Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:21.04.2007
Source:
SecurityVulns ID:7625
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WORDPRESS : WordPress 2.1
 USEBB : UseBB 1.0
 TURBULENCE : turbulence core 0.0
CVE:CVE-2007-0691 (** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2066. Reason: This candidate is a duplicate of CVE-2007-2066. Notes: All CVE users should reference CVE-2007-2066 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.)
Original documentdocumentomnipresent_(at)_email.it, turbulence core.0.0.1-alpha - REMOTE FILE INCLUSION (21.04.2007)
 document111 111, Wordpress (21.04.2007)
 documentsecurityresearch_(at)_netvigilance.com, UseBB Version 1.0.4 Path Disclosure Vulnerability (21.04.2007)

Apple Mac OS X RPC portmapper service integer overflow
Published:21.04.2007
Source:
SecurityVulns ID:7626
Type:remote
Threat Level:
6/10
Description:Integer overflow during AUTH_UNIX RPC uahtneitcation.
Affected:APPLE : MacOS X 10.3
 APPLE : Mac OS X 10.4
Original documentdocumentnoreply_(at)_musecurity.com, [Full-disclosure] [MU-200704-01] Pre-Authentication Vulnerability in Mac OS X RPC runtime library (21.04.2007)

OpenSSH account enumeration
Published:21.04.2007
Source:
SecurityVulns ID:7627
Type:remote
Threat Level:
4/10
Description:S/Key is requested only for existing user account, if S/Key authentication is used.
Affected:OPENSSH : OpenSSH 4.6
Original documentdocumentrembrandt, [Full-disclosure] OpenSSH - System Account Enumeration if S/Key is used (21.04.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod