Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:17.08.2009
Source:
SecurityVulns ID:10153
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:ZOPE : zope 2.9
 ZOPE : zope 2.10
 DUGALLERY : DUGallery 3.0
 PIWIGO : Piwigo 2.0
CVE:CVE-2009-0669 (Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol.)
 CVE-2009-0668 (Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1863-1] New zope2.10/zope2.9 packages fix arbitrary code execution (17.08.2009)
 documentSense of Security, Piwigo SQL Injection Vulnerability - Security Advisory - SOS-09-007 (17.08.2009)
 documentspymeta_(at)_yahoo.com, DUgallery 3.0 / Remote Admin Bug (17.08.2009)

cURL / libcurl SSL certificate spoofing
Published:17.08.2009
Source:
SecurityVulns ID:10154
Type:library
Threat Level:
6/10
Description:Certificate name spoofing via NULL byte.
Affected:CURL : cURL 7.19
 CURL : libcurl 7.19
CVE:CVE-2009-2417 (lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.)
 CVE-2009-2408 (Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:203 ] curl (17.08.2009)

Adobe JRun multiple security vulnerabilities
Published:17.08.2009
Source:
SecurityVulns ID:10157
Type:remote
Threat Level:
6/10
Description:Directory traversal and crossite scripting in management console.
Affected:ADOBE : JRun 4
CVE:CVE-2009-1873 (Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter.)
Original documentdocumentDSecRG, [DSECRG-09-052] Adobe JRun 4 Directory Traversal Vulnerabilities (17.08.2009)

Asterisk SIP DoS
updated since 11.08.2009
Published:17.08.2009
Source:
SecurityVulns ID:10139
Type:remote
Threat Level:
6/10
Description:Stack overlow (exhaustion) on SIP request processing.
Affected:DIGIUM : Asterisk 1.4
 ASTERISK : Asterisk 1.6
CVE:CVE-2009-2726 (The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, 1.6.0.x before 1.6.0.12, and 1.6.1.x before 1.6.1.4; Asterisk Business Edition A.x.x, B.x.x before B.2.5.9, C.2.x before C.2.4.1, and C.3.x before C.3.1; and Asterisk Appliance s800i 1.2.x before 1.3.0.3 does not use a maximum width when invoking sscanf style functions, which allows remote attackers to cause a denial of service (stack memory consumption) via SIP packets containing large sequences of ASCII decimal characters, as demonstrated via vectors related to (1) the CSeq value in a SIP header, (2) large Content-Length value, and (3) SDP.)
Original documentdocumentMu Dynamics Research Team, Multiple sscanf vulnerabilities in Asterisk [MU-200908-01] (17.08.2009)
 documentASTERISK, AST-2009-005: Remote Crash Vulnerability in SIP channel driver (11.08.2009)

Adobe Coldfusion crossite scripting
Published:17.08.2009
Source:
SecurityVulns ID:10156
Type:remote
Threat Level:
5/10
Description:Multiple crossite scripting conditions.
Affected:ADOBE : Coldfusion 8
CVE:CVE-2009-1872 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm.)
Original documentdocumentDSecRG, [DSECRG-09-022] Adobe Coldfusion 8 Multiple Linked XSS Vulnerabilies (17.08.2009)

Easy Music Player buffer overflow
Published:17.08.2009
Source:
SecurityVulns ID:10155
Type:local
Threat Level:
5/10
Description:Buffer overflow on WAV parsing.
Affected:OTBCODE : Easy Music Player 1.0
Original documentdocumentostoure.sazan_(at)_gmail.com, Easy Music Player 1.0.0.2 (wav) Universal Local Buffer Exploit (17.08.2009)

wxWidgets buffer overflow
Published:17.08.2009
Source:
SecurityVulns ID:10158
Type:client
Threat Level:
5/10
Description:Buffer overflow on JPEG parsing.
Affected:WXWIDGETS : wxWidgets 2.8
CVE:CVE-2009-2369 (Integer overflow in the wxImage::Create function in src/common/image.cpp in wxWidgets 2.8.10 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JPEG file, which triggers a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:204 ] wxgtk (17.08.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod