Allied Telesyn AT-9724TS switch DoS
Published:		21.04.2006
Source:		BUGTRAQ
SecurityVulns ID:		6032
Type:		remote
Level:		5/10
Description:		UDP packets flood causes device to fail.

Affected:

ALLIEDTELESYN : AT-9724TS

Original document

kim_(at)_webdeal.no, Allied Telesyn Switch UDP Data Flood Management Denial Of Service Vulnerability (21.04.2006)

Discuss:

Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		21.04.2006
Source:
SecurityVulns ID:		6030
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		PHPLDAPADMIN : phpLDAPadmin 0.9
		4HOMEPAGES : 4images 1.7
		PHPMYADMIN : phpmyadmin 2.8
		XCART : X-Cart 4.1
		PHPMYADMIN : phpmyadmin 2.9
		THWBOARD : ThWboard 2.84
		MININUKE : Mini-NUKE 2.3
		BOOKMARK4U : Bookmark4U 2.0
		ASTERISK : Asterisk@Home 2.6
		ATONE : @1 Event Publisher 2003-12-18
		ATONE : @1 Table Publisher 2006-03-23
		BKFORUM : BK Forum 4.0
		MNEWSLETTER : MWNewsletter 1.0
		R57 : r57shell.php 1.3
CVE:		CVE-2006-7025 (SQL injection vulnerability in admin/config.php in Bookmark4U 2.0 and 2.1 allows remote attackers to inject arbitrary SQL command via the sqlcmd parameter.)

Original document		qex_(at)_bsdmail.org, r57shell.php <= 1.3 XSS (21.04.2006)
		omnipresent_(at)_email.it, bloggage Remote SQL Injection (21.04.2006)
		Aliaksandr Hartsuyeu, [eVuln] MWNewsletter SQL Injection and XSS Vulnerabilities (21.04.2006)
		CrAzY.CrAcKeR_(at)_hotmail.com, BK Forum <<--V.4.0 SQL Injection (21.04.2006)
		SECUNIA, [SA19751] Bloggage "check_login.asp" SQL Injection Vulnerabilities (21.04.2006)
		SECUNIA, [SA19723] @1 Table Publisher Script Insertion Vulnerability (21.04.2006)
		SECUNIA, [SA19727] @1 Event Publisher Multiple Vulnerabilities (21.04.2006)
		Francois Harvey, [Full-disclosure] [SecuriWeb 2006.1] directory traversal in Asterisk@Home and ARI (21.04.2006)
		God Of Death (G.O.D), [Full-disclosure] Sql Injection in BookMark4u (21.04.2006)
		CrAzY.CrAcKeR_(at)_hotmail.com, Mini-NUKE v2.3<<--- SQL Injection (21.04.2006)
		qex_(at)_bsdmail.org, 4images <= 1.7 XSS (21.04.2006)
		CrAzY.CrAcKeR_(at)_hotmail.com, axoverzicht.cgi<==Remote File Inclusion (21.04.2006)
		CrAzY.CrAcKeR_(at)_hotmail.com, ThWboard 3 Beta 2.84 Cross Site Scripting (21.04.2006)
		r0t, phpLDAPadmin multiple vuln. (21.04.2006)
		r0t, phpMyAdmin XSS vuln. (21.04.2006)
		r0t, X-Cart SQL inj. vuln. (21.04.2006)

Discuss:

Read or add your comments to this news (0 comments)

HP StorageWorks Secure Path DoS
Published:		21.04.2006
Source:		BUGTRAQ
SecurityVulns ID:		6031
Type:		remote
Level:		5/10

Affected:

HP : StorageWorks Secure Path 4.0

Original document

HP, [security bulletin] HPSBST02112 SSRT061129 rev.1 - HP StorageWorks Secure Path for Windows Remote Denial of Service (DoS) (21.04.2006)

Discuss:

Read or add your comments to this news (0 comments)

Multiple MacOS X security vulnerabilities
Published:		21.04.2006
Source:		BUGTRAQ
SecurityVulns ID:		6034
Type:		client
Level:		5/10
Description:		Buffer overflow in BOMArchiveHelper on ZIP archive extraction, multiple security bugs in Safari on HTML and different image formats parsing.

Affected:

APPLE : Mac OS X 10.4

Original document

SECUNIA, [SA19686] Mac OS X Multiple Potential Vulnerabilities (21.04.2006)

Discuss:

Read or add your comments to this news (0 comments)

Linux kernel perfmon DoS
Published:		21.04.2006
Source:		SECUNIA
SecurityVulns ID:		6033
Type:		local
Level:		5/10
Description:		Race conditions on mm_struct structure access.

Affected:

LINUX : kernel 2.6

Original document

SECUNIA, [SA19737] Linux Kernel perfmon Local Denial of Service Vulnerability (21.04.2006)

Discuss:

Read or add your comments to this news (0 comments)