.DLL Buffer Overflow Vulnerability (10.05.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:15.05.2006
Source:
SecurityVulns ID:6144
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:RADLANCE : Radlance 7
CVE:CVE-2006-6978 (Cross-site scripting (XSS) vulnerability in the "Basic Toolbar Selection" in FCKEditor allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the (1) href or (2) onmouseover attribute of the A HTML tag.)
 CVE-2006-6977 (Cross-site scripting (XSS) vulnerability in the "Basic Toolbar Selection" in FreeTextBox allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the (1) href or (2) onmouseover attribute of the A HTML tag.)
Original documentdocumentEduardo Vela, 90% of programs made in PHP5 and prior Full Path Disclosure vuln. (15.05.2006)
 documentbonsite_(at)_hotmail.com, XSS in FreeTextBox and FCKEditor Basic Toolbar Selection (15.05.2006)
Files:Radlance directory traversal exploit

RealVNC remote administration unauthroized access
updated since 15.05.2006
Published:08.08.2006
Source:
SecurityVulns ID:6142
Type:remote
Threat Level:
7/10
Description:Server doesn't check authentication type choosen by client is allowed.
Affected:REALVNC : RealVNC 4.1
 LIBVNCSERVER : LibVNCServer 0.7
 X11VNC : x11vnc 0.8
Original documentdocumentGENTOO, [Full-disclosure] [ GLSA 200608-12 ] x11vnc: Authentication bypass in included LibVNCServer code (08.08.2006)
 documentSECUNIA, [SA20940] LibVNCServer Authentication Bypass Vulnerability (14.07.2006)
 documentJames Evans, [Full-disclosure] RealVNC 4.1.1 Remote Compromise (15.05.2006)
Files:vnc scanner multithreaded windows
 vnc scanner multithreaded linux
 scan for OpenVNC 4.11 authentication bypass

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod