Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:21.05.2009
Source:
SecurityVulns ID:9916
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:NOVELL : GroupWise 7.0
 DRUPAL : Drupal 6.12
 IMENAFZAR : Namad Cms 2.0
 DOGARCHIVE : -Dog Pedigree Online Database 1.0
 JORP : jorp 1.3
 SUN : Communications Express 6.3
 DMXREADY : DMXReady Registration Manager 1.1
 MYGESUAD : my-Gesuad 0.9
 MYCOOLEX : my-colex 1.4
 NOVELL : GroupWise 7.03
 NOVELL : GroupWise 8.0
CVE:CVE-2009-1635 (Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to inject arbitrary web script or HTML via (1) the User.lang parameter to the login page (aka gw/webacc), (2) style expressions in a message that contains an HTML file, or (3) vectors associated with incorrect protection mechanisms against scripting, as demonstrated using whitespace between JavaScript event names and values.)
Original documentdocumentswhite_(at)_securestate.com, Novell GroupWise Web Access Multiple XSS (21.05.2009)
 documenty3nh4ck3r_(at)_gmail.com, MULTIPLE SQL INJECTION VULNERABILITIES --Flash Quiz Beta 2--> (21.05.2009)
 documentddvulnalert_(at)_ddifronline.com, DDIVRT-2009-25 IPsession SQL Injection Vulnerability (21.05.2009)
 documentJustin C. Klein Keane, [Full-disclosure] Drupal 6.12 (core) User Module XSS Vulnerability (21.05.2009)
 documentinfo_(at)_securitylab.ir, DMXReady Registration Manager Arbitrary File Upload Vulnerability (21.05.2009)
 documenty3nh4ck3r_(at)_gmail.com, MULTIPLE REMOTE VULNERABILITIES --my-colex 1.4.2--> (21.05.2009)
 documenty3nh4ck3r_(at)_gmail.com, MULTIPLE REMOTE VULNERABILITIES --my-Gesuad 0.9.14--> (21.05.2009)
 documentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2009-0109 - Multiple XSS in Sun Communications Express (21.05.2009)
 documenty3nh4ck3r_(at)_gmail.com, (GET vars 'x' & 'y') ADMIN FUNCTION EXECUTION--Jorp v-1.3.05.09--> (21.05.2009)
 documenty3nh4ck3r_(at)_gmail.com, INSECURE COOKIE HANDLING VULNERABILITIES --Dog Pedigree Online Database v1.0.1-Beta--> (21.05.2009)
 documenty3nh4ck3r_(at)_gmail.com, (GET var 'id') BLIND SQL INJECTION EXPLOIT --Dog Pedigree Online Database v1.0.1-Beta --> (21.05.2009)
 documentinfo_(at)_securitylab.ir, Namad Cms Remote File Download (21.05.2009)
Files:(GET var 'id') BLIND SQL INJECTION EXPLOIT Dog Pedigree Online Database v1.0.1-Beta

name service daemon buffer overflow
Published:21.05.2009
Source:
SecurityVulns ID:9919
Type:remote
Threat Level:
5/10
Affected:NSD : nsd 2.3
Original documentdocumentDEBIAN, [SECURITY] [DSA 1803-1] New nsd packages fix denial of service (21.05.2009)

Cisco Works TFTP server directory traversal
Published:21.05.2009
Source:
SecurityVulns ID:9920
Type:remote
Threat Level:
5/10
Affected:CISCO : CiscoWorks Common Services 3.0
 CISCO : CiscoWorks Common Services 3.1
 CISCO : CiscoWorks Common Services 3.2
Original documentdocumentCISCO, Cisco Security Advisory: CiscoWorks TFTP Directory Traversal Vulnerability (21.05.2009)

Valve Steam crossite scripting
Published:21.05.2009
Source:
SecurityVulns ID:9923
Type:client
Threat Level:
5/10
Description:Crossite scripting with steam://publisher/ URL.
Original documentdocumentgabriel_(at)_falandodeseguranca.com, [Full-disclosure] STEAM (Valve) - Phishing and Cross-site Scripting in internal browser (21.05.2009)

IBM AIX symbolic links vulnerability
Published:21.05.2009
Source:
SecurityVulns ID:9917
Type:library
Threat Level:
6/10
Description:Symbolic links vulnerability in libc dynamic memory debugging functionality.
Affected:IBM : AIX 5.3
Original documentdocumentIDEFENSE, iDefense Security Advisory 05.20.09: IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability (21.05.2009)

Armorlogic Profense Web Application Firewall multiple security vulnerabilities
Published:21.05.2009
Source:
SecurityVulns ID:9918
Type:remote
Threat Level:
5/10
Description:Protection bypass, static default password.
Affected:AMORLOGIC : Profense Web Application Firewall 2.4
 AMORLOGIC : Profense Web Application Firewall 2.2
CVE:CVE-2009-1594 (Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properly implement the "positive model," which allows remote attackers to bypass certain protection mechanisms via a %0A (encoded newline), as demonstrated by a %0A in a cross-site scripting (XSS) attack URL.)
 CVE-2009-1593 (Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properly implement the "negative model," which allows remote attackers to conduct cross-site scripting (XSS) attacks via a modified end tag of a SCRIPT element.)
Original documentdocumentpublists_(at)_enablesecurity.com, Armorlogic Profense Web Application Firewall 2.4 multiple vulnerabilities. (21.05.2009)

NetMechanica NetDecision TFTP Server directory traversal
Published:21.05.2009
Source:
SecurityVulns ID:9922
Type:remote
Threat Level:
5/10
Affected:NETMECHANICA : NetDecision TFTP Server 4.2
Original documentdocumentvuln_research_(at)_princeofnigeria.org, NetDecision TFTP Server 4.2 TFTP Directory Traversal (21.05.2009)

OpenSSL multiple security vulnerabilities
Published:21.05.2009
Source:
SecurityVulns ID:9925
Type:library
Threat Level:
6/10
Description:Memory corruptions, memory leaks.
Affected:OPENSSL : OpenSSL 0.9
CVE:CVE-2009-1378 (Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak.")
 CVE-2009-1377 (The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug.")
Original documentdocumentMANDRIVA, [ MDVSA-2009:120 ] openssl (21.05.2009)

libsndfile / WinAmp buffer overflow
updated since 21.05.2009
Published:29.05.2009
Source:
SecurityVulns ID:9921
Type:library
Threat Level:
6/10
Description:Heap buffer overflow on .VOC files processing. Buffer overflow on AIFF parsing.
Affected:LIBSNDFILE : libsndfile 1.0
 NULLSOFT : Winamp 5.5
CVE:CVE-2009-1791 (Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value.)
 CVE-2009-1788 (Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value.)
Original documentdocumentGENTOO, [ GLSA 200905-09 ] libsndfile: User-assisted execution of arbitrary code (29.05.2009)
 documenttk_(at)_trapkit.de, [TKADV2009-006] libsndfile/Winamp VOC Processing Heap Buffer Overflow (21.05.2009)

HP System Management Homepage crossite scripting
updated since 21.05.2009
Published:04.02.2010
Source:
SecurityVulns ID:9924
Type:remote
Threat Level:
4/10
Affected:HP : HP System Management Homepage 3.0
CVE:CVE-2009-4185 (Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.)
 CVE-2009-1418 (Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2008-5814 (Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208.)
 CVE-2008-5077 (OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.)
Original documentdocumentHP, [security bulletin] HPSBMA02504 SSRT090220 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) (04.02.2010)
 documentHP, [security bulletin] HPSBMA02426 SSRT090053 rev.1 - HP System Management Homepage (SMH) for Linux and Windows Running PHP and OpenSSL, Remote Cross Site Scripting (XSS), Unauthorized Access (21.05.2009)
 documentHP, [security bulletin] HPSBMA02428 SSRT090048 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) (21.05.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod