Computer Security

Search:Vulnerability:19.10.2005
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



snort intrusion detection system (IDS) buffer overflow
Published:19.10.2005
Source:BUGTRAQ
SecurityVulns ID:5363
Type:remote
Level:8/10
Description:Buffer overflow in Back Orifice UDP preprocessing (any UDP port)
Affected:SNORT : snort 2.4
 NORTEL : Nortel Threat Protection System Intrusion Sensor 4.1
 NORTEL : Nortel Threat Protection System Defense Center 4.1
Original documentdocumentSECUNIA, [SA17255] Nortel Threat Protection System Back Orifice Pre-Processor Buffer Overflow (19.10.2005)
 documentX-FORCE, Internet Security Systems Protection Advisory: Snort Back Orifice Parsing Remote Code Execution (19.10.2005)
 documentCERT, US-CERT Technical Cyber Security Alert TA05-291A -- Snort Back Orifice Preprocessor Buffer Overflow (19.10.2005)
Files:THCsnortbo 0.3 - Snort BackOrifice PING exploit
 Snort Back Orifice Preprocessor Overflow
 Snort BackOrifice PING Buffer Overflow (PoC)
Discuss:Read or add your comments to this news (0 comments)

Sun Solaris SCTP socket option DoS
Published:19.10.2005
Source:SECUNIA
SecurityVulns ID:5366
Type:local
Affected:ORACLE : Solaris 10
Original documentdocumentSECUNIA, [SA17198] Sun Solaris SCTP Denial of Service Weaknesses (19.10.2005)
Discuss:Read or add your comments to this news (0 comments)

YIFF server sound files unauthorized access
Published:19.10.2005
Source:BUGTRAQ
SecurityVulns ID:5367
Type:local
Level:5/10
Description:File permissions are ignored while playing file.
Affected:YIFF : YIFF 2.14
Original documentdocumentSECUNIA, [SA17242] YIFF Sound Systems Arbitrary File Playback Weakness (19.10.2005)
Discuss:Read or add your comments to this news (0 comments)

PHP open_basedir protection bypass
updated since 28.09.2005
Published:19.10.2005
Source:SECUNIA
SecurityVulns ID:5270
Type:local
Level:5/10
Description:Under some rare conditions it's possible to open file from different directory.
Affected:PHP : PHP 5.0
 PHP : PHP 4.4
Original documentdocumentSECUNIA, [SA16971] PHP Trailing Slash "open_basedir" Security Bypass (28.09.2005)
Discuss:Read or add your comments to this news (0 comments)

Gentoo Linux multiple ports privilege escalation
Published:19.10.2005
Source:BUGTRAQ
SecurityVulns ID:5358
Type:library
Level:5/10
Description:User from portage group can place dynamic library into search path of vulnerable library. Vulnerable ports are perl, Qt-UnixODBC, CMake.
Affected:PERL : perl 5.8
 QTUNIXODBC : qt-unixodbc 3.3
 CMAKE : cmake 2.2
Original documentdocumentGENTOO, [ GLSA 200510-14 ] Perl, Qt-UnixODBC, CMake: RUNPATH issues (19.10.2005)
Discuss:Read or add your comments to this news (0 comments)

flexbackup backup utility symbolic links problem
Published:19.10.2005
Source:BUGTRAQ
SecurityVulns ID:5360
Type:local
Level:5/10
Description:Symbolic links problem during temporary files creation.
Affected:FLEXBACKUP : flexbackup 1.2
Original documentdocumentZATAZ.net, flexbackup default config insecure temporary file creation (19.10.2005)
Discuss:Read or add your comments to this news (0 comments)

NetPBM graphical utilities buffer overflow
Published:19.10.2005
Source:BUGTRAQ
SecurityVulns ID:5361
Type:library
Level:5/10
Description:Buffer overflow on PNM file parsing in pnmtopng utility.
Affected:NETPBM : netpbm 10.0
 PNMTOPNG : pnmropng 2.38
Original documentdocumentUBUNTU, [USN-210-1] netpbm vulnerability (19.10.2005)
Discuss:Read or add your comments to this news (0 comments)

