Computer Security
[EN] securityvulns.ru no-pyccku


pidgin / libpurple security vulnerabilities
updated since 17.03.2012
Published:19.03.2012
Source:
SecurityVulns ID:12253
Type:remote
Threat Level:
5/10
Description:DoS via XMPP and MSN messages, local information leakage.
Affected:PIDGIN : Pidgin 2.10
CVE:CVE-2012-1178 (The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service (application crash) via an OIM message that lacks UTF-8 encoding.)
 CVE-2011-4939 (The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin before 2.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by changing a nickname while in an XMPP chat room.)
Original documentdocumentDimitris Glynos, pidgin OTR information leakage (19.03.2012)
 documentMANDRIVA, [ MDVSA-2012:029 ] pidgin (17.03.2012)

YAML::LibYAML format string vulnerability
Published:19.03.2012
Source:
SecurityVulns ID:12262
Type:library
Threat Level:
6/10
Description:Few format string vulnerabilities.
Affected:YAML : YAML::LibYAML 0.33
CVE:CVE-2012-1152 (Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial of service (process crash) via format string specifiers in a (1) YAML stream to the Load function, (2) YAML node to the load_node function, (3) YAML mapping to the load_mapping function, or (4) YAML sequence to the load_sequence function.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2432-1] libyaml-libyaml-perl security update (19.03.2012)

DBD::Pg format string vulnerability
Published:19.03.2012
Source:
SecurityVulns ID:12263
Type:library
Threat Level:
5/10
Description:Format string vulnerability on server response parsing.
Affected:PERL : DBD::Pg 2.19
CVE:CVE-2012-1151 (Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2431-1] libdbd-pg-perl security update (19.03.2012)

CheckPoint Firewall / VPN-1 information leakage
Published:19.03.2012
Source:
SecurityVulns ID:12264
Type:remote
Threat Level:
2/10
Description:It's possible to obtain host names.
Affected:CHECKPOINT : VPN-1 NGX R65
 CHECKPOINT : VPN-1 R71
Original documentdocumentPatrick Webster, OSI Security: CheckPoint Firewall VPN - Information Disclosure (19.03.2012)

VMware vCenter Chargeback Manager security vulnerabilities
Published:19.03.2012
Source:
SecurityVulns ID:12265
Type:remote
Threat Level:
5/10
Description:Information leakage, DoS.
Affected:VMWARE : vCenter Chargeback Manager 2.0
CVE:CVE-2012-1472 (VMware vCenter Chargeback Manager (aka CBM) before 2.0.1 does not properly handle XML API requests, which allows remote attackers to read arbitrary files or cause a denial of service via unspecified vectors.)
Original documentdocumentVMWARE, VMSA-2012-0002 VMware vCenter Chargeback Manager Information Leak and Denial of Service (19.03.2012)

Enterasys SecureStack Switch crossite scripting
Published:19.03.2012
Source:
SecurityVulns ID:12266
Type:local
Threat Level:
3/10
Description:Stored XSS in different configuration parameters.
Affected:ENTERASYS : SecureStack B2G124
 ENTERASYS : SecureStack B3G124
 ENTERASYS : SecureStack B5G124
 ENTERASYS : SecureStack C3G124
Original documentdocumentVulnerability Lab, Enterasys SecureStack Switch v6.x - Multiple Vulnerabilities (19.03.2012)

Barracuda CudaTel crossite scripting
Published:19.03.2012
Source:
SecurityVulns ID:12267
Type:local
Threat Level:
3/10
Description:Stored XSS in different configuration parameters.
Affected:BARRACUDANETWORK : Barracuda CudaTel 2.0
Original documentdocumentVulnerability Lab, Barracuda CudaTel v2.0.029.1 - Multiple Web Vulnerabilities (19.03.2012)

Polycom teleconferencing devices security vulnereabilities
Published:19.03.2012
Source:
SecurityVulns ID:12268
Type:remote
Threat Level:
5/10
Description:Directory traversal, code injection.
Affected:POLYCOM : Polycom HDX 8000 HD
Original documentdocumentJoao Paulo Caldas Campello, [TSI-ADV-1202] Polycom Web Management Interface O.S. Command Injection (19.03.2012)
 documentJoao Paulo Caldas Campello, [TSI-ADV-1201] Path Traversal on Polycom Web Management Interface (19.03.2012)

Endian UTM Firewall security vulnerabilities
Published:19.03.2012
Source:
SecurityVulns ID:12269
Type:remote
Threat Level:
5/10
Description:XSS, CSRF.
Affected:ENDIAN : UTM Firewall 2.4
 ENDIAN : UTM Firewall 2.5
Original documentdocumentVulnerability Lab, Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities (19.03.2012)

FlashFXP FTP client buffer overflow
Published:19.03.2012
Source:
SecurityVulns ID:12270
Type:client
Threat Level:
5/10
Description:Buffer overflow on server response parsing.
Affected:FLASHFXP : FlashFXP 4.1
Original documentdocumentVulnerability Lab, FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability (19.03.2012)

Dropbear SSH server use-after-free
Published:19.03.2012
Source:
SecurityVulns ID:12271
Type:remote
Threat Level:
6/10
Affected:DROPBEAR : Dropbear 2011.54
CVE:CVE-2012-0920 (Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command requests, related to "channels concurrency.")
Original documentdocumentDanny Fullerton, Dropbear SSH server use-after-free vulnerability (19.03.2012)

notmuch special characters vulnerabilities
Published:19.03.2012
Source:
SecurityVulns ID:12272
Type:client
Threat Level:
5/10
Description:MML tags are not escaped.
Original documentdocumentDEBIAN, [SECURITY] [DSA 2416-1] notmuch security update (19.03.2012)

Cisco SRP 500 multiple security vulnerabilities
Published:19.03.2012
Source:
SecurityVulns ID:12273
Type:remote
Threat Level:
6/10
Description:Commands injection, directory traversal, unauthorized configuration uplooad.
Affected:CISCO : Cisco SRP 500
CVE:CVE-2012-0365 (Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified vectors, aka Bug ID CSCtw56009.)
 CVE-2012-0364 (Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495.)
 CVE-2012-0363 (The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability," aka Bug ID CSCtt46871.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco Small Business SRP 500 Series Multiple Vulnerabilities (19.03.2012)

ABB WebWare code execution
Published:19.03.2012
Source:
SecurityVulns ID:12274
Type:remote
Threat Level:
6/10
Description:TCP/5512 port service code execution.
Original documentdocumentZDI, ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability (19.03.2012)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:19.03.2012
Source:
SecurityVulns ID:12275
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MOODLE : moodle 1.9
 WEBGLIMPSE : Webglimpse 2.18
 BUGZILLA : Bugzilla 4.2
 OSCLASS : OSClass 2.3
 11IN1 : 11in1 1.2
 WIKIDFORUM : Wikidforum 2.10
 WIKYBLOG : WikyBlog 1.7
 SINOLOGY : Photo Station 5
 ICINITI : Iciniti Store 4.3
 SAP : SAP Business Objects XI R2
 ILIENT : SysAid 8.5
 BARRACUDANETWORK : Barracuda Web Application Firewall 660
 RIVETCODE : rivettracker 1.03
 FORKCMS : Fork CMS 3.2
 OPENREALTY : Open-Realty CMS 2.5
 ETANO : Etano 1.22
 TSHEETX : Timesheet Next Gen 1.5
 SYMFONY2 : Symfony2 2.0
 IMGPALS : ImgPals Photo Host 1.0
 OSQA : OSQA CMS 3b
 WOLFCMS : Wolf CMS 0.7
 KONGREG8 : Kongreg8 1.7
 MOVABLETYPE : Movable Type 5.13
 PHPGIFTREG : PHP Gift Registry 1.5
 YVS : YVS Image Gallery 0.0
 PHPSEARCHENG : Mobile Mp3 Search Engine 2.0
 CHYRP : Chyrp 2.5
 ELEFANTCMS : Elefant CMS 1.1
 EJBCA : Enterprise Java Beans Certificate Authority 4.0
 PHPMYVISITES : phpMyVisites 2.4
 SPAMBOTSECURITY : ZB BLOCK 0.4
 AURORA : Aurora WebOPAC 3.5
CVE:CVE-2012-1296 (Multiple cross-site scripting (XSS) vulnerabilities in apps/admin/handlers/preview.php in Elefant CMS 1.0.x before 1.0.2-Beta and 1.1.x before 1.1.5-Beta allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) body parameter to admin/preview.)
 CVE-2012-1295
 CVE-2012-1262 (Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.)
 CVE-2012-1188 (Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) type or (2) querystring parameters to private/en/error or (3) name parameter to private/en/locale/index.)
 CVE-2012-1001
 CVE-2012-0869 (Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter.)
 CVE-2012-0796 (class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1) From: or (2) Sender: header.)
 CVE-2012-0795 (Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 does not validate e-mail address settings, which allows remote authenticated users to have an unspecified impact via a crafted address.)
 CVE-2012-0794 (The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 uses a hardcoded password of nfgjeingjk, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by reading this script's source code within the open-source software distribution.)
 CVE-2012-0793 (Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote attackers to view the profile images of arbitrary user accounts via unspecified vectors.)
 CVE-2012-0792 (mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the names and other details of arbitrary user accounts by searching for posts.)
 CVE-2011-4588 (The ip_in_range function in mnet/lib.php in MNET in Moodle 1.9.x before 1.9.15 uses an incorrect data type, which allows remote attackers to bypass intended IP address restrictions via an XMLRPC request.)
 CVE-2011-4587 (lib/moodlelib.php in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle certain zero values in the password policy, which makes it easier for remote attackers to obtain access by leveraging the possible existence of user accounts that have unchangeable blank passwords.)
 CVE-2011-4586 (CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.)
 CVE-2011-4585 (login/change_password.php in Moodle 1.9.x before 1.9.15 does not use https for the change-password form even if the httpslogin option is enabled, which allows remote attackers to obtain credentials by sniffing the network.)
 CVE-2011-4584 (The MNET authentication functionality in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote authenticated users to impersonate other user accounts by using the Login As feature in conjunction with a remote MNET single sign-on capability, as demonstrated by a Mahara site.)
 CVE-2011-4308 (mod/forum/user.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 allows remote authenticated users to discover the names of other users via unspecified vectors.)
Original documentdocumentlists_(at)_senseofsecurity.com, Aurora WebOPAC SQL Injection - Security Advisory - SOS-12-004 (19.03.2012)
 documentMustLive, Brute Force и XSS уязвимости в Webglimpse (19.03.2012)
 documentchin4b0y, Vulnerability Description: XSS-(CROSS SITE SCRIPTING VULNERABILITIES) (ZAPHOD BREEBLEBROX'S BLOCKER A.K.A. ZB BLOCK) (19.03.2012)
 documentchin4b0y, phpMyVisites 2.4_XSS (19.03.2012)
 documentMustLive, Многочисленные уязвимости в EJBCA (19.03.2012)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in Elefant CMS (19.03.2012)
 documentHigh-Tech Bridge Security Research, Multiple XSS in Chyrp (19.03.2012)
 documentDEBIAN, [SECURITY] [DSA 2414-1] fex security update (19.03.2012)
 documentCorryL, Mobile Mp3 Search Engine HTTP Response Splitting (19.03.2012)
 documentCorryL, YVS Image Gallery Sql injection (19.03.2012)
 documentLpSolit_(at)_gmail.com, Security advisory for Bugzilla 4.2 and 4.0.5 (19.03.2012)
 documentdemonalex_(at)_163.com, CJWSoft ASPGuest GuestBook 'edit.asp' - SQL Injection Vulnerability (19.03.2012)
 documentThomas Richards, PHP Gift Registry 1.5.5 SQL Injection (19.03.2012)
 documentThomas Richards, Kongreg8 1.7.3 Mutiple XSS (19.03.2012)
 documentmkey_(at)_freemail.hu, FrameJammer DOM based XSS (19.03.2012)
 documenthenri_(at)_nerv.fi, Case YVS Image Gallery (19.03.2012)
 documentVulnerability Lab, OSQA CMS v3b - Multiple Persistent Vulnerabilities (19.03.2012)
 documentVulnerability Lab, Wolf CMS v0.7.5 - Multiple Web Vulnerabilities (19.03.2012)
 documentCorryL, ImgPals Photo Host Version 1.0 Admin Account Disactivation (19.03.2012)
 documentDEBIAN, [SECURITY] [DSA 2421-1] moodle security update (19.03.2012)
 documentDEBIAN, [SECURITY] [DSA 2423-1] movabletype-opensource security update (19.03.2012)
 documentdemonalex_(at)_163.com, Lastguru ASP GuestBook 'View.asp' - SQL Injection Vulnerability (19.03.2012)
 documentlists_(at)_senseofsecurity.com, Symfony2 Local File Disclosure - Security Advisory - SOS-12-002 (19.03.2012)
 documentThomas Richards, Timesheet Next Gen 1.5.2 Multiple SQLi (19.03.2012)
 documentYGN Ethical Hacker Group, Open-Realty CMS 2.5.8 (2.x.x) <= "select_users_template" Local File Inclusion Vulnerability (19.03.2012)
 documentYGN Ethical Hacker Group, Etano 1.x <= Multiple Cross Site Scripting Vulnerabilities (19.03.2012)
 document[email protected], 11in1 CMS v1.2.1 - SQL Injection Vulnerabilities (19.03.2012)
 documentHigh-Tech Bridge Security Research, Multiple XSS in Fork CMS (19.03.2012)
 documentali.raheem_(at)_gmail.com, Multiple SQL injections in rivettracker <=1.03 (19.03.2012)
 documentFilippo Cavallarin, OSClass directory traversal (leads to arbitrary file upload) (19.03.2012)
 documentVulnerability Lab, Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities (19.03.2012)
 documentvulns_(at)_dionach.com, SAP Business Objects XI R2 Infoview Multiple XSS (19.03.2012)
 documentlists_(at)_senseofsecurity.com, Iciniti Store SQL Injection - Security Advisory - SOS-12-003 (19.03.2012)
 documentsimon.ganiere_(at)_gmail.com, Synology Photo Station 5 - Reflected Cross-Site Scripting (19.03.2012)
 documentsschurtz_(at)_darksecurity.de, Wikidforum 2.10 Multiple security vulnerabilities (19.03.2012)
 documentsschurtz_(at)_darksecurity.de, WikyBlog 1.7.3RC2 XSS vulnerability (19.03.2012)

HP Data Protector Express multiple security vulnerabilities
updated since 19.03.2012
Published:24.06.2012
Source:
SecurityVulns ID:12261
Type:remote
Threat Level:
6/10
Description:DoS, code execution.
Affected:HP : Data Protector Express 5.0
 HP : Data Protector Express 6.0
CVE:CVE-2012-0124 (Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.)
 CVE-2012-0123 (Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1498.)
 CVE-2012-0122 (Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1393.)
 CVE-2012-0121 (Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1392.)
Original documentdocumentZDI, ZDI-12-097 : HP Data Protector Express Opcode 0x320 Parsing Remote Code Execution Vulnerability (24.06.2012)
 documentZDI, ZDI-12-096 : HP Data Protector Express Opcode 0x330 Parsing Remote Code Execution Vulnerability (24.06.2012)
 documentHP, [security bulletin] HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of Service (DoS), Execution of Arbitrary Code (19.03.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod