Computer Security

Search:Vulnerability:16.12.2007
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Microsoft Office unsigned data
updated since 13.12.2007
Published:16.12.2007
Source:BUGTRAQ
SecurityVulns ID:8449
Type:remote
Level:4/10
Description:Metadata file and hyperlink desination is not signed on document signing.
Affected:MICROSOFT : Office 2007
Original documentdocumentpoehls_(at)_informatik.uni-hamburg.de, MS Office 2007: Target of Hyperlinks not covered by Digital Signatures (16.12.2007)
 documentpoehls_(at)_informatik.uni-hamburg.de, MS Office 2007: Digital Signature does not protect Meta-Data (13.12.2007)
Discuss:Read or add your comments to this news (0 comments)

Portage information leak
Published:16.12.2007
Source:BUGTRAQ
SecurityVulns ID:8454
Type:local
Level:5/10
Description:etc-update utilities stores sensitive information in insecure temporayr file.
Affected:GENTOO : portage 2.1
CVE:CVE-2007-6249
Original documentdocumentGENTOO, [ GLSA 200712-11 ] Portage: Information disclosure (16.12.2007)
Discuss:Read or add your comments to this news (0 comments)

wpa_supplicant driver DoS
Published:16.12.2007
Source:BUGTRAQ
SecurityVulns ID:8456
Type:remote
Level:5/10
Description:Crash on parsing TSF data.
Affected:WPASUPPLICANT : wpa_supplicant 0.6
CVE:CVE-2007-6025 (Stack-based buffer overflow in driver_wext.c in wpa_supplicant 0.6.0 and earlier allows remote attackers to cause a denial of service (crash) via crafted TSF data.)
Original documentdocumentMANDRIVA, [ MDKSA-2007:245 ] - Updated wpa_supplicant package fixes remote denial of service (16.12.2007)
Discuss:Read or add your comments to this news (0 comments)

Novell Groupwise client buffer overflow
Published:16.12.2007
Source:BUGTRAQ
SecurityVulns ID:8457
Type:client
Level:6/10
Description:Buffer overflow on oversized SRC property of IMG tag.
Affected:NOVELL : GroupWise 6.5
Original documentdocumentISR-noreply, [ISR] - Novell Groupwise client remote stack overflow silently patched. (16.12.2007)
Files:Exploits Novell Groupwise IMG Tag Overflow (metasploit)
Discuss:Read or add your comments to this news (0 comments)

HP Info Center ActiveX code execution
updated since 13.12.2007
Published:16.12.2007
Source:BUGTRAQ
SecurityVulns ID:8447
Type:client
Level:6/10
Description:Few unsafe methods are explosed.
Affected:HP : HP Quick Launch Button 6.3
CVE:CVE-2007-6333 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, allows remote attackers to read arbitrary registry values via the arguments to the GetRegValue method.)
 CVE-2007-6332 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, on Microsoft Windows before Vista allows remote attackers to create or modify arbitrary registry values via the arguments to the SetRegValue method.)
 CVE-2007-6331 (Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs via the first argument to the LaunchApp method. NOTE: only a user-assisted attack is possible on Windows Vista.)
Original documentdocumentHP, [security bulletin] HPSBGN02298 SSRT071502 rev.1 - HP Quick Launch Button (QLB) Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access (16.12.2007)
 documentporkythepig_(at)_anspi.pl, HP notebooks remote code execution vulnerability (multiple series) (13.12.2007)
Discuss:Read or add your comments to this news (0 comments)

Samba buffer overflow
updated since 12.12.2007
Published:16.12.2007
Source:BUGTRAQ
SecurityVulns ID:8440
Type:remote
Level:8/10
Description:Buffer overflow in send_mailslot() on parsing domain logon request.
Affected:SAMBA : Samba 3.0
CVE:CVE-2007-6015
Original documentdocumentSAMBA, [SECURITY] Buffer overrun in send_mailslot() (12.12.2007)
 documentSECUNIA, Secunia Research: Samba "send_mailslot()" Buffer Overflow Vulnerability (12.12.2007)
Files:POC for samba send_mailslot()
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:16.12.2007
Source:
SecurityVulns ID:8453
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress: information leakage
Affected:PHPAY : Phpay 2.02
 HOSTINGCONTROLLE : Hosting Controller 6.1
 WORDPRESS : WordPress 2.2
 WORDPRESS : WordPress 2.3
 TRIVIANTIS : CourseMill 4.1
 BANEX : Banner Exchange 2.2
 MERETHIS : Centreon 1.4
 OREON : Oreon 1.4
 PHPRPG : PHP RPG 0.8
 ANONPROXYSERVER : Anon Proxy Server 0.100
CVE:CVE-2007-6338 (SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote attackers to execute arbitrary SQL commands via the user parameter (username field). NOTE: some of these details are obtained from third party information.)
Original documentdocumentadmin_(at)_biyofrm.com, Adult Script Unauthorized Administrative Access Exploit (16.12.2007)
 documentMustLive, Information disclosure vulnerabilities in WordPress (16.12.2007)
 documentth3.r00k_(at)_gmail.com, Anon Proxy Server - Remote Code Execution (16.12.2007)
 documentth3.r00k_(at)_gmail.com, Wordpress - Broken Access Control (16.12.2007)
 documentth3.r00k_(at)_gmail.com, PHP RPG - Sql Injection and Session Information Disclosure. (16.12.2007)
 documentth3.r00k_(at)_gmail.com, Oreon/Centreon - Multiple Remote File Inclusion (16.12.2007)
 documentth3.r00k_(at)_gmail.com, Phpay - Local File Inclusion (16.12.2007)
 documentarsalan1991_(at)_gmail.com, PHP MySQL Banner Exchange 2.2.1 remote mysql database bug (16.12.2007)
 documentswhite_(at)_securestate.com, + Trivantis CourseMill Enterprise Learning Management System - SQL Injection - CVE-2007-6338 (16.12.2007)
 documentadmin_(at)_bugreport.ir, Hosting Controller - Multiple Security Bugs (Extremely Critical) (16.12.2007)
Discuss:Read or add your comments to this news (0 comments)

IRC Services DoS
Published:16.12.2007
Source:BUGTRAQ
SecurityVulns ID:8455
Type:remote
Level:5/10
Description:DoS on oversized password.
Affected:IRCSERVICES : IRC Services 5.0
 IRCSERVICES : IRC Services 5.1
CVE:CVE-2007-6122 (The default_encrypt function in encrypt.c in IRC Services before 5.0.63, and 5.1.x before 5.1.7, allows remote attackers to cause a denial of service (daemon crash) via a long password. NOTE: some of these details are obtained from third party information.)
Original documentdocumentGENTOO, [ GLSA 200712-12 ] IRC Services: Denial of Service (16.12.2007)
Discuss:Read or add your comments to this news (0 comments)

HP-UX DCE DoS
updated since 16.12.2007
Published:14.12.2008
Source:BUGTRAQ
SecurityVulns ID:8452
Type:remote
Level:5/10
CVE:CVE-2008-4418 (Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.)
 CVE-2007-6195 (Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.)
Original documentdocumentHP, [security bulletin] HPSBUX02393 SSRT080057 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS) (14.12.2008)
 documentHP, [security bulletin] HPSBUX02294 SSRT071451 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS) (16.12.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server