Computer Security
[EN] securityvulns.ru no-pyccku


PHP mysql_error() crosssite scripting
Published:21.09.2006
Source:
SecurityVulns ID:6639
Type:library
Threat Level:
4/10
Description:Crossite scripting is possible if mysql_error() result is used in application output.
Affected:PHP : PHP 4.4
 PHP : PHP 5.1
Original documentdocumentgmdarkfig_(at)_gmail.com, mysql_error() can lead to Cross Site Scripting attacks (21.09.2006)

RSA Keyon Manager audit functionality bypass
Published:21.09.2006
Source:
SecurityVulns ID:6640
Type:local
Threat Level:
5/10
Description:Log records blocks are independently signed, making it possible to remove whole block without notice. Records are collected locally before being signed and sent to server, making it possible to tamper log entries.
Affected:RSA : Keyon Manager 6.6
Original documentdocumentKonstantin Gavrilenko, [Full-disclosure] RSA Keyon Log verification bypass vulnerability (21.09.2006)

TFTPDWIN TFTP server buffer overflow
Published:21.09.2006
Source:
SecurityVulns ID:6641
Type:remote
Threat Level:
5/10
Description:Buffer overflow on oversized requested resource filename.
Affected:TFTPDWIN : TFTPdWin 0.4
CVE:CVE-2007-1404 (tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 allows remote attackers to cause a denial of service via a long UDP packet that is not properly handled in a recv_from call. NOTE: this issue might be related to CVE-2006-4948.)
 CVE-2006-4948 (Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a long file name. NOTE: the provenance of this information is unknown; the details are obtained from third party information.)
Original documentdocumentSECUNIA, [SA21854] TFTP Server TFTPDWIN Buffer Overflow Vulnerability (21.09.2006)
Files:TFTPDWIN Server UDP DOS 0.4.2 POC

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 21.09.2006
Published:21.09.2006
Source:
SecurityVulns ID:6642
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MAXDEV : MD-Pro 1.0
 ALLMYGUESTS : ALlMyGuests 0.4
 EXV2 : exV2 2.0
 PHPARTENAIRE : PHPartenaire 1.0
 POWERNEWS : PowerNews 1.1
 PTNEWS : PTNews 1.7
 DRUPAL : Search Keywords Drupal module 4.7
 DOTNETNUKE : DotNetNuke 4.3
 DOTNETNUKE : DotNetNuke 3.3
Original documentdocumentSECUNIA, [SA22051] DotNetNuke "error" Parameter Cross-Site Scripting Vulnerability (21.09.2006)
 documentSECUNIA, [SA22050] MAXdev MD-Pro Cross-Site Scripting Vulnerability (21.09.2006)
 documentSECUNIA, [SA21979] eSyndiCat Directory Software "what" Cross-Site Scripting (21.09.2006)
 documentSECUNIA, [SA22021] Drupal Search Keywords Module Script Insertion (21.09.2006)
 documentSECUNIA, [SA22028] PT News "pgname" Cross-Site Scripting Vulnerability (21.09.2006)
 documentSECUNIA, [SA22030] NextAge Cart "CatId" and "SearchWd" Cross-Site Scripting (21.09.2006)
 documentCvIr.System_(at)_gmail.com, PowerNews v1.1.0 (nbs) Remote File Inclusion (21.09.2006)
 documentdadiss_(at)_virtuaplanet.net, PHPartenaire => $url_phpartenaire Remote File Inclusion Exploit (21.09.2006)
 documentBrahim_(at)_legenie.net, AllMyGuests => ?_AMGconfig[cfg_serverpath] Remote File Inclusion Exploit (21.09.2006)
Files:Exploits exV2 <= 2.0.4.3 "sort" SQL injection / administrative credentials disclosure

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod