Computer Security
[EN] securityvulns.ru no-pyccku


FreeBSD pty hijacking
Published:16.01.2008
Source:
SecurityVulns ID:8570
Type:remote
Threat Level:
5/10
Description:'script' users openpty in insecure way, ptsname incorrectly extracts device name.
Affected:FREEBSD : FreeBSD 7.0
 FREEBSD : FreeBSD 6.1
 FREEBSD : FreeBSD 5.5
 FREEBSD : FreeBSD 6.2
 FREEBSD : FreeBSD 6.3
CVE:CVE-2008-0217 (The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.)
 CVE-2008-0216 (The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the pt_chown function, which might allow local users to read data from the pty from another user.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-08:01.pty (16.01.2008)

FreeBSD libc / libbind memory corruption
Published:16.01.2008
Source:
SecurityVulns ID:8571
Type:library
Threat Level:
6/10
Description:Off-by-one heap overflow in inet_network() .
Affected:FREEBSD : FreeBSD 7.0
 FREEBSD : FreeBSD 6.2
 FREEBSD : FreeBSD 6.3
CVE:CVE-2008-0122 (Off-by-one error in the inet_network function in libc in FreeBSD 6.2, 6.3, and 7.0-PRERELEASE and earlier allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-08:02.libc (16.01.2008)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 16.01.2008
Published:16.01.2008
Source:
SecurityVulns ID:8572
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. RiSearch PHP: crossite scripting
Original documentdocumentxcross87_(at)_gmail.com, MicroNews Admin Direct Access vulnerability (16.01.2008)
 documentxcross87_(at)_gmail.com, Max's File Uploader File Upload Vulnerability (16.01.2008)
 documentxcross87_(at)_gmail.com, Article DashBoard all version SQL Injection Vulnerability (16.01.2008)
 documentJose M. Palazon Romero, Exploiting the SpamBam plugin for wordpress (16.01.2008)
 documentJose M. Palazon Romero, Defeating audio captcha systems (16.01.2008)

Linux kernel IPv6 DoS
Published:16.01.2008
Source:
SecurityVulns ID:8575
Type:remote
Threat Level:
6/10
Description:Uninitialized memory reference.
Affected:LINUX : kernel 2.6
Original documentdocumentSECURITEAM, [EXPL] Linux Kernel IPv6 Jumbo Bug (16.01.2008)
Files:PoC code for exploiting the jumbo bug found in linux kernels >=2.6.20 and <=2.6.21.1

Apple QuickTime multiple security vulnerabilities
updated since 16.01.2008
Published:17.01.2008
Source:
SecurityVulns ID:8574
Type:client
Threat Level:
7/10
Description:Buffer overflow on parsing Macintosh resources embedded into QuickTime movie. Quicktime Image IDSC atom memory corruption.
Affected:APPLE : QuickTime 7.3
 APPLE : QuickTime Player 7.3
 APPLE : QuickTime PictureViewer 7.3
CVE:CVE-2008-0033
 CVE-2008-0032
Original documentdocumentCERT, US-CERT Technical Cyber Security Alert TA08-016A -- Apple QuickTime Updates for Multiple Vulnerabilities (17.01.2008)
 documentDVLabs, TPTI-08-01: Apple Quicktime Image File IDSC Atom Memory Corruption Vulnerability (17.01.2008)
 documentIDEFENSE, [Full-disclosure] iDefense Security Advisory 01.15.08: Apple QuickTime Macintosh Resource Processing Heap Corruption Vulnerability (16.01.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod