Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		17.02.2006
Source:
SecurityVulns ID:		5787
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		PHPKIT : PHPKIT 1.6
		SMEGBHOST : SmE GB Host 1.21
		SOFTCOMPLEX : PHP Event Calendar 1.5
		BIRTHSYS : BirthSys 3.1

Original document		Aliaksandr Hartsuyeu, [eVuln] Scriptme products BBCode 'url' XSS Vulnerability (17.02.2006)
		SECUNIA, [SA18893] BirthSys show.php SQL Injection Vulnerability (17.02.2006)
		rgod_(at)_autistici.org, PHPKIT >= 1.6.1r2 arbitrary local/remote inclusion (unproperly patched in previous versions) (17.02.2006)
		Aliaksandr Hartsuyeu, [eVuln] PHP Event Calendar XSS & User's Data Corruption Vulnerabilities (17.02.2006)

Discuss:

Read or add your comments to this news (0 comments)

BomberClone BomberMan clon game buffer overflow
Published:		17.02.2006
Source:		BUGTRAQ
SecurityVulns ID:		5788
Type:		remote
Level:		5/10
Description:		Buffer overflow on oversized error message.

Affected:

BOMBERCLONE : bomberclone 0.11

Original document

GENTOO, [ GLSA 200602-09 ] BomberClone: Remote execution of arbitrary code (17.02.2006)

Files:		bomberclone < 0.11.6.2 remote exploit
Discuss:		Read or add your comments to this news (0 comments)

D-Link DWL-G700AP wireless access point DoS
Published:		17.02.2006
Source:		BUGTRAQ
SecurityVulns ID:		5789
Type:		remote
Level:		5/10
Description:		Device crashes on HTTP "GET \n\n" request via web interface.

Affected:

DLINK : D-Link DWL-G700AP

Original document

l0om, D-Link DWL-G700AP httpd DoS (17.02.2006)

Files:		Exploits D-Link DWL-G700AP httpd DoS
Discuss:		Read or add your comments to this news (0 comments)

PunkBuster anti-cheat server format string vulnerability
Published:		17.02.2006
Source:		FULL-DISCLOSURE
SecurityVulns ID:		5790
Type:		remote
Level:		5/10
Description:		Format string bug with "reason" parameter if used with Soldier of Fortune II game.

Affected:

PUNKBUSTER : PunkBuster 1.180

Original document

Luigi Auriemma, [Full-disclosure] Soldier of Fortune II format string through PunkBuster 1.180 (17.02.2006)

Discuss:

Read or add your comments to this news (0 comments)

Blue Coat ProxyAV buffer overflow
Published:		17.02.2006
Source:		SECUNIA
SecurityVulns ID:		5792
Type:		remote
Level:		5/10
Description:		Oversized Host: header buffer overflow.

Affected:

BLUECOAT : ProxyAV 2.4

Original document

SECUNIA, [SA18909] Blue Coat ProxyAV Host Header Buffer Overflow Vulnerability (17.02.2006)

Discuss:

Read or add your comments to this news (0 comments)

Netcool NeuSecure Security information management platform multiple security vulnerabilities updated since 17.02.2006
Published:		08.03.2006
Source:		FULL-DISCLOSURE
SecurityVulns ID:		5791
Type:		local
Level:		5/10
Description:		Weak file permissions, cleartext passwords, passwords logging.

Affected:

NETCOOL : NeuSecure 3.0

Original document		D.Snezhkov, [Full-disclosure] Remote access to NeuSecure/Netcool backend database via web interface credentials leakage (08.03.2006)
		D.Snezhkov, [Full-disclosure] Password disclosure and remote access in Netcool/NeuSecure Security information management platform (17.02.2006)

Discuss:

Read or add your comments to this news (0 comments)