Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:18.12.2006
Source:
SecurityVulns ID:6947
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PLANETLUC : RateMe 1.3
Original documentdocumentAl7ejaz Hacker, RateMe <= all versions => ( main.inc.php ) Remote File Include Vulnerability (18.12.2006)

Star FT Pserver DoS
Published:18.12.2006
Source:
SecurityVulns ID:6948
Type:remote
Threat Level:
5/10
Description:Crash on imcomplete PORT / oversized RETR command.
Affected:STARFTP : Star FTP server 1.10
Files:Star FTP server 1.10 Remote 0day DoS Exploit

Allied Telesis AT-9000/24 ethernet switche unauthorized access
Published:18.12.2006
Source:
SecurityVulns ID:6949
Type:remote
Threat Level:
5/10
Description:Administration interface may be accessed from any VLAN.
Affected:ALLIEDTELESYN : Allied Telesis AT-9000/24
Original documentdocumentPasi Sjoholm, Allied Telesis AT-9000/24 Ethernet switch management can be accessed from all VLANs. (18.12.2006)

Multiple IBM Websphere security vulnerabilities
Published:18.12.2006
Source:
SecurityVulns ID:6950
Type:remote
Threat Level:
5/10
Description:JSP pages source code access.
Affected:IBM : WebSphere 6.0
Original documentdocumentSECUNIA, [SA23414] IBM WebSphere Application Server Multiple Vulnerabilities (18.12.2006)

Linux Kernel Bluetooth CAPI DoS
Published:18.12.2006
Source:
SecurityVulns ID:6951
Type:local
Threat Level:
5/10
Description:It's possible to overwrite internal kernel objects with CAPI message.
Affected:LINUX : kernel 2.4
 LINUX : kernel 2.6
Original documentdocument , [SA23408] Linux Kernel Bluetooth CAPI Messages Denial of Service (18.12.2006)

MailEnable POP3 server buffer overflow
Published:18.12.2006
Source:
SecurityVulns ID:6952
Type:remote
Threat Level:
6/10
Description:Buffer overflow in POP3 PASS command.
Affected:MAILENABLE : MailEnable Enterprise 2.35
 MAILENABLE : MailEnable Professional 2.35
CVE:CVE-2006-6605 (Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command.)
Original documentdocumentSECUNIA, [Full-disclosure] Secunia Research: MailEnable POP Service "PASS" Command Buffer Overflow (18.12.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod