Computer Security

Search:Vulnerability:21.06.2007
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



HP Help and Support Center buffer overflow
Published:21.06.2007
Source:BUGTRAQ
SecurityVulns ID:7833
Type:remote
Level:5/10
CVE:CVE-2007-3180 (Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBPI02226 SSRT061274 rev.1 - HP Help and Support Center Running on HP Notebook Computers Running with Windows XP, Remote Unauthorized Access (21.06.2007)
Discuss:Read or add your comments to this news (0 comments)

ProFTPD authentication bypass
Published:21.06.2007
Source:CVE
SecurityVulns ID:7836
Type:remote
Level:6/10
Description:There is no check data used for authentication is retrieved by the same authentication module if multiple authentication modules are configured.
Affected:PROFTPD : ProFTPD 1.3
CVE:CVE-2007-2165 (The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow remote attackers to bypass authentication, as demonstrated by use of SQLAuthTypes Plaintext in mod_sql, with data retrieved from /etc/passwd.)
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:21.06.2007
Source:
SecurityVulns ID:7832
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:NETJUKEBOX : netjukebox 4.01
 INTERACT : Interact 2.4
Original documentdocumentr0t, PHPAccounts vuln. (21.06.2007)
 documentr0t, Interact multiple XSS vuln. (21.06.2007)
 documentr0t, netjukebox vuln. (21.06.2007)
Discuss:Read or add your comments to this news (0 comments)

httpsv multiple security vulnerabilities
Published:21.06.2007
Source:BUGTRAQ
SecurityVulns ID:7834
Type:remote
Level:5/10
Description:It's possible to retrieve script source with URL like http://127.0.0.1/test.htm%20. DoS on large number of requests to non-existant pages.
Affected:HTTPSV : httpsv 1.6
Original documentdocumentimprili_(at)_gmail.com, HTTP SERVER (httpsv1.6.2) 404 Denial of Service (21.06.2007)
 documentimprili_(at)_gmail.com, HTTP SERVER (httpsv1.6.2) source code disclosure (21.06.2007)
Files:HTTP SERVER (httpsv1.6.2) 404 Denial of Service
Discuss:Read or add your comments to this news (0 comments)

MyServer HTTP server multiple security vulnerabilities
Published:21.06.2007
Source:BUGTRAQ
SecurityVulns ID:7835
Type:remote
Level:5/10
Description:Crossite scripting with demo pages, script source code access with capital character in path.
Affected:MYSERVER : MyServer 0.8
Original documentdocumentimprili_(at)_gmail.com, MyServer-0.8.9 - xss in sample cgi page (21.06.2007)
 documentimprili_(at)_gmail.com, MyServer-0.8.9 - source code disclosure (21.06.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server