Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		21.12.2009
Source:
SecurityVulns ID:		10485
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		DVBBS : Dvbbs 7.1
		SIMPLEPHPBLOG : Simple PHP Blog 0.5
		PHPCALENDAR : PHP-Calendar 1.1
		GANETI : Ganeti 1.2
		GANETI : Ganeti 2.0
		GANETI : Ganeti 2.1
		SIMPLEMACHINES : Simple Machine Forum 1.1
		PHPPOLLSCRIPT : phpPollScript 1.3
CVE:		CVE-2009-4261 (Multiple directory traversal vulnerabilities in the iallocator framework in Ganeti 1.2.4 through 1.2.8, 2.0.0 through 2.0.4, and 2.1.0 before 2.1.0~rc2 allow (1) remote attackers to execute arbitrary programs via a crafted external script name supplied through the HTTP remote API (RAPI) and allow (2) local users to execute arbitrary programs and gain privileges via a crafted external script name supplied through a gnt-* command, related to "path sanitization errors.")
		CVE-2009-3702 (Multiple absolute path traversal vulnerabilities in PHP-Calendar 1.1 allow remote attackers to include and execute arbitrary local files via a full pathname in the configfile parameter to (1) update08.php or (2) update10.php. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.)

Original document		admin_(at)_ekin0x.com, phpPollScript - 1.3 Remote File Include (21.12.2009)
		irancrash_(at)_gmail.com, SMF (Simple Machine Forum) 1.1.11 XSS - Discovered by : Khashayar Fereidani (21.12.2009)
		ISecAuditors Security Advisories, [ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability (21.12.2009)
		ISecAuditors Security Advisories, [ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability (21.12.2009)
		macaco-listo_(at)_hotmail.com, Re: Powered By Dvbbs Version 7.1.0 Sp1 By Pass (21.12.2009)
		hadikiamarsi_(at)_hotmail.com, Rumba XML XSS vulnerability (21.12.2009)
		Andrea Barisani, [Suspected Spam][oCERT-2009-019] Ganeti path sanitization errors (21.12.2009)

Files:		Simple PHP Blog <= 0.5.1 Local File Include Exploit
Discuss:		Read or add your comments to this news (0 comments)

acpid weak file permission
Published:		21.12.2009
Source:		BUGTRAQ
SecurityVulns ID:		10486
Type:		local
Level:		5/10
Description:		Log file is created world readable.

Affected:		ACPID : acpid 1.0
CVE:		CVE-2009-4235 (acpid 1.0.4 sets an unrestrictive umask, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file or cause a denial of service by overwriting this file, a different vulnerability than CVE-2009-4033.)

Original document

DEBIAN, [SECURITY] [DSA 1960-1] New acpid packages fix weak file permissions (21.12.2009)

Discuss:

Read or add your comments to this news (0 comments)

HP OpenView Storage Data Protector code execution updated since 17.12.2009
Published:		21.12.2009
Source:		BUGTRAQ
SecurityVulns ID:		10483
Type:		remote
Level:		6/10

Affected:		HP : OpenView Data Protector Application Recovery Manager 6.0
		HP : OpenView Data Protector Application Recovery Manager 5.50
CVE:		CVE-2007-2281
		CVE-2007-2280

Original document		ZDI, TPTI-09-15: HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability (21.12.2009)
		ZDI, ZDI-09-099: Hewlett-Packard OpenView Data Protector Backup Client Service Buffer Overflow Vulnerability (21.12.2009)
		HP, [security bulletin] HPSBMA02252 SSRT061258, SSRT061259 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Code Execution (17.12.2009)

Discuss:

Read or add your comments to this news (0 comments)