Cisco Content Switch SSL DoS
Published:19.10.2005
Source:FULL-DISCLOSURE
SecurityVulns ID:5364
Type:remote
Level:6/10
Description:Memory corruption on malformed certificate handling.
Affected:CISCO : CSS 11500
Original documentdocumentCISCO, [Full-disclosure] Cisco Security Advisory:Cisco 11500 Content Services Switch SSL Malformed Client Certificate Vulnerability (19.10.2005)
Discuss:Read or add your comments to this news (0 comments)

AIX lscfg symbolic links problem
Published:19.10.2005
Source:SECUNIA
SecurityVulns ID:5365
Type:local
Level:5/10
Affected:IBM : AIX 5.2
Original documentdocumentSECUNIA, [SA17202] AIX LSCFG Insecure Temporary File Handling Vulnerability (19.10.2005)
Discuss:Read or add your comments to this news (0 comments)

lynx text mode web browser buffer overflow
Published:19.10.2005
Source:BUGTRAQ
SecurityVulns ID:5359
Type:remote
Level:6/10
Description:Buffer overflow on NNTP server reply parsing.
Affected:LYNX : lynx 2.8
Original documentdocumentUBUNTU, [USN-206-1] Lynx vulnerability (19.10.2005)
Discuss:Read or add your comments to this news (0 comments)

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 19.10.2005
Published:22.10.2005
Source:
SecurityVulns ID:5362
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPBB : phpBB 2.0
 PHPMYADMIN : phpMyAdmin 2.6
 E107 : E107 0.617
 WAGORA : W-Agora 4.2
 PHPNUKE : PHP-Nuke 7.8
 ADVENTNET : NetFlow Analyzer 4
 PHPNUKE : PHP-Nuke 7.9
 XERVER : Xerver 4.17
 MAILSITE : MailSite Express 6.1
 PHPNUKE : NukeFixes 3.1
 COMERSUS : Comersus Power Pack Premium
 NUKEDKLAN : Nuked-Klan 1.7
 ALCARCATIE : AL-Caricatie 2.5
Original documentdocumentGod Of Death (G.O.D), [Full-disclosure] Vulnerability in AL-Caricatier, V.2.5 And Prior Versions (22.10.2005)
 documentK-Gen Gen, [Full-disclosure] phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. (22.10.2005)
 documentStefan Esser, [Full-disclosure] Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability (22.10.2005)
 documentpapipsycho_(at)_hotmail.com, Nuked klan 1.7: XSS vulnerability (22.10.2005)
 documentSECUNIA, [SA17201] W-Agora Local File Inclusion and File Upload Vulnerabilities (20.10.2005)
 documentSECUNIA, [SA17219] Comersus Power Pack Premium Cross-Site Scripting Vulnerabilities (20.10.2005)
 documentSECUNIA, [SA17218] PHP-Nuke NukeFixes Addon "file" Local File Inclusion Vulnerability (20.10.2005)
 documentalireza hassani, XSS & Path Disclosure in Chipmunk's products (20.10.2005)
 documentSECUNIA, [SA17240] MailSite Express Attachment Upload Vulnerability (19.10.2005)
 documentSECUNIA, [SA17243] Xerver Multiple Vulnerabilities (19.10.2005)
 documentsp3x_(at)_securityreason.com, SecurityAlert SA025 : PHPNuke Remote Directory Traversal (19.10.2005)
 documentwhy_(at)_nsfocus.com, e107 remote commands execution (19.10.2005)
 documentwhy_(at)_nsfocus.com, NetFlow Analyzer 4 XSS Vulnerability (19.10.2005)
 documentSECUNIA, Secunia Research: MySource Cross-Site Scripting and File Inclusion Vulnerabilities (19.10.2005)
Files:e107 0.617 resetcore.php SQL Injection & remote code execution all-in-one
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server