Search:Vulnerability:19.12.2006 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Mandiant First Response multiple security vulnerabilities
Published: 19.12.2006
Source: BUGTRAQ
SecurityVulns ID: 6953
Type: remote
Level: 6/10
Description: DoS on SSL parsing in HTTPS interface, data manipulation.

Affected: MANDIANT : First Response 1.1

Original document SYMANTEC, SYMSA-2006-013: Multiple Vulnerabilities in Mandiant First Response (19.12.2006)

Discuss: Read or add your comments to this news (0 comments)

Intel 2200BG 802.11 wireless drivers memory corruption
Published: 19.12.2006
Source: SECURITEAM
SecurityVulns ID: 6957
Type: remote
Level: 6/10
Description: Memory corruption on beacon-frames parsing.

Affected: INTEL : Intel 2200 driver 9.0
CVE: CVE-2006-6651 (Race condition in W29N51.SYS in the Intel 2200BG wireless driver 9.0.3.9 allows remote attackers to cause memory corruption and execute arbitrary code via a series of crafted beacon frames. NOTE: some details are obtained solely from third party information.)

Original document SECURITEAM, [NT] Intel 2200BG 802.11 Beacon frame Kernel Memory Corruption (19.12.2006)

Files: Exploits Intel 2200BG 802.11 wireless drivers memory corruption
Discuss: Read or add your comments to this news (0 comments)

D-Bus cross-application messaging system DoS
Published: 19.12.2006
Source: BUGTRAQ
SecurityVulns ID: 6954
Type: local
Level: 5/10
Description: Vulnerability in match_rule_equal allows application to remove rules of different applications.

Affected: DBUS : D-Bus 1.0

Original document MANDRIVA, [ MDKSA-2006:233 ] - Updated dbus packages fix vulnerability (19.12.2006)

Discuss: Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 19.12.2006
Source:
SecurityVulns ID: 6956
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: WEBCALENDAR : WebCalendar 1.0

Original document 7all7_(at)_163.com, WebCalendar >=1.0 Cross-Site Scripting Vulnerabilities (19.12.2006)

Advisory_(at)_Aria-Security.net, HyperVM Cross-Site Scripting (19.12.2006)

Discuss: Read or add your comments to this news (0 comments)

Multiple Linux kernel security vulnerabilities
Published: 19.12.2006
Source: LINUX
SecurityVulns ID: 6958
Type: remote
Level: 5/10
Description: IrDA TTP header buffer overflow. Tokenring memory corruption. do_coredump symbolic links problem.

Affected: LINUX : kernel 2.6

Original document LINUX, ChangeLog-2.6.19.1 (19.12.2006)

Discuss: Read or add your comments to this news (0 comments)

HP JetDirect and HP printers buffer overflow
updated since 19.12.2006
Published: 28.03.2007
Source: BUGTRAQ
SecurityVulns ID: 6955
Type: remote
Level: 6/10
Description: Buffer overflow in LIST, NLIST and RETR command of built-in FTP server.

Affected: HP : J4169A 610n
HP : J6057A 615n
CVE: CVE-2007-1772 (The FTP service in HP JetDirect print servers allows remote attackers to cause a denial of service (engine crash) via a RETR command with a long pathname.)
CVE-2007-0358 (Unspecified vulnerability in the FTP server implementation in HP Jetdirect firmware x.20.nn through x.24.nn allows remote attackers to cause a denial of service via unknown vectors.)

Original document handrix_(at)_gmail.com, [Full-disclosure] Remote DOS HP JetDirect Print Servers (28.03.2007)

HP, [security bulletin] HPSBPI02185 SSRT071290 rev.1 - HP Jetdirect Running ftp, Remote Denial of Service (DoS) (20.01.2007)

Jose Antonio, HP Printers FTP Server Denial Of Service (19.12.2006)

Files: Hewlett-Packard FTP Print Server Version 2.4 Buffer Overflow (POC)
Hewlett-Packard FTP Print Server Version 2.4.5 Buffer Overflow (POC)
Discuss: Read or add your comments to this news (0 comments)

test server