 |
|
|
|
| PostgreSQL privilege escalation | | Published: |  | 16.02.2006 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 5776 | | Type: |  | local | | Level: |  | 6/10 | | Description: |  | With SET ROLE or SET SESSION AUTHORIZATION it's possible to elevate privileges to any database acccount, including superuser or cause database engine crash. |
| Cisco Guard / Cisco Traffic Anomaly Detector authentication bypass | | Published: | | 16.02.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5777 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Users can access device without authentication if TACACS+ is used to authenticate users and no tacacs-server host configured. |
Microsoft Windows Korean IME privilege escalation
updated since 15.02.2006 | | Published: | | 16.02.2006 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 5773 | | Type: | | local | | Level: | | 5/10 | | Description: | | Help subsystem is executed with LocalSystem privileges. |
Multiple bluetooth devices and applications DoS (Sony Ericsson, Nokia, etc)
updated since 07.02.2006 | | Published: | | 16.02.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5745 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Multiple vulnerabilities discovered with Bluetooth Stack Smasher utility. |
Multiple Stalker Communigate Pro / IBM Lotus Domino / Sun directory server / IBM Tivoli vulnerabilities
updated since 28.01.2006 | | Published: | | 16.02.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5707 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Multiple LDAP server vulnerabilities. |
| Sun Solaris in.rexecd privilege escalation | | Published: | | 16.02.2006 | | Source: | | SECUNIA | | SecurityVulns ID: | | 5785 | | Type: | | local | | Level: | | 5/10 |
| ICQ filename spoofing | | Published: | | 16.02.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5779 | | Type: | | client | | Level: | | 4/10 | | Description: | | A part of filename may be spoofed if file is sent as a part of directory. |
| Multiple SAP Business Connector B2B software vulnerabilities | | Published: | | 16.02.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5778 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Directory traversal, content spoofing. |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 16.02.2006 | | Source: | | | | SecurityVulns ID: | | 5780 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Original document |  | sp3x_(at)_securityreason.com, [Full-disclosure] Critical SQL Injection PHPNuke <= 7.8 - Your_Account module (16.02.2006) |
| | | SECUNIA, [SA18874] @Mail Webmail Image Tag Script Insertion Vulnerability (16.02.2006) |
| | | SECUNIA, [SA18873] Clever Copy Private Message "Subject" Script Insertion Vulnerability (16.02.2006) |
| | | SECUNIA, [SA18876] Teca Diary Personal Edition SQL Injection Vulnerability (16.02.2006) |
| | | SECUNIA, [SA18885] webSPELL "search.php" SQL Injection Vulnerability (16.02.2006) |
| | | SECUNIA, [SA18797] CGIWrap Error Message System Information Disclosure (16.02.2006) |
| | | SECUNIA, [SA18883] Plume CMS prepend.php File Inclusion Vulnerability (16.02.2006) |
| | | SECUNIA, [SA18868] Squishdot Mail Header Injection Vulnerability (16.02.2006) |
| | | Scott Dewey, [Full-disclosure] Wimpy MP3 Player - Text file overwrite vulnerability (16.02.2006) |
| | | Scott Dewey, [Full-disclosure] HostAdmin - Remote Command Execution Vulnerability (16.02.2006) |
| | | Scott Dewey, [Full-disclosure] Web Calendar Pro - Denial of Service SQL Injection Vulnerability (16.02.2006) |
| | | Scott Dewey, [Full-disclosure] iUser Ecommerce - Remote Command Execution Vulnerability (16.02.2006) |
| | | imei, [myimei]MyBB 1.0.3~private.php~multiple SqlInjection (16.02.2006) |
| | | imei, MyBB1.0.3~managegroup.php~Multiple SqlInjection & XSS (16.02.2006) |
| | | imei, [myimei]MyBB1.0.3~managegroup.php~Multiple SqlInjection & XSS (16.02.2006) |
| | | Aliaksandr Hartsuyeu, [eVuln] M. Blom HTML::BBCode perl module XSS Vulnerabilities (16.02.2006) |
| | | Aliaksandr Hartsuyeu, [eVuln] 2200net Calendar system SQL Injection and Authentication Bypass Vulnerabilities (16.02.2006) |
| | | Aliaksandr Hartsuyeu, [eVuln] My Blog BBCode XSS Vulnerabilities (16.02.2006) |
| | | JeiAr, XMB Forums Multiple Vulnerabilities (16.02.2006) |
| | | info_(at)_digitalarmaments.com, Digital Armaments Security Advisory 02.14.2006: Gallery web-based photo gallery remote file execution (16.02.2006) |
| honeyd honeypot detection | | Published: | | 16.02.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5781 | | Type: | | remote | | Level: | | 4/10 | | Description: | | Invalid IP packet reassembly allows system identification. |
| Kadu instant messaging client DoS | | Published: | | 16.02.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5782 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Large number of image send requests causes client to crash and server not to accept any messages from this client. |
| SSH SFTP client / server format string vulnerability | | Published: | | 16.02.2006 | | Source: | | SECUNIA | | SecurityVulns ID: | | 5783 | | Type: | | client | | Level: | | 6/10 | | Description: | | Format string bug on filename logging. |
PnuPG gpgv / gpg invalid return code
updated since 16.02.2006 | | Published: | | 22.02.2006 | | Source: | | SECUNIA | | SecurityVulns ID: | | 5786 | | Type: | | client | | Level: | | 5/10 | | Description: | | Utility returns 0 status code if no signature found. |
Lighttpd web server source code disclosure
updated since 16.02.2006 | | Published: | | 01.03.2006 | | Source: | | SECUNIA | | SecurityVulns ID: | | 5784 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Source code leak on case-insensitive file systems. |
|
|
|
|
|
|
|
|
