Search:Vulnerability:21.05.2009 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 21.05.2009
Source: BUGTRAQ
SecurityVulns ID: 9916
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: NOVELL : GroupWise 7.0
DRUPAL : Drupal 6.12
IMENAFZAR : Namad Cms 2.0
DOGARCHIVE : -Dog Pedigree Online Database 1.0
JORP : jorp 1.3
SUN : Communications Express 6.3
DMXREADY : DMXReady Registration Manager 1.1
MYGESUAD : my-Gesuad 0.9
MYCOOLEX : my-colex 1.4
NOVELL : GroupWise 7.03
NOVELL : Groupwise 8.0
CVE: CVE-2009-1635 (Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to inject arbitrary web script or HTML via (1) the User.lang parameter to the login page (aka gw/webacc), (2) style expressions in a message that contains an HTML file, or (3) vectors associated with incorrect protection mechanisms against scripting, as demonstrated using whitespace between JavaScript event names and values.)

Original document swhite_(at)_securestate.com, Novell GroupWise Web Access Multiple XSS (21.05.2009)

y3nh4ck3r_(at)_gmail.com, MULTIPLE SQL INJECTION VULNERABILITIES --Flash Quiz Beta 2--> (21.05.2009)

ddvulnalert_(at)_ddifronline.com, DDIVRT-2009-25 IPsession SQL Injection Vulnerability (21.05.2009)

document Justin C. Klein Keane, [Full-disclosure] Drupal 6.12 (core) User Module XSS Vulnerability (21.05.2009)

info_(at)_securitylab.ir, DMXReady Registration Manager Arbitrary File Upload Vulnerability (21.05.2009)

y3nh4ck3r_(at)_gmail.com, MULTIPLE REMOTE VULNERABILITIES --my-colex 1.4.2--> (21.05.2009)

document y3nh4ck3r_(at)_gmail.com, MULTIPLE REMOTE VULNERABILITIES --my-Gesuad 0.9.14--> (21.05.2009)

CORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2009-0109 - Multiple XSS in Sun Communications Express (21.05.2009)

y3nh4ck3r_(at)_gmail.com, (GET vars 'x' & 'y') ADMIN FUNCTION EXECUTION--Jorp v-1.3.05.09--> (21.05.2009)

document y3nh4ck3r_(at)_gmail.com, INSECURE COOKIE HANDLING VULNERABILITIES --Dog Pedigree Online Database v1.0.1-Beta--> (21.05.2009)

y3nh4ck3r_(at)_gmail.com, (GET var 'id') BLIND SQL INJECTION EXPLOIT --Dog Pedigree Online Database v1.0.1-Beta --> (21.05.2009)

info_(at)_securitylab.ir, Namad Cms Remote File Download (21.05.2009)

Files: (GET var 'id') BLIND SQL INJECTION EXPLOIT Dog Pedigree Online Database v1.0.1-Beta
Discuss: Read or add your comments to this news (0 comments)

name service daemon buffer overflow
Published: 21.05.2009
Source: BUGTRAQ
SecurityVulns ID: 9919
Type: remote
Level: 5/10

Affected: NSD : nsd 2.3

Original document DEBIAN, [SECURITY] [DSA 1803-1] New nsd packages fix denial of service (21.05.2009)

Discuss: Read or add your comments to this news (0 comments)

Cisco Works TFTP server directory traversal
Published: 21.05.2009
Source: BUGTRAQ
SecurityVulns ID: 9920
Type: remote
Level: 5/10

Affected: CISCO : CiscoWorks Common Services 3.0
CISCO : CiscoWorks Common Services 3.1
CISCO : CiscoWorks Common Services 3.2

Original document CISCO, Cisco Security Advisory: CiscoWorks TFTP Directory Traversal Vulnerability (21.05.2009)

Discuss: Read or add your comments to this news (0 comments)

Valve Steam crossite scripting
Published: 21.05.2009
Source: FULL-DISCLOSURE
SecurityVulns ID: 9923
Type: client
Level: 5/10
Description: Crossite scripting with steam://publisher/ URL.

Original document gabriel_(at)_falandodeseguranca.com, [Full-disclosure] STEAM (Valve) - Phishing and Cross-site Scripting in internal browser (21.05.2009)

Discuss: Read or add your comments to this news (0 comments)

IBM AIX symbolic links vulnerability
Published: 21.05.2009
Source: BUGTRAQ
SecurityVulns ID: 9917
Type: library
Level: 6/10
Description: Symbolic links vulnerability in libc dynamic memory debugging functionality.

Affected: IBM : AIX 5.3

Original document IDEFENSE, iDefense Security Advisory 05.20.09: IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability (21.05.2009)

Discuss: Read or add your comments to this news (0 comments)

Armorlogic Profense Web Application Firewall multiple security vulnerabilities
Published: 21.05.2009
Source: BUGTRAQ
SecurityVulns ID: 9918
Type: remote
Level: 5/10
Description: Protection bypass, static default password.

Affected: AMORLOGIC : Profense Web Application Firewall 2.4
AMORLOGIC : Profense Web Application Firewall 2.2
CVE: CVE-2009-1594 (Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properly implement the "positive model," which allows remote attackers to bypass certain protection mechanisms via a %0A (encoded newline), as demonstrated by a %0A in a cross-site scripting (XSS) attack URL.)
CVE-2009-1593 (Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properly implement the "negative model," which allows remote attackers to conduct cross-site scripting (XSS) attacks via a modified end tag of a SCRIPT element.)

Original document publists_(at)_enablesecurity.com, Armorlogic Profense Web Application Firewall 2.4 multiple vulnerabilities. (21.05.2009)

Discuss: Read or add your comments to this news (0 comments)

NetMechanica NetDecision TFTP Server directory traversal
Published: 21.05.2009
Source: BUGTRAQ
SecurityVulns ID: 9922
Type: remote
Level: 5/10

Affected: NETMECHANICA : NetDecision TFTP Server 4.2

Original document vuln_research_(at)_princeofnigeria.org, NetDecision TFTP Server 4.2 TFTP Directory Traversal (21.05.2009)

Discuss: Read or add your comments to this news (0 comments)

OpenSSL multiple security vulnerabilities
Published: 21.05.2009
Source: BUGTRAQ
SecurityVulns ID: 9925
Type: library
Level: 6/10
Description: Memory corruptions, memory leaks.

Affected: OPENSSL : OpenSSL 0.9
CVE: CVE-2009-1378 (Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak.")
CVE-2009-1377 (The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug.")

Original document MANDRIVA, [ MDVSA-2009:120 ] openssl (21.05.2009)

Discuss: Read or add your comments to this news (0 comments)

libsndfile / WinAmp buffer overflow
updated since 21.05.2009
Published: 29.05.2009
Source: BUGTRAQ
SecurityVulns ID: 9921
Type: library
Level: 6/10
Description: Heap buffer overflow on .VOC files processing. Buffer overflow on AIFF parsing.

Affected: LIBSNDFILE : libsndfile 1.0
NULLSOFT : Winamp 5.5
CVE: CVE-2009-1791 (Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value.)
CVE-2009-1788 (Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value.)

Original document GENTOO, [ GLSA 200905-09 ] libsndfile: User-assisted execution of arbitrary code (29.05.2009)

tk_(at)_trapkit.de, [TKADV2009-006] libsndfile/Winamp VOC Processing Heap Buffer Overflow (21.05.2009)

Discuss: Read or add your comments to this news (0 comments)

HP System Management Homepage crossite scripting
updated since 21.05.2009
Published: 04.02.2010
Source: BUGTRAQ
SecurityVulns ID: 9924
Type: remote
Level: 4/10

Affected: HP : HP System Management Homepage 3.0
CVE: CVE-2009-4185 (Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.)
CVE-2009-1418 (Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
CVE-2008-5814 (Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208.)
CVE-2008-5077 (OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.)

Original document HP, [security bulletin] HPSBMA02504 SSRT090220 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) (04.02.2010)

HP, [security bulletin] HPSBMA02426 SSRT090053 rev.1 - HP System Management Homepage (SMH) for Linux and Windows Running PHP and OpenSSL, Remote Cross Site Scripting (XSS), Unauthorized Access (21.05.2009)

document HP, [security bulletin] HPSBMA02428 SSRT090048 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) (21.05.2009)

Discuss: Read or add your comments to this news (0 comments)

test server