 |
|
|
|
| Dr.Web antivirus buffer overflow | | Published: |  | 20.09.2006 | | Source: |  | FULL-DISCLOSURE | | SecurityVulns ID: |  | 6631 | | Type: |  | client | | Level: |  | 7/10 | | Description: |  | Buffer overflow on oversized LHA archive directory name. |
| Affected: |  | DRWEB : Dr.Web 4.33 |
| Original document |  | Jean-Sébastien Guay-Leroux, [Full-disclosure] Dr.Web 4.33 antivirus LHA long directory name heap overflow (20.09.2006) |
| Multiple OSU httpd security vulnerabilities | | Published: |  | 20.09.2006 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 6632 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | Physical path and directory content disclosure. |
| Affected: |  | OSU : OSU httpd 3.11 |
| Original document |  | rfdslabs_(at)_rfdslabs.com.br, [RLSA_02-2006] OSU httpd for OpenVMS path and directory disclosure - is this a bug or a feature? (20.09.2006) |
| Citrix Access Gateway authentication bypass | | Published: |  | 20.09.2006 | | Source: |  | SECUNIA | | SecurityVulns ID: |  | 6634 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | Unauthenticated access is possible if Advanced Access Control is used with LDAP authentication. |
| Affected: |  | CITRIX : Citrix Access Gateway 4.2 |
| Original document |  | SECUNIA, [SA21941] Citrix Access Gateway Advanced Access Control Authentication Bypass (20.09.2006) |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: |  | 20.09.2006 | | Source: |  | | | SecurityVulns ID: |  | 6633 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: |  | AEDATING : aeDating 4.1 | | |  | ECARDPRO : ECardPro 2.0 | | |  | INNOVATEBOARD : Innovate Portal v.0 | | |  | PTNEWS : PT News 1.7 | | |  | SITEATSCHOOL : Site@School 2.4 | | |  | neon : Neon WebMail for Java 5.07 | | |  | BCWB : BCWB 0.99 | | |  | DIGITALWEBSHOP : Digital WebShop 1.128 | | |  | TEKMAN : Tekman Portal 1.0 | | |  | SDB : Simple Discussion Board 0.1 | | |  | MYREVIEW : MyReview 1.9 | | |  | EXPONENT : Exponent CMS 0.96 | | |  | MOREGROUPWARE : more.groupware 0.7 | | |  | PNPHPBB : PNphpBB2 1.2 | | |  | ALSTRASOFT : AlstraSoft Efriends 4.85 | | |  | PHPPOST : PHP-Post 1.01 | | |  | AMAZINGLP : Amazing Little Poll 1.3 | | |  | CMTEXTS : CMtextS 1.0 | | |  | QUALITEAM : Qualiteam X-Cart Pro 4.1 |
| Original document |  | SECUNIA, [SA22005] Qualiteam X-Cart cmpi.php Variable Overwriting Vulnerability (20.09.2006) |
| |  | SECUNIA, [SA21911] BizDirectory "message" Cross-Site Scripting Vulnerability (20.09.2006) |
| |  | SECUNIA, [SA22013] ECardPro "keyword" SQL Injection Vulnerability (20.09.2006) |
| |  | SECUNIA, [SA21988] CMtextS admin.txt Password Disclosure (20.09.2006) |
| |  | SECUNIA, [SA21997] Amazing Little Poll "lp_settings.inc" Password Disclosure (20.09.2006) |
| |  | SECUNIA, [SA22014] PHP-Post Multiple Vulnerabilities (20.09.2006) |
| |  | MILW0RM, PNphpBB2 <= 1.2g (phpbb_root_path) Remote File Include Vulnerability (20.09.2006) |
| |  | SnIpEr_SA, Pie Cart Pro => (Inc_Dir) Remote File Inclusion Exploit (20.09.2006) |
| |  | Saudi Hackrz, Pie Cart Pro => (Home_Path) Remote File Inclusion Exploit (20.09.2006) |
| |  | CeNGiZ-HaN, Simple Discussion Board Multiple F.le Inclusion Vulnerability (20.09.2006) |
| |  | fixtr_(at)_bsdmail.com, Tekman Portal v1.0 (tr) SQL Injection Vulnerability (20.09.2006) |
| |  | ajannhwt_(at)_hotmail.com, Digital WebShop = v1.128 Multiple Remote File Include Vulnerabilities (20.09.2006) |
| |  | ajannhwt_(at)_hotmail.com, Bcwb 0.99(root_path)Remote File Include Vulnerability (20.09.2006) |
| |  | SECUNIA, [SA21956] Gnuturk Portal "t_id" Parameter SQL Injection Vulnerability (20.09.2006) |
| |  | SECUNIA, [SA21955] aeDating "dir[inc]" File Inclusion Vulnerabilities (20.09.2006) |
| |  | cdg393, [Full-disclosure] A.I-Pifou (Cookie) Local File Inclusion (20.09.2006) |
| |  | contact_(at)_secureshapes.com, [Full-disclosure] DotNetNuke HTML Code Injection (20.09.2006) |
| |  | TAN Chew Keong, [Full-disclosure] [vuln.sg] Neon WebMail for Java Multiple Vulnerabilities (20.09.2006) |
| |  | simo64_(at)_morx.org, Site@School 2.4.02 and below Multiple remote Command Execution Vulnerabilities (20.09.2006) |
| |  | meto5757_(at)_hotmail.com, NextAge Cart Cross-Site Scripting multiple Vulnerabilities (20.09.2006) |
| |  | Snake.Apollyon_(at)_Yahoo.com, PT News 1.7.8 (Search.php) XSS Vulnerability (20.09.2006) |
| |  | Saudi Hackrz, Pie Cart Pro => (Home_Path) Remote File Inclusion Exploit (20.09.2006) |
| |  | meto5757_(at)_hotmail.com, Innovate Portal v2.0 Index.PHP Xss Vuln. (20.09.2006) |
| WS_FTP FTP client buffer overflow | | Published: |  | 20.09.2006 | | Source: |  | MILW0RM | | SecurityVulns ID: |  | 6635 | | Type: |  | client | | Level: |  | 5/10 | | Description: |  | Buffer overflow on PASV command response parsing. |
| |
|
| |