Search:Vulnerability:20.11.2007 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 20.11.2007
Source:
SecurityVulns ID: 8361
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. HBH-Fusion: CAPTCHA protection bypass.

Affected: WORDPRESS : WordPress 2.3

Original document Steven J. Murdoch, Wordpress Cookie Authentication Vulnerability (20.11.2007)

no-reply_(at)_aria-security.net, [Aria-Secutiy Net] Click&BaneX SQL Injection (20.11.2007)

MustLive, MoBiC-19: HBH-Fusion CAPTCHA bypass (20.11.2007)

Discuss: Read or add your comments to this news (0 comments)

Belkin wireless routers denial of service
Published: 20.11.2007
Source: BUGTRAQ
SecurityVulns ID: 8363
Type: remote
Level: 5/10
Description: Router is vulnerable to SYN-flood attack.

Affected: BELKIN : Belkin Wireless G F5D7230-4

Original document r00t_(at)_bl4ckh0l3.com, Belkin Wireless G Router DoS (20.11.2007)

Discuss: Read or add your comments to this news (0 comments)

Alcatel OmniPCX audio stream hijack
Published: 20.11.2007
Source: BUGTRAQ
SecurityVulns ID: 8364
Type: remote
Level: 6/10
Description: It's possible to hijack audio strem from server by sending TFTP request with filename containing victim's IP.

Affected: ALCATEL : OmniPCX 7.1

Original document daniel.stirnimann_(at)_csnc.ch, Alcatel OmniPCX Enterprise VoIP Vulnerability (20.11.2007)

Discuss: Read or add your comments to this news (0 comments)

Citrix NetScaler crossite scripting
Published: 20.11.2007
Source: BUGTRAQ
SecurityVulns ID: 8365
Type: remote
Level: 5/10
Description: Crossite scripting in /ws/generic_api_call.pl.

Affected: CITRIX : NetScaler 8.0

Original document nnposter_(at)_disclosed.not, Citrix NetScaler Web Management XSS (20.11.2007)

Discuss: Read or add your comments to this news (0 comments)

Firefox / Konqueror / Safari certificate spoofing
updated since 19.11.2007
Published: 20.11.2007
Source: FULL-DISCLOSURE
SecurityVulns ID: 8359
Type: remote
Level: 5/10
Description: Link between certificate and web site is not set, if certificate from unknown certification authirity is manually approved, making it's possible to use same certificate for different site withour warning.

Affected: APPLE : Safari 2.0
MOZILLA : Firefox 2.0
KDE : Konqueror 3.5
APPLE : Safari 3.0
KDE : Konqueror 3.95

Original document Graeme Fowler, Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (20.11.2007)

Nils Toedtmann, ertificate spoofing with subjectAltName and domain name wildcards (19.11.2007)

Nils Toedtmann, [Full-disclosure] Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (19.11.2007)

Discuss: Read or add your comments to this news (0 comments)

PHP multiple Denial of Service conditions
Published: 20.11.2007
Source: BUGTRAQ
SecurityVulns ID: 8362
Type: library
Level: 6/10
Description: Multiple denial of service conditions.

Affected: PHP : PHP 5.2
CVE: CVE-2007-5900
CVE-2007-5899
CVE-2007-5898
CVE-2007-4887 (The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability.)
CVE-2007-4840 (PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the out_charset parameter to the iconv function; or a long string in the charset parameter to the (2) iconv_mime_decode_headers, (3) iconv_mime_decode, or (4) iconv_strlen function. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.)
CVE-2007-4783 (The iconv_substr function in PHP 5.2.4 and earlier allows context-dependent attackers to cause (1) a denial of service (application crash) via a long string in the charset parameter, probably also requiring a long string in the str parameter; or (2) a denial of service (temporary application hang) via a long string in the str parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.)

Original document RPATH, rPSA-2007-0242-1 php5 php5-cgi php5-mysql php5-pear php5-pgsql php5-soap php5-xsl (20.11.2007)

Discuss: Read or add your comments to this news (0 comments)