Computer Security
[EN] securityvulns.ru no-pyccku


Dell Remote Access Card DoS
updated since 16.08.2007
Published:20.01.2008
Source:
SecurityVulns ID:8058
Type:remote
Threat Level:
5/10
Description:nmap scan causes SSH service to crash.
Affected:DELL : Remote Access Card 4
Original documentdocumentRobert Scheck, [FIXED] Remote Denial of Service for SSH service at Dell DRAC4 (maybe Mocana SSH) (20.01.2008)
 documentRobert Scheck, Remote Denial of Service for SSH service at Dell DRAC4 (maybe Mocana SSH) (16.08.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:20.01.2008
Source:
SecurityVulns ID:8584
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MYBB : MyBB 1.2
 CLEVERCOPY : Clever Copy 3.0
 AGARES : PhpAutoVideo 2.21
Original documentdocumentnbbn_(at)_gmx.net, MyBB 1.2.11 Multiple XSRF Vulnerabilities (20.01.2008)
 documenthoussamix_(at)_hotmail.fr, Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities (20.01.2008)
 documenthadihadi_zedehal_2006_(at)_yahoo.com, Clever Copy <=3.0 Multiple Remote Vulnerabilities (20.01.2008)

SocksCAP buffer overflow
Published:20.01.2008
Source:
SecurityVulns ID:8585
Type:client
Threat Level:
7/10
Description:Buffer overflow on oversized host name.
Affected:PERMEO : SocksCap 2.40
Original documentdocumentazizov_(at)_itdefence.ru, SocksCap Stack Overflow (<= 2.40-051231) (20.01.2008)

BitDefender Update Server directory traversal
Published:20.01.2008
Source:
SecurityVulns ID:8586
Type:remote
Threat Level:
6/10
Description:HTTP server directory traversal with /../
Original documentdocumentOliver Karow, BitDefender Update Server - Unauthorized Remote File Access Vulnerability (20.01.2008)

OKI C5510MFP printers unauthroized access
Published:20.01.2008
Source:
SecurityVulns ID:8587
Type:remote
Threat Level:
4/10
Description:Web interface password is checked on client site.
Affected:OKI : C5510MFP
Original documentdocumentAdrian Leuenberger, [CSNC] OKI C5510MFP Printer Password Disclosure (20.01.2008)

CORE FORCE firewall buffer overflow
Published:20.01.2008
Source:
SecurityVulns ID:8588
Type:local
Threat Level:
5/10
Description:Buffer overflow on IOCTLs and SSDT-hooked functions processing.
Affected:CORE : FORCE 0.95
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2007-1119: CORE FORCE Kernel Buffer Overflow (20.01.2008)

Citrix Presentation Server buffer overflow
Published:20.01.2008
Source:
SecurityVulns ID:8589
Type:remote
Threat Level:
6/10
Description:IMA service(TCP/2512, TCP/2513) heap buffer overflow.
Affected:CITRIX : MetaFrame Presentation Server 3.0
 CITRIX : Presentation Server 4.0
 CITRIX : Presentation Server 4.5
 CITRIX : Access Essentials 1.0
 CITRIX : Access Essentials 1.5
 CITRIX : Access Essentials 2.0
 CITRIX : Desktop Server 1.0
Original documentdocumentZDI, ZDI-08-002: Citrix Presentation Server IMA Service Heap Overflow Vulnerability (20.01.2008)

XFree86 / X.Org / NX multiple security vulnerabilities
updated since 20.01.2008
Published:08.04.2008
Source:
SecurityVulns ID:8583
Type:local
Threat Level:
7/10
Description:XInput and TOG-CUP extensions memory corruption, EVI and MIT-SHM extensions integer overflows, multiple extensions array index overflows. libxfont PCF fonts parsing buffer overflow.
Affected:NX : nx 3.1
CVE:CVE-2008-0006
 CVE-2007-6429
 CVE-2007-6428 (The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.)
 CVE-2007-6427
 CVE-2007-5958
 CVE-2007-5760
Original documentdocumentGENTOO, [ GLSA 200804-05 ] NX: User-assisted execution of arbitrary code (08.04.2008)
 documentUBUNTU, [USN-571-1] X.org vulnerabilities (20.01.2008)
 documentIDEFENSE, iDefense Security Advisory 01.17.08: Multiple Vendor X Server XFree86-Misc Extension Invalid Array Index Vulnerability (20.01.2008)
 documentIDEFENSE, iDefense Security Advisory 01.17.08: Multiple Vendor X Server EVI and MIT-SHM Extensions Integer Overflow Vulnerabilities (20.01.2008)
 documentIDEFENSE, iDefense Security Advisory 01.17.08: Multiple Vendor X Server TOG-CUP Extension Information Disclosure Vulnerability (20.01.2008)
 documentIDEFENSE, iDefense Security Advisory 01.17.08: Multiple Vendor X Server XInput Extension Multiple Memory Corruption Vulnerabilities (20.01.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod