Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:15.10.2007
Source:
SecurityVulns ID:8253
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:AMPACHE : ampache 3.3
 EXTREMAIL : eXtremail 2.1
 PHPFILESADMIN : PHP File Sharing System 1.5
CVE:CVE-2008-3929 (gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file.)
Original documentdocumentFabio N Sarmento [ Gmail ], [Full-disclosure] 0day Orkut XSS [ NEW! ] (15.10.2007)
 documentjonasthambert_(at)_hush.ai, [Full-disclosure] PHP File Sharing System 1.5.1 (15.10.2007)
 documentmu-b, [Full-disclosure] eXtremail(ly easy) remote roots (15.10.2007)
 documentMustLive, Vulnerability in CMS SiteEdit (15.10.2007)
 documentPierre-Yves Rofes, [ GLSA 200710-13 ] Ampache: Multiple vulnerabilities (15.10.2007)

TK graphics library buffer overflow
Published:15.10.2007
Source:
SecurityVulns ID:8258
Type:library
Threat Level:
6/10
Description:Buffer overflow on GIF images parsing
CVE:CVE-2007-5137 (Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) before 8.4.16 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first.)
Original documentdocumentUBUNTU, [USN-529-1] Tk vulnerability (15.10.2007)

Cisco CallManager / OpenSer authentication relaying attacks
Published:15.10.2007
Source:
SecurityVulns ID:8262
Type:m-i-t-m
Threat Level:
5/10
Description:Insufficient Digest authentication validation allows active man-in-the-middle to access resources unrequested by client.
Affected:CISCO : CallManager 5.1
Original documentdocumentRadu State, [Full-disclosure] CallManager and OpeSer toll fraud and authentication forward attack (15.10.2007)

Linux Madwifi wireless drivers DoS
Published:15.10.2007
Source:
SecurityVulns ID:8252
Type:remote
Threat Level:
5/10
Description:Assert on oversized "extended supported rates" beacon frame.
Affected:MADWIFI : Madwifi 0.9
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20071012-0 :: Madwifi xrates element remote DOS (15.10.2007)

VImpX ActiveX buffer overflow
Published:15.10.2007
Source:
SecurityVulns ID:8254
Type:client
Threat Level:
5/10
Description:Buffer overflow with oversized RejectRecordFile paramater.
Original documentdocumentsaw_xyz_(at)_yahoo.com, VImpX ActiveX (VImpX.ocx v. 4.7.3.0) Remote (15.10.2007)
Files:VImpX ActiveX (VImpX.ocx v. 4.7.3.0) Remote Buffer Overflows Exploit (RejectedRecordsFile)

Microsoft Internet Explorer executable files download filter protection bypass
Published:15.10.2007
Source:
SecurityVulns ID:8255
Type:client
Threat Level:
4/10
Description:It's possible to upload file to temporary internet files folder by adding GET parameters to filename, e.g. http://example.com/program.exe?1.cda/
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentlaurent gaffie, playing for fun with <=IE7 (15.10.2007)

Opal library / Ekiga memory corruption
Published:15.10.2007
Source:
SecurityVulns ID:8259
Type:library
Threat Level:
6/10
Description:Insufficient SIP Content-Length validation allows to overwrite single byte of memory.
Affected:EKIGA : Ekiga 2.0
 OPAL : OPAL 2.2
Original documentdocumentlabs_(at)_s21sec.com, S21SEC-037-en: OPAL SIP Protocol Remote Denial of Service (15.10.2007)

Apache Tomcat WebDav directory traversal
Published:15.10.2007
Source:
SecurityVulns ID:8260
Type:remote
Threat Level:
6/10
Description:It's possible to retrieve file by aboslute path with LOCK DAV request.
Original documentdocumentSECURITEAM, [EXPL] Apache Tomcat File Disclosure (Exploit) (15.10.2007)
Files:Apache Tomcat Remote File Disclosure Zeroday Xploit

Netgear SSL312 crossite scripting
Published:15.10.2007
Source:
SecurityVulns ID:8261
Type:remote
Threat Level:
5/10
Description:Crossite scripting with Web interface.
Affected:NETGEAR : Netgear SSL312
Original documentdocumentSkyOut, [Full-disclosure] Netgear SSL312 XSS vulnerability (15.10.2007)

Live for Speed game buffer overflow
updated since 15.10.2007
Published:26.12.2007
Source:
SecurityVulns ID:8256
Type:client
Threat Level:
6/10
Description:Buffer overflow on skin file parsing.
Affected:LIVEFORSPEED : Live for Speed 0.5
Original documentdocumentLuigi Auriemma, Update: Clients buffer-overflow in Live for Speed 0.5X10 (26.12.2007)
 documentLuigi Auriemma, Clients buffer-overflow in Live for Speed 0.5X10 (15.10.2007)
Files:Exploits Live for Speed demo/S1/S2 <= 0.5X10 clients buffer-overflow

HP Select Identity unauthorized access
updated since 15.10.2007
Published:07.02.2008
Source:
SecurityVulns ID:8257
Type:remote
Threat Level:
5/10
Affected:HP : Select Identity 4.13
 HP : Select Identity 4.20
CVE:CVE-2007-6194 (Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 and 4.1x before 4.13.003 allows remote attackers to obtain unspecified access via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBMA02309 SSRT080013 rev.1 - HP Select Identity Software, Remote Unauthorized Access (07.02.2008)
 documentHP, [security bulletin] HPSBMA02293 SSRT071494 rev.1 - HP Select Identity, Remote Unauthorized Access (06.12.2007)
 documentHP, [security bulletin] HPSBMA02230 SSRT071436 rev.1 - HP Select Identity, Remote Unauthorized Access (15.10.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod