 |
|
|
|
| MPlayer buffer overflow | | Published: |  | 20.06.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 7827 | | Type: |  | client | | Level: |  | 5/10 | | Description: |  | Buffer overflow on parsing CDDB server data. |
| Affected: |  | MPLAYER : MPlayer 1.0 | | CVE: |  | CVE-2007-2948 (Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category.) |
| Apache mod_mem_cache information leak | | Published: | | 20.06.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7829 | | Type: | | remote | | Level: | | 4/10 | | Description: | | Under some conditions data from previsously sent server reply headers may be leaked. |
| Affected: | | APACHE : Apache 2.2 | | CVE: | | CVE-2007-1862 (The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.) |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 20.06.2007 | | Source: | | | | SecurityVulns ID: | | 7831 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Multiple open-iscsi security vulnerabilities | | Published: | | 20.06.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7828 | | Type: | | local | | Level: | | 5/10 | | Description: | | Invalid implementation of internal sockets and semaphores access. |
| Affected: | | OPENISCSI : open-iscsi 2.0 | | CVE: | | CVE-2007-3100 (usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore.) | | | | CVE-2007-3099 (usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss).) |
| jasper library buffer overflow | | Published: | | 20.06.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7830 | | Type: | | library | | Level: | | 5/10 | | Description: | | Heap buffer overflow on JPEG-2000 images parsing. |
| CVE: | | CVE-2007-2721 (The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert.) |
Apache httpd multiple local DoS conditions
updated since 30.05.2007 | | Published: | | 20.06.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7757 | | Type: | | local | | Level: | | 5/10 | | Description: | | It's possible to manipalte main worker process causing it to send SIGUSR signal from root to any process, process halt, resources exhaustions. |
| Affected: | | APACHE : Apache 1.3 | | | | APACHE : Apache 2.0 | | | | APACHE : Apache 2.2 | | CVE: | | CVE-2007-3304 (Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer.") |
|
|
|
|
|
|
|
|
