Search:Vulnerability:16.01.2006 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

mailman mailing lists processor DoS
updated since 14.11.2005
Published: 16.01.2006
Source: BUGTRAQ
SecurityVulns ID: 5448
Type: remote
Level: 5/10
Description: Scrubber.py fails to process attachment with UTF-8 character in the name and messages with large numbers in dates.

Affected: MAILMAN : Mailman 2.1

Original document UBUNTU, [Full-disclosure] [USN-242-1] mailman vulnerabilities (16.01.2006)

SECUNIA, [SA17511] Mailman Attachment Filename Scrubbing Denial of Service (14.11.2005)

Discuss: Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 16.01.2006
Source:
SecurityVulns ID: 5636
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: LWCAL : Light Weight Calendar 1.0
123FLASHCHAT : 123flaschat server 5.1
123FLASHCHAT : 123flaschat server 5.0
ALBATROSS : albatross 1.20
REDKERNEL : RedKernel Referrer Tracker 1.1
WIDEXL : Widexl Download Tracker 1.06
GTP : GTP iCommerce
APACHE : Apache Geronimo 1.0
NETBULA : Netbula Anyboard 9.0
WORDPRESS : WP-Stats 2.0

Original document SECUNIA, [SA18471] WP-Stats WordPress Plug-in "author" SQL Injection Vulnerability (16.01.2006)

SECUNIA, [SA18469] Netbula Anyboard "tK" Cross-Site Scripting Vulnerability (16.01.2006)

SECUNIA, [SA18470] GTP iCommerce Cross-Site Scripting Vulnerabilities (16.01.2006)

SECUNIA, [SA18472] Widexl Download Tracker "ID" Parameter Cross-Site Scripting (16.01.2006)

document SECUNIA, [SA18473] RedKernel Referrer Tracker "rkrt_stats.php" Cross-Site Scripting (16.01.2006)

SECUNIA, [SA18464] Bit 5 Blog Script Insertion and SQL Injection Vulnerabilities (16.01.2006)

DEBIAN, [Full-disclosure] [SECURITY] [DSA 942-1] New albatross packages fix arbitrary code execution (16.01.2006)

document ISecAuditors Security Advisories, [ISecAuditors Advisories] Arbitrary remote file creation in 123flashchat server (16.01.2006)

khc_(at)_bsdmail.org, DDSN CMS Admin Panel SQL Injection Vulnerability (16.01.2006)

Aliaksandr Hartsuyeu, [eVuln] Light Weight Calendar PHP Code Execution (16.01.2006)

document night_warrior771_(at)_hotmail.com, AlstraSoft Template Seller Pro Cross-Site Scripting Vulnerability (16.01.2006)

night_warrior771_(at)_hotmail.com, DCP Portal Cross-Site Scripting Vulnerability (16.01.2006)

:) :), WHITEAlbum Sql Injection (16.01.2006)

Discuss: Read or add your comments to this news (0 comments)

Multiple Windows wireless adapters WEP protection bypass
Published: 16.01.2006
Source: BUGTRAQ
SecurityVulns ID: 5639
Type: remote
Level: 5/10
Description: Atacker can force client to downgradte to unencrypted cleartext mode operations.

Affected: MICROSOFT : Windows XP

Original document security_(at)_hammerjammer.net, [Full-disclosure] WEP-Client-Communication-Dumbdown (WCCD) Vulnerability (16.01.2006)

Discuss: Read or add your comments to this news (0 comments)

Perl integer overflow
Published: 16.01.2006
Source: BUGTRAQ
SecurityVulns ID: 5640
Type: library
Level: 6/10

Affected: PERL : perl 5.8

Original document DEBIAN, [Full-disclosure] [SECURITY] [DSA 943-1] New Perl packages fix arbitrary code execution (16.01.2006)

Discuss: Read or add your comments to this news (0 comments)

Cisco IP Phones DoS
Published: 16.01.2006
Source: SECUNIA
SecurityVulns ID: 5642
Type: remote
Level: 6/10
Description: Syn-flood causes phone to reload.

Affected: CISCO : Cisco IP Phone 7940
CISCO : Cisco IP Phone 7960
CISCO : Cisco IP Phone 7900

Original document SECUNIA, [SA18479] Cisco IP Phones SYN Flood Device Reload Vulnerability (16.01.2006)

Discuss: Read or add your comments to this news (0 comments)

Linux kernel multiple DoS conditions
Published: 16.01.2006
Source: SECUNIA
SecurityVulns ID: 5643
Type: remote
Level: 6/10
Description: Local DoS with netlink_rcv_skb(), few DoS conditions with PPTP NAT.

Affected: LINUX : kernel 2.6

Original document SECUNIA, [SA18482] Linux Kernel Multiple Denial of Service Vulnerabilities (16.01.2006)

Discuss: Read or add your comments to this news (0 comments)

Linksys VPN routers DoS
Published: 16.01.2006
Source: BUGTRAQ
SecurityVulns ID: 5637
Type: remote
Level: 5/10
Description: IP packet with invalid IP options causes router to crash.

Affected: LINKSYS : Linksys BEFVP41

Original document paul14075_(at)_gmail.com, Linksys VPN Router (BEFVP41) DoS Vulnerability (16.01.2006)

Discuss: Read or add your comments to this news (0 comments)

Sun Solaris lpsched privilege escalation
Published: 16.01.2006
Source: SECUNIA
SecurityVulns ID: 5641
Type: local
Level: 5/10

Original document SECUNIA, [SA18498] Sun Solaris lpsched Unspecified Vulnerability (16.01.2006)

Discuss: Read or add your comments to this news (0 comments)

Tuxpaint paint program for children symbolic links problem
Published: 16.01.2006
Source: BUGTRAQ
SecurityVulns ID: 5638
Type: local
Level: 5/10
Description: Symbolic links problem on temporary files creation (bad guy can overwrite your child's files).

Affected: TUXPAINT : tuxpaint 0.9

Original document DEBIAN, [Full-disclosure] [SECURITY] [DSA 941-1] New tuxpaint packages fix insecure temporary file creation (16.01.2006)

Discuss: Read or add your comments to this news (0 comments)