Computer Security
[EN] securityvulns.ru no-pyccku


Mandiant First Response multiple security vulnerabilities
Published:19.12.2006
Source:
SecurityVulns ID:6953
Type:remote
Threat Level:
6/10
Description:DoS on SSL parsing in HTTPS interface, data manipulation.
Affected:MANDIANT : First Response 1.1
Original documentdocumentSYMANTEC, SYMSA-2006-013: Multiple Vulnerabilities in Mandiant First Response (19.12.2006)

Intel 2200BG 802.11 wireless drivers memory corruption
Published:19.12.2006
Source:
SecurityVulns ID:6957
Type:remote
Threat Level:
6/10
Description:Memory corruption on beacon-frames parsing.
Affected:INTEL : Intel 2200 driver 9.0
CVE:CVE-2006-6651 (Race condition in W29N51.SYS in the Intel 2200BG wireless driver 9.0.3.9 allows remote attackers to cause memory corruption and execute arbitrary code via a series of crafted beacon frames. NOTE: some details are obtained solely from third party information.)
Original documentdocumentSECURITEAM, [NT] Intel 2200BG 802.11 Beacon frame Kernel Memory Corruption (19.12.2006)
Files:Exploits Intel 2200BG 802.11 wireless drivers memory corruption

D-Bus cross-application messaging system DoS
Published:19.12.2006
Source:
SecurityVulns ID:6954
Type:local
Threat Level:
5/10
Description:Vulnerability in match_rule_equal allows application to remove rules of different applications.
Affected:DBUS : D-Bus 1.0
Original documentdocumentMANDRIVA, [ MDKSA-2006:233 ] - Updated dbus packages fix vulnerability (19.12.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:19.12.2006
Source:
SecurityVulns ID:6956
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WEBCALENDAR : WebCalendar 1.0
Original documentdocument7all7_(at)_163.com, WebCalendar >=1.0 Cross-Site Scripting Vulnerabilities (19.12.2006)
 documentAdvisory_(at)_Aria-Security.net, HyperVM Cross-Site Scripting (19.12.2006)

Multiple Linux kernel security vulnerabilities
Published:19.12.2006
Source:
SecurityVulns ID:6958
Type:remote
Threat Level:
5/10
Description:IrDA TTP header buffer overflow. Tokenring memory corruption. do_coredump symbolic links problem.
Affected:LINUX : kernel 2.6
Original documentdocumentLINUX, ChangeLog-2.6.19.1 (19.12.2006)

HP JetDirect and HP printers buffer overflow
updated since 19.12.2006
Published:28.03.2007
Source:
SecurityVulns ID:6955
Type:remote
Threat Level:
6/10
Description:Buffer overflow in LIST, NLIST and RETR command of built-in FTP server.
Affected:HP : J4169A 610n
 HP : J6057A 615n
CVE:CVE-2007-1772 (The FTP service in HP JetDirect print servers allows remote attackers to cause a denial of service (engine crash) via a RETR command with a long pathname.)
 CVE-2007-0358 (Unspecified vulnerability in the FTP server implementation in HP Jetdirect firmware x.20.nn through x.24.nn allows remote attackers to cause a denial of service via unknown vectors.)
Original documentdocumenthandrix_(at)_gmail.com, [Full-disclosure] Remote DOS HP JetDirect Print Servers (28.03.2007)
 documentHP, [security bulletin] HPSBPI02185 SSRT071290 rev.1 - HP Jetdirect Running ftp, Remote Denial of Service (DoS) (20.01.2007)
 documentJose Antonio, HP Printers FTP Server Denial Of Service (19.12.2006)
Files:Hewlett-Packard FTP Print Server Version 2.4 Buffer Overflow (POC)
 Hewlett-Packard FTP Print Server Version 2.4.5 Buffer Overflow (POC)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod