Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows Korean IME privilege escalation
updated since 15.02.2006
Published:16.02.2006
Source:
SecurityVulns ID:5773
Type:local
Threat Level:
5/10
Description:Help subsystem is executed with LocalSystem privileges.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Office 2003
Original documentdocumentSECURITEAM, [NT] ShellAbout() API Elevation of Privilege (MS06-009) (16.02.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-009 Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190) (15.02.2006)

PostgreSQL privilege escalation
Published:16.02.2006
Source:
SecurityVulns ID:5776
Type:local
Threat Level:
6/10
Description:With SET ROLE or SET SESSION AUTHORIZATION it's possible to elevate privileges to any database acccount, including superuser or cause database engine crash.
Affected:POSTGRESQL : PostgreSQL 7.3
 POSTGRES : PostgreSQL 7.4
 POSTGRES : PostgreSQL 8.0
Original documentdocumentPOSTGRESQL, PostgreSQL security releases 8.1.3, 8.0.7, 7.4.12, 7.3.14 (16.02.2006)

Cisco Guard / Cisco Traffic Anomaly Detector authentication bypass
Published:16.02.2006
Source:
SecurityVulns ID:5777
Type:remote
Threat Level:
5/10
Description:Users can access device without authentication if TACACS+ is used to authenticate users and no tacacs-server host configured.
Affected:CISCO : Cisco Guard
 CISCO : Cisco Anomaly Traffic Detector
 CISCO : Cisco Anomaly Guard Module
 CISCO : Cisco Traffic Anomaly Detector Module
Original documentdocumentCISCO, Cisco Security Advisory: TACACS+ Authentication Bypass in Cisco Anomaly Detection and Mitigation Products (16.02.2006)

Multiple SAP Business Connector B2B software vulnerabilities
Published:16.02.2006
Source:
SecurityVulns ID:5778
Type:remote
Threat Level:
5/10
Description:Directory traversal, content spoofing.
Affected:WEBMETHODS : SAP BC 4.6
 WEBMETHODS : SAP BC 4.7
Original documentdocumentLeandro Meiners, CYBSEC - Security Pre-Advisory: Phishing Vector in SAP BC (16.02.2006)
 documentLeandro Meiners, CYBSEC - Security Pre-Advisory: Arbitrary File Read/Delete in SAP BC (16.02.2006)

ICQ filename spoofing
Published:16.02.2006
Source:
SecurityVulns ID:5779
Type:client
Threat Level:
4/10
Description:A part of filename may be spoofed if file is sent as a part of directory.
Affected:MIRABILIS : ICQ 2002
 MIRABILIS : ICQ 2003
Original documentdocumentedubp2002_(at)_hotmail.com, Mirabiliz ICQ 2002/2003/ LITE 4.0/4.1 LONG (DIRECTORY + FILENAME) EXPLOIT (16.02.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:16.02.2006
Source:
SecurityVulns ID:5780
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MYBB : MyBB 1.0
 XMBFORUM : XMB Forum 1.9
 GALLERY : Gallery 1.5
 PHPNUKE : phpNuke 7.8
 ATMAIL : @Mail 4.3
 2200NET : 2200net Calendar system 1.2
 CLEVERCOPY : Clever Copy 3.0
 MYBLOG : My Blog 1.63
 B10M : HTML::BBCode 1.03
 B10M : HTML::BBCode 1.04
 SQUISHDOT : Squishdot 1.5
 PLUMECMS : Plume CMS 1.0
 CGIWARP : CGIWarp 3.10
 WEBSPELL : Webspell 4.01
 TECA : Teca Diary Personal Edition 1.0
Original documentdocumentsp3x_(at)_securityreason.com, [Full-disclosure] Critical SQL Injection PHPNuke <= 7.8 - Your_Account module (16.02.2006)
 documentSECUNIA, [SA18874] @Mail Webmail Image Tag Script Insertion Vulnerability (16.02.2006)
 documentSECUNIA, [SA18873] Clever Copy Private Message "Subject" Script Insertion Vulnerability (16.02.2006)
 documentSECUNIA, [SA18876] Teca Diary Personal Edition SQL Injection Vulnerability (16.02.2006)
 documentSECUNIA, [SA18885] webSPELL "search.php" SQL Injection Vulnerability (16.02.2006)
 documentSECUNIA, [SA18797] CGIWrap Error Message System Information Disclosure (16.02.2006)
 documentSECUNIA, [SA18883] Plume CMS prepend.php File Inclusion Vulnerability (16.02.2006)
 documentSECUNIA, [SA18868] Squishdot Mail Header Injection Vulnerability (16.02.2006)
 documentScott Dewey, [Full-disclosure] Wimpy MP3 Player - Text file overwrite vulnerability (16.02.2006)
 documentScott Dewey, [Full-disclosure] HostAdmin - Remote Command Execution Vulnerability (16.02.2006)
 documentScott Dewey, [Full-disclosure] Web Calendar Pro - Denial of Service SQL Injection Vulnerability (16.02.2006)
 documentScott Dewey, [Full-disclosure] iUser Ecommerce - Remote Command Execution Vulnerability (16.02.2006)
 documentimei, [myimei]MyBB 1.0.3~private.php~multiple SqlInjection (16.02.2006)
 documentimei, MyBB1.0.3~managegroup.php~Multiple SqlInjection & XSS (16.02.2006)
 documentimei, [myimei]MyBB1.0.3~managegroup.php~Multiple SqlInjection & XSS (16.02.2006)
 documentAliaksandr Hartsuyeu, [eVuln] M. Blom HTML::BBCode perl module XSS Vulnerabilities (16.02.2006)
 documentAliaksandr Hartsuyeu, [eVuln] 2200net Calendar system SQL Injection and Authentication Bypass Vulnerabilities (16.02.2006)
 documentAliaksandr Hartsuyeu, [eVuln] My Blog BBCode XSS Vulnerabilities (16.02.2006)
 documentJeiAr, XMB Forums Multiple Vulnerabilities (16.02.2006)
 documentinfo_(at)_digitalarmaments.com, Digital Armaments Security Advisory 02.14.2006: Gallery web-based photo gallery remote file execution (16.02.2006)
Files:iUser Remote File Inclusion Exploit
 HostAdmin Remote File Inclusion Exploit

