Computer Security
[EN] securityvulns.ru no-pyccku


DoS против IBM DB2
updated since 11.07.2001
Published:18.08.2006
Source:
SecurityVulns ID:1321
Type:remote
Threat Level:
5/10
Описание:Закрытие соединения после передачи 1 байта информации приводит к краху сервиса.
Affected:IBM : DB2 6.1
Original documentdocumentLAMI, Gilles - DSIA, IBM Windows DB2 DoS (11.07.2001)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:18.08.2006
Source:
SecurityVulns ID:6510
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:CUBECART : CubeCart 3.0
Original documentdocumentSaudi Hackrz, powergap <= (s0x.php) Remote File Inclusion (18.08.2006)
 documentrgod_(at)_autistici.org, CubeCart <= 3.0.11 SQL injection & cross site scripting (18.08.2006)
 documentCyber Lords, SQL-Injection in xoops myAds module (18.08.2006)
Files:xoops myAds module exploit for users hash viewing

GNU assembler buffer overflow
Published:18.08.2006
Source:
SecurityVulns ID:6511
Type:local
Threat Level:
4/10
Description:Buffer overflow on assembler file compilation.
Affected:BINUTILS : binutils 2.16
 BINUTILS : binutils 2.15
Original documentdocumentUBUNTU, [USN-336-1] binutils vulnerability (18.08.2006)

AOL weak permissions
Published:18.08.2006
Source:
SecurityVulns ID:6513
Type:local
Threat Level:
5/10
Description:Application folder has Everyone:Full Control permission.
Affected:AOL : AOL 9.0
Original documentdocumentJakob Balle, [Full-disclosure] Secunia Research: AOL Insecure Default Directory Permissions (18.08.2006)

HP-UX LP Subsystem DoS
Published:18.08.2006
Source:
SecurityVulns ID:6514
Type:remote
Threat Level:
5/10
Affected:HP : HP-UX 11.00
 HP : HP-UX 11.11
 HP : HP-UX 11.04
 HP : HP-UX 11.23
Original documentdocumentHP, [security bulletin] HPSBUX02139 SSRT5981 rev.1 - HP-UX Running the LP Subsystem, remote Denial of Service (DoS) (18.08.2006)

Mac OS X XSan filesystem driver buffer overflow
Published:18.08.2006
Source:
SecurityVulns ID:6516
Type:local
Threat Level:
6/10
Description:Buffer overflow on oversized path.
Affected:APPLE : Mac OS X 10.4
Original documentdocumentSECUNIA, [SA21551] Xsan Filesystem Path Name Buffer Overflow Vulnerability (18.08.2006)

IBM AIX setlocale() privilege escalation
Published:18.08.2006
Source:
SecurityVulns ID:6518
Type:library
Threat Level:
5/10
Affected:IBM : AIX 5.3
Original documentdocumentSECUNIA, [SA21541] AIX setlocale Privilege Escalation Vulnerability (18.08.2006)

IBM DB2 database server DoS
updated since 18.08.2006
Published:06.09.2006
Source:
SecurityVulns ID:6517
Type:remote
Threat Level:
5/10
Description:Multiple DoS conditions in database server.
Affected:IBM : DB2 8.12
Original documentdocumentAmichai Shulman, [Full-disclosure] Details for BID 18428 (06.09.2006)
 documentAmichai Shulman, [Full-disclosure] Details for BID 19586 - DB2 UDB Vulnerability (06.09.2006)
 documentSECUNIA, [SA21550] DB2 Universal Database Denial of Service Vulnerabilities (18.08.2006)

Multiple PHP scripting language security vulnerabilities
updated since 18.08.2006
Published:08.09.2006
Source:
SecurityVulns ID:6515
Type:library
Threat Level:
6/10
Description:"file_exists()", "imap_open()", and "imap_reopen()" function and cURL extension safe mode restriction bypass, buffer overflows in different functions on 64-bit systems, buffer overflow in GD extension on GIFs processing, stripos() out-of-memory reading, Incorrect memory_limit restrictions on 64-bit systems. Buffer overflow in LWZReadByte().
Affected:PHP : PHP 4.4
 PHP : PHP 5.1
Original documentdocumentMANDRIVA, [Full-disclosure] [ MDKSA-2006:162 ] - Updated php packages fix vulnerabilities (08.09.2006)
 documentPHP, PHP 4.4.4 and PHP 5.1.5 Released (18.08.2006)

Multiple browsers race conditions
updated since 18.08.2006
Published:05.01.2007
Source:
SecurityVulns ID:6519
Type:client
Threat Level:
6/10
Description:There are different race condition with threading synchronization on different concurrent events.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 NETSCAPE : Netscape 8.1
 MOZILLA : Firefox 1.5
 KMELEON : K-Meleon 1.0
 MICROSOFT : Windows Vista
CVE:CVE-2007-0099 (Race condition in the msxml3 module in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) via many nested tags in an XML document in an IFRAME, when synchronous document rendering is frequently disrupted with asynchronous events, as demonstrated using a JavaScript timer, which can trigger null pointer dereferences or memory corruption.)
Original documentdocumentMichal Zalewski, Concurrency strikes MSIE (potentially exploitable msxml3 flaws) (05.01.2007)
 documentJuha-Matti Laurio, Flock Concurrency-related Memory Corruption Vulnerability (21.08.2006)
 documentJuha-Matti Laurio, Netscape Concurrency-related Memory Corruption Vulnerability (21.08.2006)
 documentJuha-Matti Laurio, K-Meleon Concurrency-related Vulnerability (21.08.2006)
 documentMichal Zalewski, Re: Concurrency-related vulnerabilities in browsers - expect problems (18.08.2006)
 documentMichal Zalewski, Concurrency-related vulnerabilities in browsers - expect problems (18.08.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod