OpenSSH account enumeration
Published:		21.04.2007
Source:		FULL-DISCLOSURE
SecurityVulns ID:		7627
Type:		remote
Level:		4/10
Description:		S/Key is requested only for existing user account, if S/Key authentication is used.

Affected:

OPENSSH : OpenSSH 4.6

Original document

rembrandt, [Full-disclosure] OpenSSH - System Account Enumeration if S/Key is used (21.04.2007)

Discuss:

Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		21.04.2007
Source:		BUGTRAQ
SecurityVulns ID:		7625
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		WORDPRESS : WordPress 2.1
		USEBB : UseBB 1.0
		TURBULENCE : turbulence core 0.0
CVE:		CVE-2007-0691 (** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2066. Reason: This candidate is a duplicate of CVE-2007-2066. Notes: All CVE users should reference CVE-2007-2066 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.)

Original document		omnipresent_(at)_email.it, turbulence core.0.0.1-alpha - REMOTE FILE INCLUSION (21.04.2007)
		111 111, Wordpress (21.04.2007)
		securityresearch_(at)_netvigilance.com, UseBB Version 1.0.4 Path Disclosure Vulnerability (21.04.2007)

Discuss:

Read or add your comments to this news (0 comments)

Apple Mac OS X RPC portmapper service integer overflow
Published:		21.04.2007
Source:		FULL-DISCLOSURE
SecurityVulns ID:		7626
Type:		remote
Level:		6/10
Description:		Integer overflow during AUTH_UNIX RPC uahtneitcation.

Affected:		APPLE : MacOS X 10.3
		APPLE : Mac OS X 10.4

Original document

noreply_(at)_musecurity.com, [Full-disclosure] [MU-200704-01] Pre-Authentication Vulnerability in Mac OS X RPC runtime library (21.04.2007)

Discuss:

Read or add your comments to this news (0 comments)