Computer Security
[EN] securityvulns.ru no-pyccku


HP OpenView Network Node Manager multiple security vulnerabilities
updated since 09.06.2010
Published:20.06.2010
Source:
SecurityVulns ID:10918
Type:remote
Threat Level:
6/10
Description:Memory corruption on HTTP and SNMP request processing.
Affected:HP : OpenView Network Node Manager 7.51
 HP : OpenView Network Node Manager 7.53
CVE:CVE-2010-1964 (Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.)
 CVE-2010-1961 (Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified variables to jovgraph.exe, which are not properly handled in a call to the sprintf function.)
 CVE-2010-1960 (Buffer overflow in the error handling functionality in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long, invalid option to jovgraph.exe.)
Original documentdocumentZDI, ZDI-10-108: HP OpenView NNM ovwebsnmpsrv.exe Command Line Argument Remote Code Execution Vulnerability (20.06.2010)
 documentHP, [security bulletin] HPSBMA02537 SSRT010027 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (09.06.2010)
 documentZDI, ZDI-10-105: Hewlett-Packard OpenView NNM ovwebsnmpsrv.exe Bad Option Remote Code Execution Vulnerability (09.06.2010)
 documentZDI, ZDI-10-106: Hewlett-Packard OpenView NNM ovutil.dll getProxiedStorageAddress Remote Code Execution Vulnerability (09.06.2010)

TitanFTP directory traversal
updated since 17.06.2010
Published:20.06.2010
Source:
SecurityVulns ID:10939
Type:remote
Threat Level:
5/10
Description:xcrc and comb commands directory traversal
Affected:SOUTHREIVERTECH : TitanFTP Server 8.10
Original documentdocumentbill_(at)_accensussecurity.com, TitanFTP Server COMB directory traversal (20.06.2010)
 documentbill_(at)_accensussecurity.com, TitanFTP Server Arbitrary File Disclosure (17.06.2010)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:20.06.2010
Source:
SecurityVulns ID:10940
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SPRINGSOURCE : Spring Framework 3.0
 SPRINGSOURCE : Spring Framework 2.5
 REDAKS : RedAks 2.0
CVE:CVE-2010-1622 (SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.)
Original documentdocumentMustLive, Vulnerabilities in eSitesBuilder (20.06.2010)
 documentdavid.kurz_(at)_majorsecurity.net, [MajorSecurity SA-074]CMS RedAks 2.0 - Multiple Cross-site Scripting issues (20.06.2010)
 documents2-security, CVE-2010-1622: Spring Framework execution of arbitrary code (20.06.2010)
 documentLaurent OUDOT at TEHTRI-Security, TEHTRI-Security released 13 0days against web tools used by evil attackers (20.06.2010)

pmount symbolis links vulnerability
Published:20.06.2010
Source:
SecurityVulns ID:10941
Type:local
Threat Level:
5/10
Description:Insecure creation of lock files.
Affected:PMOUNT : pmount 0.9
CVE:CVE-2010-2192 (The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/.)
Original documentdocumentDRBIAN, [SECURITY] [DSA 2063-1] New pmount packages fix denial of service (20.06.2010)

Sudo protection bypass
Published:20.06.2010
Source:
SecurityVulns ID:10942
Type:client
Threat Level:
5/10
Description:It's possible to bypass PATH variable sanitization be setting few PATH variables.
Affected:SUDO : sudo 1.6
CVE:CVE-2010-1646 (The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.)
Original documentdocumentMANDRIVA, [ MDVSA-2010:118 ] sudo (20.06.2010)

Samba buffer overflow
Published:20.06.2010
Source:
SecurityVulns ID:10943
Type:remote
Threat Level:
7/10
Description:Buffer overflow and DoS conditions on SMB request parsing.
Affected:SAMBA : Samba 3.3
CVE:CVE-2010-2063 (Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.)
 CVE-2010-1642 (The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup AndX request.)
 CVE-2010-1635 (The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 06.16.10: Samba 3.3.12 Memory Corruption Vulnerability (20.06.2010)

TurboFTP FTP Server directory traversal
updated since 20.06.2010
Published:14.08.2010
Source:
SecurityVulns ID:10944
Type:remote
Threat Level:
5/10
Description:Directory traversal via mkdir and move command.
Affected:TURBOSOFT : TurboFTP Server 1.20
Original documentdocumentHigh-Tech Bridge Security Research, Directory Traversal Vulnerability in TurboFTP Server (14.08.2010)
 documentleinakesi_(at)_gmail.com, TurboFTP Server Directory Traversal Vulnerability (20.06.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod