Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Office unsigned data
updated since 13.12.2007
Published:16.12.2007
Source:
SecurityVulns ID:8449
Type:remote
Threat Level:
4/10
Description:Metadata file and hyperlink desination is not signed on document signing.
Affected:MICROSOFT : Office 2007
Original documentdocumentpoehls_(at)_informatik.uni-hamburg.de, MS Office 2007: Target of Hyperlinks not covered by Digital Signatures (16.12.2007)
 documentpoehls_(at)_informatik.uni-hamburg.de, MS Office 2007: Digital Signature does not protect Meta-Data (13.12.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:16.12.2007
Source:
SecurityVulns ID:8453
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress: information leakage
Affected:PHPAY : Phpay 2.02
 HOSTINGCONTROLLE : Hosting Controller 6.1
 WORDPRESS : WordPress 2.2
 WORDPRESS : WordPress 2.3
 TRIVIANTIS : CourseMill 4.1
 BANEX : Banner Exchange 2.2
 MERETHIS : Centreon 1.4
 OREON : Oreon 1.4
 PHPRPG : PHP RPG 0.8
 ANONPROXYSERVER : Anon Proxy Server 0.100
CVE:CVE-2007-6338 (SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote attackers to execute arbitrary SQL commands via the user parameter (username field). NOTE: some of these details are obtained from third party information.)
Original documentdocumentadmin_(at)_biyofrm.com, Adult Script Unauthorized Administrative Access Exploit (16.12.2007)
 documentMustLive, Information disclosure vulnerabilities in WordPress (16.12.2007)
 documentth3.r00k_(at)_gmail.com, Anon Proxy Server - Remote Code Execution (16.12.2007)
 documentth3.r00k_(at)_gmail.com, Wordpress - Broken Access Control (16.12.2007)
 documentth3.r00k_(at)_gmail.com, PHP RPG - Sql Injection and Session Information Disclosure. (16.12.2007)
 documentth3.r00k_(at)_gmail.com, Oreon/Centreon - Multiple Remote File Inclusion (16.12.2007)
 documentth3.r00k_(at)_gmail.com, Phpay - Local File Inclusion (16.12.2007)
 documentarsalan1991_(at)_gmail.com, PHP MySQL Banner Exchange 2.2.1 remote mysql database bug (16.12.2007)
 documentswhite_(at)_securestate.com, + Trivantis CourseMill Enterprise Learning Management System - SQL Injection - CVE-2007-6338 (16.12.2007)
 documentadmin_(at)_bugreport.ir, Hosting Controller - Multiple Security Bugs (Extremely Critical) (16.12.2007)

Portage information leak
Published:16.12.2007
Source:
SecurityVulns ID:8454
Type:local
Threat Level:
5/10
Description:etc-update utilities stores sensitive information in insecure temporayr file.
Affected:GENTOO : portage 2.1
CVE:CVE-2007-6249
Original documentdocumentGENTOO, [ GLSA 200712-11 ] Portage: Information disclosure (16.12.2007)

IRC Services DoS
Published:16.12.2007
Source:
SecurityVulns ID:8455
Type:remote
Threat Level:
5/10
Description:DoS on oversized password.
Affected:IRCSERVICES : IRC Services 5.0
 IRCSERVICES : IRC Services 5.1
CVE:CVE-2007-6122 (The default_encrypt function in encrypt.c in IRC Services before 5.0.63, and 5.1.x before 5.1.7, allows remote attackers to cause a denial of service (daemon crash) via a long password. NOTE: some of these details are obtained from third party information.)
Original documentdocumentGENTOO, [ GLSA 200712-12 ] IRC Services: Denial of Service (16.12.2007)

wpa_supplicant driver DoS
Published:16.12.2007
Source:
SecurityVulns ID:8456
Type:remote
Threat Level:
5/10
Description:Crash on parsing TSF data.
Affected:WPASUPPLICANT : wpa_supplicant 0.6
CVE:CVE-2007-6025 (Stack-based buffer overflow in driver_wext.c in wpa_supplicant 0.6.0 and earlier allows remote attackers to cause a denial of service (crash) via crafted TSF data.)
Original documentdocumentMANDRIVA, [ MDKSA-2007:245 ] - Updated wpa_supplicant package fixes remote denial of service (16.12.2007)

Novell Groupwise client buffer overflow
Published:16.12.2007
Source:
SecurityVulns ID:8457
Type:client
Threat Level:
6/10
Description:Buffer overflow on oversized SRC property of IMG tag.
Affected:NOVELL : GroupWise 6.5
Original documentdocumentISR-noreply, [ISR] - Novell Groupwise client remote stack overflow silently patched. (16.12.2007)
Files:Exploits Novell Groupwise IMG Tag Overflow (metasploit)

Samba buffer overflow
updated since 12.12.2007
Published:16.12.2007
Source:
SecurityVulns ID:8440
Type:remote
Threat Level:
8/10
Description:Buffer overflow in send_mailslot() on parsing domain logon request.
Affected:SAMBA : Samba 3.0
CVE:CVE-2007-6015 (Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request.)
Original documentdocumentSAMBA, [SECURITY] Buffer overrun in send_mailslot() (12.12.2007)
 documentSECUNIA, Secunia Research: Samba "send_mailslot()" Buffer Overflow Vulnerability (12.12.2007)
Files:POC for samba send_mailslot()

HP Info Center ActiveX code execution
updated since 13.12.2007
Published:16.12.2007
Source:
SecurityVulns ID:8447
Type:client
Threat Level:
6/10
Description:Few unsafe methods are explosed.
Affected:HP : HP Quick Launch Button 6.3
CVE:CVE-2007-6333 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, allows remote attackers to read arbitrary registry values via the arguments to the GetRegValue method.)
 CVE-2007-6332 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, on Microsoft Windows before Vista allows remote attackers to create or modify arbitrary registry values via the arguments to the SetRegValue method.)
 CVE-2007-6331 (Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs via the first argument to the LaunchApp method. NOTE: only a user-assisted attack is possible on Windows Vista.)
Original documentdocumentHP, [security bulletin] HPSBGN02298 SSRT071502 rev.1 - HP Quick Launch Button (QLB) Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access (16.12.2007)
 documentporkythepig_(at)_anspi.pl, HP notebooks remote code execution vulnerability (multiple series) (13.12.2007)

HP-UX DCE DoS
updated since 16.12.2007
Published:14.12.2008
Source:
SecurityVulns ID:8452
Type:remote
Threat Level:
5/10
CVE:CVE-2008-4418 (Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.)
 CVE-2007-6195 (Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.)
Original documentdocumentHP, [security bulletin] HPSBUX02393 SSRT080057 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS) (14.12.2008)
 documentHP, [security bulletin] HPSBUX02294 SSRT071451 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS) (16.12.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod