Computer Security
[EN] securityvulns.ru no-pyccku


jabberd instant messaging server DoS
Published:20.03.2006
Source:
SecurityVulns ID:5912
Type:remote
Threat Level:
6/10
Description:Crash on malformed SASL request.
Affected:JABBERD : jabberd 2.0
Original documentdocumentSECUNIA, [SA19281] jabberd SASL Negotiation Denial of Service Vulnerability (20.03.2006)

Avast! antivirus weak file permissions
Published:20.03.2006
Source:
SecurityVulns ID:5913
Type:local
Threat Level:
6/10
Description:Everyone:Full Control permissions are set to program folder.
Affected:ALWIL : Avast! Antivirus 4.6
Original documentdocumentSECUNIA, [SA19284] avast! Antivirus Insecure Default File Permissions (20.03.2006)

Multiple MailEnable vulnerabilities
updated since 20.03.2006
Published:21.03.2006
Source:
SecurityVulns ID:5914
Type:remote
Threat Level:
5/10
Description:POP3 authentication vulnerability, crossite scripting, information leak.
Affected:MAILENABLE : MailEnable Standard 1.93
 MAILENABLE : MailEnable Professional 1.73
 MAILENABLE : MailEnable Enterprise 1.21
CVE:CVE-2006-6964 (MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.)
 CVE-2006-1792 (Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact related to "authentication exploits". NOTE: this is a different set of affected versions, and probably a different vulnerability than CVE-2006-1337.)
 CVE-2006-1337 (Buffer overflow in the POP 3 (POP3) service in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 allows remote attackers to execute arbitrary code via unknown vectors before authentication.)
Original documentdocumentnoreply_(at)_musecurity.com, [Full-disclosure] [MU-200603-01] MailEnable POP3 Pre-Authentication Buffer Overflow (21.03.2006)
 documentSECUNIA, [SA19288] MailEnable Webmail and Unspecified POP Vulnerabilities (20.03.2006)

cURL command line download utility buffer overflow
updated since 20.03.2006
Published:28.03.2006
Source:
SecurityVulns ID:5910
Type:client
Threat Level:
6/10
Description:Buffer overflow on parsing tftp:// URL.
Affected:CURL : curl 7.15
 CURL : libcurl 7.15
 OPENOFFICE : OpenOffice 2.0
Original documentdocumentGENTOO, [ GLSA 200603-25 ] OpenOffice.org: Heap overflow in included libcurl (28.03.2006)
 documentUlf Harnhammar, [Full-disclosure] [SSAG#001] :: cURL tftp:// URL Buffer Overflow (20.03.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod