Computer Security
[EN] securityvulns.ru
no-pyccku

  

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:17.06.2008
Source:
SecurityVulns ID:9097
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:OPENDOCMAN : OpenDocMan 1.2
Original documentdocumentS21sec labs, [Full-disclosure] S21SEC-044-en:OpenDocMan Cross Site Scripting (XSS) (17.06.2008)

Crysis games server DoS
Published:17.06.2008
Source:BUGTRAQ
SecurityVulns ID:9093
Type:remote
Level:5/10
Description:NULL pointer dereference on oversized request to HTTP/XML-RPC interface.
Affected:EA : Crysis 1.21
Original documentdocumentLuigi Auriemma, NULL pointer in the HTTP/XML-RPC service of Crysis 1.21 (17.06.2008)

Skulltag game server DoS
Published:17.06.2008
Source:BUGTRAQ
SecurityVulns ID:9094
Type:remote
Level:5/10
Description:Server hangs on malcrafted packet.
Affected:SKULLTAG : Skulltag 0.97
Original documentdocumentLuigi Auriemma, Server freezed in Skulltag 0.97d2-RC2 (17.06.2008)

fetchmail multiple security vulnerabilities
Published:17.06.2008
Source:BUGTRAQ
SecurityVulns ID:9095
Type:remote
Level:5/10
Description:NULL pointer dereference, uninitialized pointer dereference.
Affected:FETCHMAIL : fetchmail 6.3
CVE:CVE-2008-2711 (fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages.)
 CVE-2007-4565 (fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.)
Original documentdocumentFETCHMAIL, fetchmail security announcement fetchmail-SA-2008-01 (CVE-2008-2711) (17.06.2008)
 documentFETCHMAIL, fetchmail security announcement fetchmail-SA-2007-02 (CVE-2007-4565) (17.06.2008)

cbrPager shell characters vulnerability
Published:17.06.2008
Source:BUGTRAQ
SecurityVulns ID:9096
Type:client
Level:5/10
Description:Shell characters vulnerability in archive filenames.
Affected:CBRPAGER : cbrPager 0.9
CVE:CVE-2008-2575 (cbrPager before 0.9.17 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a (1) ZIP (aka .cbz) or (2) RAR (aka .cbr) archive filename.)
Original documentdocumentGENTOO, [ GLSA 200806-05 ] cbrPager: User-assisted execution of arbitrary code (17.06.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru