 |
|
|
|
| Sendmail multipart messages DoS | | Published: |  | 15.06.2006 | | Source: |  | SENDMAIL | | SecurityVulns ID: |  | 6260 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | High recurscion level in multipart MIME messages causes stack overflow (exhaustion, not overrun). |
| Kaspersky Antivirus multiple vulnerabilities | | Published: | | 15.06.2006 | | Source: | | UNINFORMED | | SecurityVulns ID: | | 6263 | | Type: | | local | | Level: | | 6/10 | | Description: | | Unsafe kernel mode components implementation leads to Denial of Service and potentially to privilege elevation. Most serious problem is user mode code can access kernel memory. |
| PicoZip zipinfo.dll buffer overflow | | Published: | | 15.06.2006 | | Source: | | SECUNIA | | SecurityVulns ID: | | 6264 | | Type: | | library | | Level: | | 5/10 | | Description: | | Buffer overflow on oversized filenames in different archivers formats. |
| Sun iPlanet symbolic links problem | | Published: | | 15.06.2006 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 6266 | | Type: | | local | | Level: | | 5/10 | | Description: | | pipe_master suid root application tries to read configuration from msg.conf file with relative path without checking for symbolic links. It makes it possible to read few trings from any file with symbolic link. |
| IBM DB2 Universal Database multiple denial of service conditions | | Published: | | 15.06.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 6267 | | Type: | | remote | | Level: | | 5/10 |
| KDE kdm symbolic links problem | | Published: | | 15.06.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 6268 | | Type: | | local | | Level: | | 6/10 | | Description: | | Suid root application tries to read configuration from ~/.dmrc file without checking for symbolic links. It makes it possible to read few trings from any file with symbolic link. |
| dhcdbd memory corruption | | Published: | | 15.06.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 6261 | | Type: | | client | | Level: | | 5/10 | | Description: | | Invalid server response lead to memory corruption. |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 15.06.2006 | | Source: | | | | SecurityVulns ID: | | 6262 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Original document |  | SpC-x, Andys Chat 4.5 (action) Remote File Inclusion (15.06.2006) |
| | | RedTeam Pentesting, [Full-disclosure] Advisory: Authentication bypass in phpBannerExchange (15.06.2006) |
| | | RedTeam Pentesting, [Full-disclosure] Advisory: Unauthorized password recovery in phpBannerExchange (15.06.2006) |
| | | SECUNIA, Secunia Research: DeluxeBB SQL Injection and File Inclusion Vulnerabilities (15.06.2006) |
| | | SECUNIA, Secunia Research: CMS Mundo SQL Injection and File Upload Vulnerabilities (15.06.2006) |
| | | Federico Fazzi, [FSA016] ISPConfig 2.2.3, File inclusion vulnerability (15.06.2006) |
| | | Federico Fazzi, PhpBlueDragon CMS 2.9.1, File inclusion vulnerability (15.06.2006) |
| | | SpC-x, Fusion Polls (xtrphome) Remote File Inclusion (15.06.2006) |
| | | SpC-x, Flipper Poll (root_path) Remote File Inclusion (15.06.2006) |
| | | CrAzY.CrAcKeR_(at)_hotmail.com, wbb<<--v 2.1.6 "profile.php" SQL injection (15.06.2006) |
| | | CrAzY.CrAcKeR_(at)_hotmail.com, wbb<<--v 2.2.1 "studienplatztausch.php" SQL injection (15.06.2006) |
| | | CrAzY.CrAcKeR_(at)_hotmail.com, wbb<<--v 2.2.2 "thread.php" SQL injection (15.06.2006) |
| | | SpC-x, bbrss PhpBB (phpbb_root_path) Remote File Inclusion (15.06.2006) |
| | | alp_eren_(at)_ayyildiz.org, Freeze Greetings Cards PWD.txt (15.06.2006) |
| | | SpC-x, Simpleshout 1.6.0 Version - Remote File Include Vulnerability (15.06.2006) |
| | | SpC-x, Shoutpro 1.0 Version - Remote File Include Vulnerability (15.06.2006) |
| | | SpC-x, G Shout 1.3.1 Version - Remote File Include Vulnerability (15.06.2006) |
| | | Aesthetico, [MajorSecurity #17] SixCMS <= 6 - Multiple XSS and directory traversal vulnerabilities (15.06.2006) |
| | | tamriel_(at)_gmx.net, Chipmailer <= 1.09 Multiple Vulnerabilities (15.06.2006) |
| | | gamr-14_(at)_hotmail.com, file include exploits in mcGuestbook 1.3 (15.06.2006) |
| | | CrAzY.CrAcKeR_(at)_hotmail.com, VBZooM <<-- V1.11 "show.php" SQL injection (15.06.2006) |
| | | gmdarkfig_(at)_gmail.com, PhpMyFactures 1.0 Cross Site Scripting, SQL Injection, Full Path Disclosure and others (15.06.2006) |
| | | bug_(at)_securitynews.ir, TikiWiki Sql injection & XSS Vulnerabilities (15.06.2006) |
| | | erne_(at)_ernealizm.com, # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc. (15.06.2006) |
| | | CrAzY.CrAcKeR_(at)_hotmail.com, Web-CMS <<--1.0 "print.php" SQL injection (15.06.2006) |
| | | SpC-x, S H O U T B O X (v1.5) Version - Remote File Include Vulnerability (15.06.2006) |
| | | SpC-x, Amr Talkbox talkbox.PHP - Remote File Include Vulnerabilities (15.06.2006) |
| | | SpC-x, Ltwcalendar 4.1.3 version - Remote File Include Vulnerabilities (15.06.2006) |
| | | SpC-x, Jobline 1 1 1 Version - Remote File Include Vulnerability (15.06.2006) |
| | | SpC-x, PHP MESSENGER 1.0 Version - Remote File Include Vulnerability (15.06.2006) |
| | | black-cod3_(at)_hotmail.com, multiple Xss exploits in 35mmslidegallery V6 (15.06.2006) |
| | | SpC-x, Simpnews <= All version - Remote File Include Vulnerabilities (15.06.2006) |
| | | CrAzY.CrAcKeR_(at)_hotmail.com, VBZooM <<--V1.01 "language.php" SQL injection (15.06.2006) |
| | | CrAzY.CrAcKeR_(at)_hotmail.com, VBZooM <<--V1.11 "subject.php" SQL injection (15.06.2006) |
| | | CrAzY.CrAcKeR_(at)_hotmail.com, VBZooM <<--V1.02 "meaning.php" SQL injection (15.06.2006) |
| MySQL DoS | | Published: | | 15.06.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 6265 | | Type: | | remote | | Level: | | 5/10 | | Description: | | "select str_to_date( 1, NULL );" request causes database server to crash. |
|
|
|
|
|
|
|
|
