Computer Security

Search:Vulnerability:21.12.2006
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



WinFTP FTP server / Dream FTP Server buffer overflow
updated since 20.12.2006
Published:21.12.2006
Source:MILW0RM
SecurityVulns ID:6962
Type:remote
Level:5/10
Description:Buffer overflow on oversized PASV command.
Affected:WINFTP : WinFtp 2.0
 DREAMFTP : DREAM FTP 1.02
CVE:CVE-2007-0338 (Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log.)
Files:Exploits WinFtp Server Version 2.0.2 Denial of Service"
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:21.12.2006
Source:
SecurityVulns ID:6964
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:VALDERSOFT : Valdersoft Shopping Cart 3.0
 POWERSCRIPTS : PowerClan 1.14
 MONO : mono 1.2
 CALACODE : @Mail 4.51
 PHPBUILDER : PHPBuilder 0.0
 NEWXOOPER : Newxooper 0.9
 PGMRELOADED : PgmReloaded 0.8
 TEXTSEND : TextSend 1.5
Original documentdocumentbilkopat_(at)_hotmail.com, Valdersoft Shopping Cart v3.0 (E-Commerce Software)*****[ commonIncludePath ] Remote File Include (21.12.2006)
 documentnuffsaid, TextSend <= 1.5 (config/sender.php) Remote File Include Vulnerability (21.12.2006)
 documentnuffsaid, PowerClan <= 1.14a (footer.inc.php) Remote File Include Vulnerability (21.12.2006)
 documentnuffsaid, PgmReloaded <= 0.8.5 Multiple Remote File Include Vulnerabilities (21.12.2006)
 documentDr Max Virus, Newxooper-php v0.9.1(chemin) Remote File Include Vulnerabilty (21.12.2006)
 documentthe master, PHPBuilder v0.0.2 Remote File Disclosure Vulnerability (21.12.2006)
 documentNetragard Security Advisories, [Full-disclosure] [NETRAGARD-20061220 SECURITY ADVISORY] [@Mail WebMail Cross Site Scripting Vulnerabilitity] (21.12.2006)
 documentjose.palanco_(at)_eazel.es, Mono XSP ASP.NET Server sourcecode disclosure vulnerability (21.12.2006)
Discuss:Read or add your comments to this news (0 comments)

ESET NOD32 antivirus multiple security vulnerabilities
updated since 20.12.2006
Published:21.12.2006
Source:BUGTRAQ
SecurityVulns ID:6961
Type:remote
Level:6/10
Description:Buffer overflow on .DOC documents and .CAB archives parsing, DoS on CHM files parsing.
Affected:ESET : NOD32 2.7
Original documentdocumentsecurity_(at)_nruns.com, [Full-disclosure] NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory (21.12.2006)
 documentsecurity_(at)_nruns.com, [Full-disclosure] NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory (20.12.2006)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server