honeyd honeypot detection
Published:16.02.2006
Source:
SecurityVulns ID:5781
Type:remote
Threat Level:
4/10
Description:Invalid IP packet reassembly allows system identification.
Affected:HONEYD : Honeyd 1.4
Original documentdocumentHONEYD, honeyd security advisory: remote detection (16.02.2006)

Kadu instant messaging client DoS
Published:16.02.2006
Source:
SecurityVulns ID:5782
Type:remote
Threat Level:
5/10
Description:Large number of image send requests causes client to crash and server not to accept any messages from this client.
Affected:KADU : Kadu 0.4
Original documentdocumentPiotr Bania, Kadu Remote Denial Of Service Fun (16.02.2006)

SSH SFTP client / server format string vulnerability
Published:16.02.2006
Source:
SecurityVulns ID:5783
Type:client
Threat Level:
6/10
Description:Format string bug on filename logging.
Affected:SSH : SSH 3.2
 WRQ : WRQ Reflection for Secure IT UNIX Server 6.0
 F-SECURE : F-Secure SSH for Windows 5.0
 F-SECURE : F-Secure SSH for UNIX 5.0
 WRQ : WRQ Reflection for Secure IT Windows Server 6.0
 SSH : SSH Tectia Server 4.4
CVE:CVE-2006-0705 (Format string vulnerability in a logging function as used by various SFTP servers, including (1) AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, (2) Reflection for Secure IT Windows Server before 6.0 build 38, (3) F-Secure SSH Server for Windows before 5.3 build 35, (4) F-Secure SSH Server for UNIX 3.0 through 5.0.8, (5) SSH Tectia Server 4.3.6 and earlier and 4.4.0, and (6) SSH Shell Server 3.2.9 and earlier, allows remote authenticated users to execute arbitrary commands via unspecified vectors, involving crafted filenames and the stat command.)
Original documentdocumentSECUNIA, [SA18828] SSH Tectia Server SFTP Service Unspecified Vulnerability (16.02.2006)
 documentSECUNIA, [SA18843] WRQ Reflection Secure IT SFTP Format String Vulnerability (16.02.2006)

Sun Solaris in.rexecd privilege escalation
Published:16.02.2006
Source:
SecurityVulns ID:5785
Type:local
Threat Level:
5/10
Affected:ORACLE : Solaris 10
Original documentdocumentSECUNIA, [SA18891] Sun Solaris "in.rexecd" Privilege Escalation Vulnerability (16.02.2006)

PnuPG gpgv / gpg invalid return code
updated since 16.02.2006
Published:22.02.2006
Source:
SecurityVulns ID:5786
Type:client
Threat Level:
5/10
Description:Utility returns 0 status code if no signature found.
Affected:GNUPG : gpg 1.4
Original documentdocumentMarcus Meissner, Not completely fixed? (was: False positive signature verification in GnuPG) (22.02.2006)
 documentWerner Koch, False positive signature verification in GnuPG (18.02.2006)
 documentSECUNIA, [SA18845] GnuPG "gpgv" Signature Verification Security Issue (16.02.2006)

Lighttpd web server source code disclosure
updated since 16.02.2006
Published:01.03.2006
Source:
SecurityVulns ID:5784
Type:remote
Threat Level:
5/10
Description:Source code leak on case-insensitive file systems.
Affected:LIGHTTPD : lighttpd 1.4
Original documentdocumentSECUNIA, Secunia Research: Lighttpd Script Source Disclosure Vulnerability (01.03.2006)
 documentSECUNIA, [SA18869] Lighttpd Case-Insensitive Filename Source Code Disclosure (16.02.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod