 |
|
|
|
| Macrovision InstallAnywhere protection bypass | | Published: |  | 20.04.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 7614 | | Type: |  | local | | Level: |  | 3/10 | | Description: |  | It's possible to bypass serial number / password protection. |
| Affected: |  | MACROVISION : InstallAnywhere Enterprise 8.0 | | CVE: |  | CVE-2007-1009 (Macrovision InstallAnywhere Enterprise before 8.0.1 uses the InstallScript.iap_xml configuration file without integrity protection to verify authorization for installing an application, which allows local users to perform unauthorized installations by removing the (1) password or (2) serial number verification sections from this file.) |
| IBM Tivoli Monitoring Express buffer overflow | | Published: | | 20.04.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7617 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Heap buffer overflow on oversized request to Universal Agent Primary Service (TCP/10110), Monitoring Agent for Windows (TCP/6014), Tivoli Enterprise Portal Server (TCP/14206). |
| Affected: | | IBM : Tivoli Monitoring Express 6.1 | | CVE: | | CVE-2007-2137 (Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a long string to a certain TCP port.) |
Dovecot unauthorized access
updated since 20.04.2007 | | Published: | | 20.04.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7621 | | Type: | | remote | | Level: | | 5/10 | | Description: | | zlib plugin allows access to the files behind mail directory. |
Oracle critical patch update
updated since 18.04.2007 | | Published: | | 20.04.2007 | | Source: | | ORACLE | | SecurityVulns ID: | | 7601 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Patch set fixes 36 vulnerabilities in Oracle applications, including 13 vulnerabilities in Oracle database server. |
| Original document |  | SHATTER, Oracle Database Buffer overflow vulnerabilities in package DBMS_SNAP_INTERNAL (20.04.2007) |
| | | ZDI, ZDI-07-016: Oracle E-Business Suite Arbitrary Node Deletion Vulnerability (20.04.2007) |
| | | 3COM, ZDI-07-017: Oracle E-Business Suite Arbitrary Document Download Vulnerability (20.04.2007) |
| | | Kornbrust, Alexander, Bypass Oracle Logon Trigger (18.04.2007) |
| | | Kornbrust, Alexander, SQL Injection in package SYS.DBMS_AQADM_SYS (18.04.2007) |
| | | Kornbrust, Alexander, SQL Injection in package SYS.DBMS_UPGRADE_INTERNAL (18.04.2007) |
| | | Kornbrust, Alexander, Cross-Site-Scripting Vulnerability in Oracle Secure Enterprise Search (SES) (18.04.2007) |
| | | Kornbrust, Alexander, Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet [AS01] (18.04.2007) |
| | | ORACLE, Oracle Critical Patch Update - April 2007 (18.04.2007) |
Netsprint Toolbar ActiveX buffer overfow
updated since 17.04.2007 | | Published: | | 20.04.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7594 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overflow in isChecked() interface. |
| GraceNote CDDBControl ActiveX buffer overflow | | Published: | | 20.04.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7623 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overflow on oversized proxy configuration paramters. |
| CVE: | | CVE-2007-0443 (Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters.) |
| eXtremail buffer overflow | | Published: | | 20.04.2007 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 7624 | | Type: | | remote | | Level: | | 6/10 | | Description: | | DNS resolver code buffer overflow. |
| BlueArc Titan storage server FTP bounce attack | | Published: | | 20.04.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7615 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Bounced port scan is possible. |
Novell Groupwise WebAccess buffer overflow
updated since 20.04.2007 | | Published: | | 20.04.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7616 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Stack buffer overflow (stack overrun) during TCP/7205 TCP/7211 HTTP basic authentication on base64 decoding. |
| CVE: | | CVE-2007-2171 (Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.) |
| WinAmp memory corruption | | Published: | | 20.04.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7618 | | Type: | | client | | Level: | | 6/10 | | Description: | | Memory corruption on WMV files processing. |
| BMC Patrol PerformAgent memory corruption | | Published: | | 20.04.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7619 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Buffer overflow on bgs_sdservice.exe TCP/10128 XDR data parsing. |
| CVE: | | CVE-2007-2136 (Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed.) |
| BMC Performance Manager unauthorized access | | Published: | | 20.04.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7620 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PatrolAgent.exe TCP/3181 allows SNMP community definition modification. |
| CVE: | | CVE-2007-1972 (** DISPUTED ** PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote attackers to execute arbitrary code via a request on TCP port 3181 for modification of the masterAgentName and masterAgentStartLine SNMP parameters. NOTE: the vendor disputes this vulnerability, stating that it does not exist when the system is properly configured.) |
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 20.04.2007 | | Published: | | 22.04.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7622 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Original document | | XenoMuta, [Full-disclosure] freePBX 2.2.x's Music-on-hold Remote Code Execution Injection (22.04.2007) |
| | | seko_(at)_se-ko.info, Eba News Version : v1.1 <= (webpages.php) Remote File Include // starhack.org (20.04.2007) |
| | | dean_(at)_brettle.com, NeatUpload vulnerability and fix (20.04.2007) |
| | | Janek Vind, [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20 (20.04.2007) |
| | | HACKERS PAL, IPB (Invision Power Board) Full Path Disclusure (20.04.2007) |
| | | john_(at)_martinelli.com, NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities (20.04.2007) |
| | | HACKERS PAL, Extreme PHPBB2 Remote File Inclusion (20.04.2007) |
| | | HACKERS PAL, EclipseBB Remote File Inclusion (20.04.2007) |
| | | HACKERS PAL, FullyModdedphpBB2 Remote File Inclusion (20.04.2007) |
| | | HACKERS PAL, MediaBeez Sql query Execution .. Wear isn't ?? :) (20.04.2007) |
| | | programmer_(at)_serbiansite.com, NukeSentinel Bypass SQL Injection & Nuke Evolution <= 2.0.3 SQL Injections (20.04.2007) |
| | | BorN To K!LL BorN To K!LL, Gizzar <= (basePath) Remote File Include Vulnerability (20.04.2007) |
|
|
|
|
|
|
|
|
