Search:Vulnerability:18.08.2006 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

DoS против IBM DB2
updated since 11.07.2001
Published: 18.08.2006
Source: BUGTRAQ
SecurityVulns ID: 1321
Type: remote
Level: 5/10
Описание: Закрытие соединения после передачи 1 байта информации приводит к краху сервиса.

Affected: IBM : DB2 6.1

Original document LAMI, Gilles - DSIA, IBM Windows DB2 DoS (11.07.2001)

Discuss: Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 18.08.2006
Source:
SecurityVulns ID: 6510
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: CUBECART : CubeCart 3.0

Original document Saudi Hackrz, powergap <= (s0x.php) Remote File Inclusion (18.08.2006)

rgod_(at)_autistici.org, CubeCart <= 3.0.11 SQL injection & cross site scripting (18.08.2006)

Cyber Lords, SQL-Injection in xoops myAds module (18.08.2006)

Files: xoops myAds module exploit for users hash viewing
Discuss: Read or add your comments to this news (0 comments)

GNU assembler buffer overflow
Published: 18.08.2006
Source: BUGTRAQ
SecurityVulns ID: 6511
Type: local
Level: 4/10
Description: Buffer overflow on assembler file compilation.

Affected: BINUTILS : binutils 2.16
BINUTILS : binutils 2.15

Original document UBUNTU, [USN-336-1] binutils vulnerability (18.08.2006)

Discuss: Read or add your comments to this news (0 comments)

AOL weak permissions
Published: 18.08.2006
Source: FULL-DISCLOSURE
SecurityVulns ID: 6513
Type: local
Level: 5/10
Description: Application folder has Everyone:Full Control permission.

Affected: AOL : AOL 9.0

Original document Jakob Balle, [Full-disclosure] Secunia Research: AOL Insecure Default Directory Permissions (18.08.2006)

Discuss: Read or add your comments to this news (0 comments)

HP-UX LP Subsystem DoS
Published: 18.08.2006
Source: BUGTRAQ
SecurityVulns ID: 6514
Type: remote
Level: 5/10

Affected: HP : HP-UX 11.00
HP : HP-UX 11.11
HP : HP-UX 11.04
HP : HP-UX 11.23

Original document HP, [security bulletin] HPSBUX02139 SSRT5981 rev.1 - HP-UX Running the LP Subsystem, remote Denial of Service (DoS) (18.08.2006)

Discuss: Read or add your comments to this news (0 comments)

Mac OS X XSan filesystem driver buffer overflow
Published: 18.08.2006
Source: SECUNIA
SecurityVulns ID: 6516
Type: local
Level: 6/10
Description: Buffer overflow on oversized path.

Affected: APPLE : Mac OS X 10.4

Original document SECUNIA, [SA21551] Xsan Filesystem Path Name Buffer Overflow Vulnerability (18.08.2006)

Discuss: Read or add your comments to this news (0 comments)

IBM AIX setlocale() privilege escalation
Published: 18.08.2006
Source: SECUNIA
SecurityVulns ID: 6518
Type: library
Level: 5/10

Affected: IBM : AIX 5.3

Original document SECUNIA, [SA21541] AIX setlocale Privilege Escalation Vulnerability (18.08.2006)

Discuss: Read or add your comments to this news (0 comments)

IBM DB2 database server DoS
updated since 18.08.2006
Published: 06.09.2006
Source: SECUNIA
SecurityVulns ID: 6517
Type: remote
Level: 5/10
Description: Multiple DoS conditions in database server.

Affected: IBM : DB2 8.12

Original document Amichai Shulman, [Full-disclosure] Details for BID 18428 (06.09.2006)

Amichai Shulman, [Full-disclosure] Details for BID 19586 - DB2 UDB Vulnerability (06.09.2006)

SECUNIA, [SA21550] DB2 Universal Database Denial of Service Vulnerabilities (18.08.2006)

Discuss: Read or add your comments to this news (0 comments)

Multiple PHP scripting language security vulnerabilities
updated since 18.08.2006
Published: 08.09.2006
Source: PHP
SecurityVulns ID: 6515
Type: library
Level: 6/10
Description: "file_exists()", "imap_open()", and "imap_reopen()" function and cURL extension safe mode restriction bypass, buffer overflows in different functions on 64-bit systems, buffer overflow in GD extension on GIFs processing, stripos() out-of-memory reading, Incorrect memory_limit restrictions on 64-bit systems. Buffer overflow in LWZReadByte().

Affected: PHP : PHP 4.4
PHP : PHP 5.1

Original document MANDRIVA, [Full-disclosure] [ MDKSA-2006:162 ] - Updated php packages fix vulnerabilities (08.09.2006)

PHP, PHP 4.4.4 and PHP 5.1.5 Released (18.08.2006)

Discuss: Read or add your comments to this news (0 comments)

Roxio Toast 7 privilege escalation
updated since 18.08.2006
Published: 14.09.2006
Source: FULL-DISCLOSURE
SecurityVulns ID: 6512
Type: local
Level: 5/10
Description: External applications are launched with relative path.

Affected: ROXIO : Toast 7

Original document Netragard Security Advisories, [Full-disclosure] [NETRAGARD-20060822 SECURITY ADVISORY] [ APPLE COMPUTER CORPORATION KEXTLOAD VULNERABILITY + ROXIO TOAST TITANUM 7 HELPER APP - LOCAL ROOT COMROMISE] (14.09.2006)

Netragard Security Advisories, [Full-disclosure] [NETRAGARD-20060624 SECURITY ADVISORY] [ ROXIO TOAST 7 TITANIUM LOCAL ROOT COMPROMISE - DEJA VU RACE CONDITION] (12.09.2006)

document Netragard Security Advisories, [Full-disclosure] NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ] (18.08.2006)

Discuss: Read or add your comments to this news (0 comments)

Multiple browsers race conditions
updated since 18.08.2006
Published: 05.01.2007
Source: BUGTRAQ
SecurityVulns ID: 6519
Type: client
Level: 6/10
Description: There are different race condition with threading synchronization on different concurrent events.

Affected: MICROSOFT : Windows 2000 Server
MICROSOFT : Windows 2000 Professional
MICROSOFT : Windows XP
MICROSOFT : Windows 2003 Server
NETSCAPE : Netscape 8.1
MOZILLA : Firefox 1.5
KMELEON : K-Meleon 1.0
MICROSOFT : Windows Vista
CVE: CVE-2007-0099 (Race condition in the msxml3 module in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) via many nested tags in an XML document in an IFRAME, when synchronous document rendering is frequently disrupted with asynchronous events, as demonstrated using a JavaScript timer, which can trigger null pointer dereferences or memory corruption.)

Original document Michal Zalewski, Concurrency strikes MSIE (potentially exploitable msxml3 flaws) (05.01.2007)

Juha-Matti Laurio, Flock Concurrency-related Memory Corruption Vulnerability (21.08.2006)

Juha-Matti Laurio, Netscape Concurrency-related Memory Corruption Vulnerability (21.08.2006)

document Juha-Matti Laurio, K-Meleon Concurrency-related Vulnerability (21.08.2006)

Michal Zalewski, Re: Concurrency-related vulnerabilities in browsers - expect problems (18.08.2006)

Michal Zalewski, Concurrency-related vulnerabilities in browsers - expect problems (18.08.2006)

Discuss: Read or add your comments to this news (0 comments)