Search:Vulnerability:15.08.2006 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Multiple Informix security vulnerabilities
updated since 14.08.2006
Published: 15.08.2006
Source: BUGTRAQ
SecurityVulns ID: 6489
Type: remote
Level: 7/10
Description: Buffer overflow on oversized username. Information leak. Cleartext passwords. Buffer overflows, DoS. CREATE DATABASE privilege escalation. Multiple code execution vulnerabilities. File access.

Affected: IBM : Informix 9.40
IBM : Informix 10.00

Original document NGSSoftware Insight Security Research, SQLIDEBUG envariable overflow on Informix (15.08.2006)

NGSSoftware Insight Security Research, Multiple Password Exposures Flaws (15.08.2006)

NGSSoftware Insight Security Research, Unauthorized Database Creation Privilege on Informix (15.08.2006)

document NGSSoftware Insight Security Research, Multiple Arbitrary Command Execution Vulnerabilities (15.08.2006)

NGSSoftware Insight Security Research, Arbitrary Library Loading in Informix (15.08.2006)

NGSSoftware Insight Security Research, Multiple Buffer Overflow Vulnerabilities in Informix (15.08.2006)

document NGSSoftware Insight Security Research, Multiple Arbitrary File Access (Write/Read) Vulnerabilities (15.08.2006)

David Litchfield, Informix: Discovery, Attack,and Defense (14.08.2006)

NGSSoftware Insight Security Research, Error logging buffer overflow in Informix (14.08.2006)

document NGSSoftware Insight Security Research, Informix Long Username Buffer Overflow Vulnerability (14.08.2006)

Discuss: Read or add your comments to this news (0 comments)

HP OpenView Storage Data Protector code execution
Published: 15.08.2006
Source: BUGTRAQ
SecurityVulns ID: 6492
Type: remote
Level: 6/10

Affected: HP : OpenView Storage Data Protector 5.1
HP : OpenView Storage Data Protector 5.5

Original document HP, HPSBMA02138 SSRT061184 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Command Execution (15.08.2006)

Discuss: Read or add your comments to this news (0 comments)

ibmusicbrainz multiple buffer overflows
Published: 15.08.2006
Source: BUGTRAQ
SecurityVulns ID: 6493
Type: library
Level: 5/10
Description: Buffer overflow on oversized HTTP hostname and during RDF data parsing.

Affected: LIBMUZICBRAINZ : libmusicbrainz 2.1

Original document Luigi Auriemma, Multiple buffer-overflows in libmusicbrainz 2.1.2 (15.08.2006)

Discuss: Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 15.08.2006
Source:
SecurityVulns ID: 6495
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: XMBFORUM : XMB Forum 1.9
INVISION : Invision Power Board 2.1
VWAR : vWar 1.50
MAMBO : Peoplebook Mambo Component 1.0

Original document SECUNIA, [SA21442] Invision Power Board Threaded View Mode Security Bypass (15.08.2006)

vampire_chiristof_(at)_yahoo.com, BlaBla 4U XSS Vulnerabilite (15.08.2006)

vampire_chiristof_(at)_yahoo.com, Virtual War v1.5.0 SQL injection and XSS (15.08.2006)

ssteam.pl_(at)_gmail.com, Wordpress WP-DB Backup Plugin Directory Traversal Vulnerability (15.08.2006)

document matdhule_(at)_gmail.com, Peoplebook Mambo Component <= v1.0 Remote File Include Vulnerabilities (15.08.2006)

x0r0n_(at)_hotmail.com, Joomla Webring Component (component_dir) Remote File Inclusion Vulnerabilities (15.08.2006)

Files: Exploits XMB <= 1.9.6 Final basename() 'langfilenew' arbitrary local inclusion / remote commands xctn
Discuss: Read or add your comments to this news (0 comments)

Unauthorized SmartLine DeviceLock disk access
Published: 15.08.2006
Source: BUGTRAQ
SecurityVulns ID: 6496
Type: local
Level: 5/10
Description: In specific configuration local user can access content of any logical drive.

Affected: SMARTLINE : DeviceLock 5.73

Original document seppi_(at)_seppig.de, Local privilege Escalation in SmartLine DeviceLock 5.73 (15.08.2006)

Discuss: Read or add your comments to this news (0 comments)

Kaspersky Anti-Hacker protection bypass
Published: 15.08.2006
Source: BUGTRAQ
SecurityVulns ID: 6491
Type: remote
Level: 5/10
Description: Few kinds of ICMP messages are still accepted and replied in stealth mode. It makes it possible system fingerprinting.

Affected: KASPERSKY : Anti-Hacker 1.8

Original document tbratusa_(at)_gmail.com, Kaspersky Anti-Hacker personal firewall unstealthy stealth mode (15.08.2006)

Discuss: Read or add your comments to this news (1 comments)

ImageMagick buffer overflow
updated since 15.08.2006
Published: 11.02.2007
Source: BUGTRAQ
SecurityVulns ID: 6494
Type: library
Level: 5/10
Description: SGI, PALM, DCM graphics format parsing buffer overflows.

Affected: IMAGEMAGICK : ImageMagick 6.2
IMAGEMAGIC : ImageMagick 6.3
GRAPHICSMAGIC : GraphicsMagick 1.1
CVE: CVE-2007-0770 (Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456.)
CVE-2006-5456 (Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.)

Original document MANDRIVA, [ MDKSA-2007:041 ] - Updated ImageMagick packages fix buffer overflow vulnerability (11.02.2007)

GENTOO, [ GLSA 200611-19 ] ImageMagick: PALM and DCM buffer overflows (25.11.2006)

Damian Put, [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow (15.08.2006)

Files: Example crafted SGI file crash ImageMagick
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin