Computer Security
[EN] securityvulns.ru no-pyccku


CA ARCserve Backup multiple security vulnerabilities
updated since 12.10.2008
Published:15.10.2008
Source:
SecurityVulns ID:9352
Type:remote
Threat Level:
7/10
Description:Code execution, multiple DoS conditions.
Affected:CA : CA Server Protection Suite 2
 CA : CA Business Protection Suite 2
 CA : ARCserve Backup 11.1
 CA : ARCserve Backup 11.5
 CA : ARCserve Backup 12.0
CVE:CVE-2008-4400 (Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation.")
 CVE-2008-4399 (Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation.")
 CVE-2008-4398 (Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request.)
 CVE-2008-4397 (Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.)
Original documentdocumentVR-Subscription-noreply_(at)_assurent.com, [Full-disclosure] Assurent VR - CA ARCserve Backup DB Engine Denial of Service (15.10.2008)
 documentVR-Subscription-noreply_(at)_assurent.com, [Full-disclosure] Assurent VR - CA ARCserve Backup Tape Engine Denial of Service (15.10.2008)
 documentcocoruder, CA BrightStor ARCServe BackUp Message Engine Remote Command Injection Vulnerability (14.10.2008)
 documentCA, CA ARCserve Backup Multiple Vulnerabilities (12.10.2008)

Microsoft Office multiple security vulnerabilities
updated since 14.10.2008
Published:15.10.2008
Source:
SecurityVulns ID:9360
Type:local
Threat Level:
5/10
Description:cdo: URI information leak, multiple Excel memory corruptions.
Affected:MICROSOFT : Office 2000
 MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2007
CVE:CVE-2008-4020 (Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 allows remote attackers to inject arbitrary web script or HTML via a document that contains a "Content-Disposition: attachment" header and is accessed through a cdo: URL, which renders the content instead of raising a File Download dialog box, aka "Vulnerability in Content-Disposition Header Vulnerability.")
 CVE-2008-4019 (Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint Server 2007 Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file containing a formula within a cell, aka "Formula Parsing Vulnerability.")
 CVE-2008-3477 (Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file containing a crafted value, leading to heap-based buffer overflows, integer overflows, array index errors, and memory corruption, aka "Calendar Object Validation Vulnerability.")
 CVE-2008-3471 (Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a BIFF file with a malformed record that triggers a user-influenced size calculation, aka "File Format Parsing Vulnerability.")
Original documentdocumentIDEFENSE, [Full-disclosure] iDefense Security Advisory 10.14.08: Microsoft Visual Basic for Applications - Multiple Vulnerabilities (15.10.2008)
 documentZDI, [Full-disclosure] ZDI-08-068: Microsoft Office Excel BIFF File Format Parsing Stack Overflow Vulnerability (15.10.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-056 - Moderate Vulnerability in Microsoft Office Could Allow Information Disclosure (957699) (14.10.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-057 – Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416) (14.10.2008)
Files:Microsoft Security Bulletin MS08-057 – Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)

Microsoft Host Integration Server buffer overflow
updated since 14.10.2008
Published:15.10.2008
Source:
SecurityVulns ID:9362
Type:remote
Threat Level:
6/10
Description:Buffer overflow in RPC-based service.
Affected:MICROSOFT : Host Integration Server 2004
 MICROSOFT : Host Integration Server 2000
 MICROSOFT : Host Integration Server 2006
CVE:CVE-2008-3466 (Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability.")
Original documentdocumentIDEFENSE, iDefense Security Advisory 10.14.08: Microsoft Host Integration Server 2006 Command Execution Vulnerability (15.10.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-059 – Critical Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695) (14.10.2008)
Files:Microsoft Security Bulletin MS08-059 – Critical Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)

Microsoft Windows SMB buffer overflow
Published:15.10.2008
Source:
SecurityVulns ID:9366
Type:remote
Threat Level:
8/10
Description:Buffer overflow on SMB protocol parsing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2008-4038 (Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS08-063 – Important Vulnerability in SMB Could Allow Remote Code Execution (957095) (15.10.2008)
Files:Microsoft Security Bulletin MS08-063 – Important Vulnerability in SMB Could Allow Remote Code Execution (957095)

Microsoft Windows Virtual Address Descriptor manipulation privilege escalation
Published:15.10.2008
Source:
SecurityVulns ID:9367
Type:local
Threat Level:
7/10
Description:Integer overflow leads to memory corruption.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2008-4036 (Integer overflow in Memory Manager in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that triggers an erroneous decrement of a variable, related to validation of parameters for Virtual Address Descriptors (VADs) and a "memory allocation mapping error," aka "Virtual Address Descriptor Elevation of Privilege Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS08-064 – Important Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841) (15.10.2008)
Files:Microsoft Security Bulletin MS08-064 – Important Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)

Microsoft Windows 2000 Message Queuing code execution
Published:15.10.2008
Source:
SecurityVulns ID:9368
Type:remote
Threat Level:
5/10
Description:Code execution via RPC-based service.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
CVE:CVE-2008-3479 (Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) service (mqsvc.exe) in Microsoft Windows 2000 SP4 allows remote attackers to read memory contents and execute arbitrary code via a crafted RPC call, related to improper processing of parameters to string APIs, aka "Message Queuing Service Remote Code Execution Vulnerability.")
Original documentdocumentDVLabs, [Full-disclosure] TPTI-08-07: Microsoft Windows Message Queuing Service Heap Overflow and Memory Disclosure Vulnerability (15.10.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-065 – Important Vulnerability in Message Queuing Could Allow Remote Code Execution (951071) (15.10.2008)
Files:Microsoft Security Bulletin MS08-065 – Important Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:15.10.2008
Source:
SecurityVulns ID:9370
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Original documentdocumentangel_(at)_ch4ng.cc, Webscene eCommerce (level) Remote Sql Injection (15.10.2008)

Microsoft Windows AFD driver privilege escalation
updated since 15.10.2008
Published:16.10.2008
Source:
SecurityVulns ID:9369
Type:local
Threat Level:
7/10
Description:Kernel memory access is possible.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2008-3464 (afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions, aka "AFD Kernel Overwrite Vulnerability.")
Original documentdocumentReversemode, Exploit for MS08-066 - AFD.sys kernel memory overwrite. (16.10.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-066 – Important Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803) (15.10.2008)
Files:Microsoft Security Bulletin MS08-066 – Important Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod