Computer Security
[EN] securityvulns.ru no-pyccku


Mplayer / Xine multiple security vulnerabilities
updated since 05.02.2008
Published:16.02.2008
Source:
SecurityVulns ID:8631
Type:remote
Threat Level:
5/10
Description:Buffer overflow on FLAC data parsing, uninitilized pointer dereference on MOV parsing.
Affected:MPLAYER : MPlayer 1.0
 XINE : xine 1.1
 XINE : xinelib 1.1
CVE:CVE-2008-0486 (Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.)
 CVE-2008-0485 (Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.)
 CVE-2008-0238 (Multiple heap-based buffer overflows in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP (1) Title, (2) Author, or (3) Copyright attribute, related to the rmff_dump_header function, different vectors than CVE-2008-0225. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)
 CVE-2008-0225 (Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute, related to the rmff_dump_header function and related to disregarding the max field. NOTE: some of these details are obtained from third party information.)
Original documentdocumentMANDRIVA, [ MDVSA-2008:046 ] - Updated xine-lib package fixes arbitrary code execution vulnerability (16.02.2008)
 documentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2007-1218: MPlayer 1.0rc2 buffer overflow vulnerability (05.02.2008)
 documentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2008-0122: MPlayer arbitrary pointer dereference (05.02.2008)

Cisco Unified Communications Manager / Cisco CallManager SQL injection
Published:16.02.2008
Source:
SecurityVulns ID:8689
Type:remote
Threat Level:
6/10
Description:Multiple SQL injections in user and admin pages.
Affected:CISCO : Unified Communication Manager 5.0
 CISCO : Unified Communication Manager 5.1
 CISCO : Unified Communication Manager 6.0
 CISCO : Unified Communication Manager 6.1
Original documentdocumentCISCO, Cisco Security Advisory: SQL injection in Cisco Unified Communications Manager (16.02.2008)

Cisco Unified IP Phones multiple SIP security vulnerabilities
Published:16.02.2008
Source:
SecurityVulns ID:8690
Type:remote
Threat Level:
6/10
Description:Buffer overflows, DoS.
Affected:CISCO : Cisco 7940
 CISCO : Cisco 7960
Original documentdocumentCISCO, Cisco Security Advisory: Cisco Unified IP Phone Overflow and Denial of Service Vulnerabilities (16.02.2008)

FreeBSD sendfile() privilege escalation
Published:16.02.2008
Source:
SecurityVulns ID:8691
Type:remote
Threat Level:
5/10
Description:Syscall allows read access to write-only files.
Affected:FREEBSD : FreeBSD 7.0
 FREEBSD : FreeBSD 6.1
 FREEBSD : FreeBSD 5.5
 FREEBSD : FreeBSD 6.2
 FREEBSD : FreeBSD 6.3
CVE:CVE-2008-0777 (The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.)
Original documentdocumentFREEEBSD, FreeBSD Security Advisory FreeBSD-SA-08:03.sendfile (16.02.2008)

FreeBSD IPSec DoS
Published:16.02.2008
Source:
SecurityVulns ID:8692
Type:remote
Threat Level:
7/10
Description:NULL pointer dereference on IPSec packet parsing.
CVE:CVE-2008-0177
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-08:04.ipsec (16.02.2008)

IP Diva VPN SSL multiple security vulnerabilities
Published:16.02.2008
Source:
SecurityVulns ID:8693
Type:remote
Threat Level:
5/10
Description:Unlimited number of passwords attempts, CSS.
Affected:IPDIVA : IPDiva VPNSSL 2.3
 IPDIVA : IPDiva VPNSSL 2.2
Original documentdocumenteagle, DOINGSOFT-2008-02-11-002 IP Diva VPN SSL many XSS attacks (16.02.2008)
 documenteagle, DOINGSOFT-2008-02-11 - IPDiva VPN SSL Brute force attack (16.02.2008)

UniversalFtp Server multiple security vulnerabilities
Published:16.02.2008
Source:
SecurityVulns ID:8694
Type:remote
Threat Level:
5/10
Description:Buffer overflows and DoS conditions.
Affected:UNIVERSALFTP : UniversalFtp Server 1.0
Original documentdocumentsecurfrog_(at)_gmail.com, UniversalFtp Server 1.0.44 Multiple Remote Denial of service (16.02.2008)

