Search:Vulnerability:20.01.2010 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Cisco IOS XR DoS
Published: 20.01.2010
Source: BUGTRAQ
SecurityVulns ID: 10536
Type: remote
Level: 6/10
Description: DoS against SSH server leading to system resource exhaustion.

Affected: CISCO : IOS XR 3.4
CISCO : IOS XR 3.5
CISCO : IOS XR 3.6
CISCO : IOS XR 3.7
CISCO : IOS XR 3.8
CISCO : IOS XR 3.9
CVE: CVE-2010-0137 (Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574.)

Original document CISCO, Cisco Security Advisory: Cisco IOS XR Software SSH Denial of Service Vulnerability (20.01.2010)

Discuss: Read or add your comments to this news (0 comments)

Wireshark sniffer multiple security vulnerabilities
Published: 20.01.2010
Source: BUGTRAQ
SecurityVulns ID: 10538
Type: remote
Level: 5/10
Description: DoS via SMB and SMB2 packets, buffer overflow on Daintree SNA files parsing.

Affected: WIRESHARK : Wireshark 1.2
CVE: CVE-2009-4377 (The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.)
CVE-2009-4376 (Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.)

Original document MANDRIVA, [ MDVSA-2010:016 ] wireshark (20.01.2010)

Discuss: Read or add your comments to this news (0 comments)

Kingsoft DuBa Browser Shield ActiveX memory corruption
Published: 20.01.2010
Source: BUGTRAQ
SecurityVulns ID: 10542
Type: client
Level: 5/10

Original document superli_(at)_safe-mail.net, Kingsoft DuBa Browser Shield ActiveX Remote Exec 0day POC (20.01.2010)

Discuss: Read or add your comments to this news (0 comments)

glibc getpwname information leak
Published: 20.01.2010
Source: BUGTRAQ
SecurityVulns ID: 10537
Type: library
Level: 7/10
Description: Records from passwd.adjunct.byname map are added to passwd map leading to crypted NIS password disclosure.

Affected: GNU : glibc 2.7
CVE: CVE-2010-0015 (nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.)

Original document DEBIAN, [SECURITY] [DSA 1973-1] New glibc packages fix information disclosure (20.01.2010)

Discuss: Read or add your comments to this news (0 comments)

QvodPlayer ActiveX memory corruption
Published: 20.01.2010
Source: BUGTRAQ
SecurityVulns ID: 10539
Type: client
Level: 5/10
Description: ColorFilter ColorFilter memory corruption.

Original document info_(at)_securitylab.ir, QvodPlayer ColorFilter Codec ActiveX Remote Exec (20.01.2010)

Discuss: Read or add your comments to this news (0 comments)

Baidu Security Center memory corruption
Published: 20.01.2010
Source: BUGTRAQ
SecurityVulns ID: 10541
Type: client
Level: 5/10
Description: FireFoxProxy ActiveX memory corruption.

Affected: BAIDU : Baidu Security Center 2.0

Original document superli_(at)_safe-mail.net, Baidu Security Center FireFoxProxy ActiveX Remote Exec 0day POC (20.01.2010)

Discuss: Read or add your comments to this news (0 comments)

Xunlei XPPlayer / Xunlei KanKan Player ActiveX integer overflow
Published: 20.01.2010
Source: BUGTRAQ
SecurityVulns ID: 10540
Type: client
Level: 5/10

Original document superli_(at)_safe-mail.net, Xunlei XPPlayer ActiveX Remote Exec 0day POC (20.01.2010)

Discuss: Read or add your comments to this news (0 comments)

S.O.M.P.L. Player buffer overflow
Published: 20.01.2010
Source: BUGTRAQ
SecurityVulns ID: 10543
Type: local
Level: 4/10
Description: Buffer overflow on .M3U playlists parsing.

Original document security_(at)_corelan.be, [CORELAN-10-006] BOF Vulnerability in S.O.M.P.L. Player (20.01.2010)

Discuss: Read or add your comments to this news (0 comments)

Adobe Shockwave Player integer overflows
updated since 20.01.2010
Published: 21.01.2010
Source: BUGTRAQ
SecurityVulns ID: 10535
Type: client
Level: 7/10
Description: Integer overflows and buffer overflow on Shockwave processing.

Affected: ADOBE : Shockwave Player 11.5
CVE: CVE-2009-4003 (Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via (2) an unspecified 3D block in a Shockwave file, leading to memory corruption; or (3) a crafted 3D model in a Shockwave file, leading to heap memory corruption.)
CVE-2009-4002 (Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 allows remote attackers to execute arbitrary code via a crafted 3D model in a Shockwave file.)

Original document SECUNIA, Secunia Research: Adobe Shockwave Player 3D Model Buffer Overflow (21.01.2010)

SECUNIA, Secunia Research: Adobe Shockwave Player Integer Overflow Vulnerability (20.01.2010)

Discuss: Read or add your comments to this news (0 comments)

test server