Computer Security
[EN] securityvulns.ru no-pyccku


Cisco IOS Stack Group Bidding Protocol (SGBP) DoS
Published:19.01.2006
Source:
SecurityVulns ID:5660
Type:remote
Threat Level:
5/10
Description:Invalid SGBP (UDP/9900) packet can cause router to hang if sgbp group is defined
Affected:CISCO : IOS 12.0
 CISCO : IOS 12.1
 CISCO : IOS 12.2
 CISCO : IOS 12.3
Original documentdocumentCISCO, Cisco Security Advisory: IOS Stack Group Bidding Protocol Crafted Packet DoS (19.01.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:19.01.2006
Source:
SecurityVulns ID:5661
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:JOOMLA : Joomla! 1.0
 FLUFFINGTON : Flog 1.0
 MIKEHELTONISAWES : aoblogger 2.3
 WBNEWS : WB News 1.1
 PHPCLANWEBSITE : Phpclanwebsite 1.23
 MYBB : MyBB 1,02
 PHLIMAIL : PHlyMail 3.3
 ELOG : ELOG 2.6
 MYAMAZONMANSTORE : My Amazon Store Manager 1.0
CVE:CVE-2007-1288 (Multiple PHP remote file inclusion vulnerabilities in Webmobo WB News 1.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config[installdir] parameter to (1) comment.php, (2) themes.php, (3) directory.php, and (4) sendmsg.php in admin/.)
Original documentdocumentSECUNIA, [SA18535] My Amazon Store Manager "q" Cross-Site Scripting Vulnerability (19.01.2006)
 documentSECUNIA, [SA18537] Netrix X-Site Manager "product_id" Parameter Cross-Site Scripting (19.01.2006)
 documentSECUNIA, [SA18533] ELOG Format String and Directory Traversal Vulnerabilities (19.01.2006)
 documentSECUNIA, [SA18536] PHlyMail Unspecified Script Insertion and SQL Injection (19.01.2006)
 documentSECUNIA, [SA18544] MyBB "Allow HTML in Signatures" Script Insertion Security Issue (19.01.2006)
 documentSECUNIA, [SA18541] Phpclanwebsite "img" BBcode Script Insertion Vulnerability (19.01.2006)
 documentSECUNIA, [SA18513] Joomla! Multiple Unspecified Vulnerabilities (19.01.2006)
 documentSECUNIA, [SA18499] WB News "name" Script Insertion Vulnerability (19.01.2006)
 documentnight_warrior771_(at)_hotmail.com, MyBB Signature HTML Code Injection (19.01.2006)
 documentnight_warrior771_(at)_hotmail.com, XMB Forum HTML Code Injection (19.01.2006)
 documentAliaksandr Hartsuyeu, [eVuln] aoblogger Multiple Vulnerabilities (19.01.2006)
 documentAliaksandr Hartsuyeu, [eVuln] Flog Information Disclosure Vulnerability (19.01.2006)
 documentnight_warrior771_(at)_hotmail.com, Phpclanwebsite BBCode IMG Tag XSS Vulnerability (19.01.2006)

TippingPoint IPS intrusion prevention system DoS
Published:19.01.2006
Source:
SecurityVulns ID:5665
Type:remote
Threat Level:
6/10
Description:Large CPU consumption on HTML documents parsing.
Affected:TIPPINGPOINT : TippingPoint IPS 2.1
Original documentdocumentSECUNIA, [SA18515] TippingPoint IPS Device Denial of Service Vulnerability (19.01.2006)

Dual DHCP DNS Server buffer overflow
Published:19.01.2006
Source:
SecurityVulns ID:5666
Type:remote
Threat Level:
5/10
Description:Oversized DHCP option buffer overflow.
Affected:DUALDHCPDNS : Dual DHCP DNS Server 1.0
Original documentdocumentSECUNIA, [SA18486] Dual DHCP DNS Server DHCP Options Buffer Overflow (19.01.2006)

Cerberus FTP Server DoS
updated since 23.11.2005
Published:19.01.2006
Source:
SecurityVulns ID:5480
Type:remote
Threat Level:
5/10
Description:Request flood causes server to crash.
Affected:CERBERUS : Cerberus FTP Server 2.32
Original documentdocumentcvh_(at)_kapda.ir, Cerberus FTP Server 2.32 Denial of Service (19.01.2006)
 documentSECUNIA, [SA17650] Cerberus FTP Server Denial of Service Vulnerability (23.11.2005)
Files:Cerberus FTP Server <= v2.32 Dos Exploit

BitCoet peer-to-peer client buffer overflow
Published:19.01.2006
Source:
SecurityVulns ID:5662
Type:client
Threat Level:
5/10
Description:Oversized .torrent file URI buffer overflow.
Affected:BITCOMET : BitComet 0.60
Original documentdocumentFortinet Research, [VulnWatch] Fortinet Advisory: BitComet URI Buffer Overflow Vulnerability (19.01.2006)
Files:BitComet URI Proof of Concept exploit

Multiple Cisco Call Manager vulnerabilites
Published:19.01.2006
Source:
SecurityVulns ID:5659
Type:remote
Threat Level:
6/10
Description:DoS by creating multiple TCP/2000, TCP/2001, TCP/2002, TCP/7727 connections. Administrative Web interface privilege escalation.
Affected:CISCO : Cisco CallManager 3.2
 CISCO : Cisco CallManager 3.3
 CISCO : Cisco CallManager 4.0
 CISCO : Cisco CallManager 4.1
Original documentdocumentCISCO, [VulnWatch] Cisco Security Advisory: Cisco Call Manager Privilege Escalation (19.01.2006)
 documentCISCO, Cisco Security Advisory: Cisco Call Manager Denial of Service (19.01.2006)

MyDNS DNS server DoS
Published:19.01.2006
Source:
SecurityVulns ID:5668
Type:remote
Threat Level:
5/10
Affected:MYDNS : MyDNS 1.0
Original documentdocumentSECUNIA, [SA18532] MyDNS Query Handling Denial of Service Vulnerability (19.01.2006)

FreeBSD IEEE 802.11 wireless network buffer overflow
updated since 19.01.2006
Published:20.01.2006
Source:
SecurityVulns ID:5667
Type:remote
Threat Level:
7/10
Description:Buffer overflow on parsing IEEE 802.11 control frames.
Affected:FREEBSD : FreeBSD 6.0
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-06:05.80211 (20.01.2006)
 documentSECUNIA, [SA18353] FreeBSD IEEE 802.11 Buffer Overflow Vulnerability (19.01.2006)

Kerio WinRoute FireWall multiple DoS conditions
updated since 19.01.2006
Published:25.01.2006
Source:
SecurityVulns ID:5664
Type:remote
Threat Level:
6/10
Description:DoS on HTML documents parsing and on oversized Active Directory server reply.
Affected:KERIO : WinRoute Firewall 6.1
Original documentdocumentSECUNIA, [SA18589] Kerio WinRoute Firewall Web Browsing Denial of Service (25.01.2006)
 documentSECUNIA, [SA18542] Kerio WinRoute Firewall Denial of Service Vulnerabilities (19.01.2006)

Multiple Computer Associates (CA) products vulnerabilities
updated since 19.01.2006
Published:02.02.2006
Source:
SecurityVulns ID:5658
Type:remote
Threat Level:
7/10
Description:DM Primer and CA Unicenter buffer overflows, multiple DM Deployment DoS conditions. iGateway buffer overflow. CA Message Queuing DoS conditions.
Affected:CA : Unicenter Remote Control 6.0
 CA : Brightstor ARCserve Backup 11.1
 CA : Brightstor ARCserve Backup 11.0
 CA : BrightStor SAN Manager 11.1
 CA : BrightStor Portal 11.1
 CA : CleverPath OLAP 5.1
 CA : CleverPath ECM 3.5
 CA : CleverPath Predictive Analysis Server 2.0
 CA : CleverPath Predictive Analysis Server 3.0
 CA : CleverPath Aion 10.0
 CA : eTrust Admin 2.01
 CA : eTrust Admin 2.04
 CA : eTrust Admin 2.07
 CA : eTrust Admin 2.09
 CA : eTrust Admin 8.0
 CA : eTrust Admin 8.1
 CA : BrightStor Mobile Backup 4.0
 CA : CA Desktop Protection Suite
 CA : CA Server Protection Suite
 CA : CA Business Protection Suite
 CA : Brightstor ARCserve Backup 11.5
 CA : BrightStor SAN Manager 11.5
 CA : BrightStor Storage Resource Manager 11.1
 CA : BrightStor Storage Resource Manager 11.5
 CA : eTrust Audit 1.5
 CA : eTrust Audit 8.0
 CA : eTrust Audit 8.1
 CA : eTrust Identity Minder 8.0
 CA : eTrust Secure Content Manager 8
 CA : eTrust Integrated Threat Management 8
 CA : Unicenter CA Web Services Distributed Management 11
 CA : Unicenter AutoSys JM 11
 CA : Unicenter Management for WebLogic 11
 CA : Unicenter Management for WebSphere 11
 CA : Unicenter Service Delivery 11
 CA : Unicenter Service Level Management 11
 CA : Unicenter Application Performance Monitor 11
 CA : Unicenter Service Desk 11
 CA : Unicenter Service Fulfillment 11
 CA : Unicenter Asset Portfolio Management 11
 CA : Unicenter Service Matrix Analysis 11
 CA : Unicenter MQ Management 11
 CA : Unicenter Application Server Managment 11
 CA : Unicenter Web Server Management 11
 CA : Unicenter Exchange Management 11
Original documentdocumentCA, CAID 33581 - CA Message Queuing Denial of Service Vulnerabilities (02.02.2006)
 documentIDEFENSE, [VulnWatch] iDefense Security Advisory 01.23.06: Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow Vulnerability (24.01.2006)
 documentCA, [Full-disclosure] CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability (23.01.2006)
 documentCA, [Full-disclosure] DM Primer error handling weakness & an old CAM BO revisited (19.01.2006)
 documentCA, [Full-disclosure] CAID 33756 - DM Deployment Common Component Vulnerabilities (19.01.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod