 |
|
|
|
| Microsoft Windows Vista application spoofing through links | | Published: |  | 16.05.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 7716 | | Type: |  | local | | Level: |  | 2/10 | | Description: |  | It's possible to bypass privileged application execution by spoofing start menu shortcuts. |
| Multiple applications Unicode Full Width / Half Width characters protection bypass | | Published: | | 16.05.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7717 | | Type: | | library | | Level: | | 5/10 | | Description: | | Client application may support translation of Halfwidth/Fullwidth Unicode characters (unicode FF00 - FFEE), while content filter doesn't.
|
| Multiple personal firewalls uncommon process identifier protection bypass | | Published: | | 16.05.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7718 | | Type: | | local | | Level: | | 5/10 | | Description: | | Two lower bits of process identifier are not ignored in hooked OpenProcess functions, making it possible to access protected application by using process id no divisible by 4. |
Samba file server multiple security vulnerabilities
updated since 15.05.2007 | | Published: | | 16.05.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7713 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Multiple heap based buffer overflows, invalid SID to uid translation privilege escalation, shell characters problem. |
| Affected: |  | SAMBA : Samba 3.0 | | CVE: |  | CVE-2007-2447 (The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.) | | | | CVE-2007-2446 (Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).) | | | | CVE-2007-2444 (Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.) | | | | CVE-2007-2444 (Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.) |
|
|
|
|
|
|
|
|