SOPHOS Email Security Appliance crossite scripting
Published:16.02.2008
Source:
SecurityVulns ID:8695
Type:remote
Threat Level:
4/10
Description:Administration interface crossite scripting.
Affected:SOPHOS : Sophos ES1000
Original documentdocumentinfocus, [INFIGO-2008-02-13]: SOPHOS Email Security Appliance Cross Site Scripting Vulnerability (16.02.2008)

Sami FTP Server multiple security vulnerabilities
Published:16.02.2008
Source:
SecurityVulns ID:8696
Type:remote
Threat Level:
5/10
Description:Multiple DoS conditions and buffer overflows.
Affected:SAMI : Sami FTP Server 2.0
Original documentdocumentsecurfrog_(at)_gmail.com, Sami FTP Server 2.0.* Multiple Remote Vulnerabilities (16.02.2008)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:16.02.2008
Source:
SecurityVulns ID:8698
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SIMPLEFORUM : Simple Forum 1.11
 BANPRODMS : banpro-dms 1.0
Original documentdocumentmuuratsalo experimental hack lab, banpro-dms 1.0 local file inclusion vulnerability (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, joomla SQL Injection(com_sg) (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, joomla SQL Injection(com_emcompose) (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, joomla SQL Injection(com_filebase) (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, joomla SQL Injection(com_lexikon) (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, joomla SQL Injection( com_scheduling) (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, joomla SQL Injection(com_salesrep) (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, Simple Forum Version 1.7-1.9(pagename) (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, SellOwnHouse login SQL Injection (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, all version Wordpress FORUM [email protected] injection (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, joomla faq SQL Injection (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, joomla com_activities sql injection (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, Ecommerce Websites from b1st.com SQL Injection (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, joomla "com_smslist" sql injecton (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, engineering Neoteric UK LTD [email protected] İNJECTİON (16.02.2008)
 documenthadihadi_zedehal_2006_(at)_yahoo.com, artmedic_weblog Cross Site Scriptting Vulnerbility (16.02.2008)
 documenthackturkiye.hackturkiye_(at)_gmail.com, Simple Forum Version 1.10-1.11 SQL Injection (16.02.2008)

Mailman crossite scripting
Published:16.02.2008
Source:
SecurityVulns ID:8699
Type:remote
Threat Level:
5/10
Affected:MAILMAN : mailman 2.1
CVE:CVE-2008-0564 (Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.10b1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) editing templates and (2) the list's "info attribute" in the web administrator interface, a different vulnerability than CVE-2006-3636.)
Original documentdocumentRPATH, rPSA-2008-0056-1 mailman (16.02.2008)

OpenDAL DoS
Published:16.02.2008
Source:
SecurityVulns ID:8700
Type:remote
Threat Level:
5/10
CVE:CVE-2008-0658 (slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.)
 CVE-2007-6698 (The BDB backend for slapd in OpenLDAP before 2.3.36, allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerability.)
Original documentdocumentRPATH, rPSA-2008-0059-1 openldap openldap-clients openldap-servers (16.02.2008)

Mozilla Firefox / Opera information leak
updated since 16.02.2008
Published:27.02.2008
Source:
SecurityVulns ID:8697
Type:client
Threat Level:
5/10
Description:Error on BMP files displaying allows to read content of heap memory.
Affected:MOZILLA : Firefox 2.0
 MOZILLA : Thunderbird 2.0
 MOZILLA : SeaMonkey 1.1
 OPERA : Opera 9.50
CVE:CVE-2008-0420 (modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to read portions of memory uninitialized via a crafted 8-bit bitmap (BMP) file that triggers an out-of-bounds read within the heap, as demonstrated using a CANVAS element; or cause a denial of service (application crash) via a crafted 8-bit bitmap file that triggers an out-of-bounds read. NOTE: the initial public reports stated that this affected Firefox in Ubuntu 6.06 through 7.10.)
Original documentdocumentMOZILLA, Mozilla Foundation Security Advisory 2008-07 (27.02.2008)
 documentGynvael Coldwind, [HISPASEC] FireFox 2.0.0.11 and Opera 9.50 beta Remote Memory Information Leak, FireFox 2.0.0.11 Remote Denial of Service (16.02.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod