Computer Security

Search:Vulnerability:22.02.2006
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:22.02.2006
Source:
SecurityVulns ID:5807
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PUNBB : PunBB 1.2
 CUREPHP : CuteNews 1.4
 INVISION : Invision Power Board 2.1
 BIRTHSYS : BirthSys 3.1
 CPANEL : cPanel 10.8
 MAGICNEWSLITE : Magic News Lite 1.2
 REAMDAYSOFT : Magic Downloads 1.1
 PEAR : Pear 0.16
Original documentdocumentJeiAr, PEAR LiveUser File Access Vulnerabilities (22.02.2006)
 documentimei, [myimei]CuteNews1.4.1~ Add Comment For Protected UserNames~ XSS Attack (22.02.2006)
 documentAliaksandr Hartsuyeu, [eVuln] Magic Downloads Unauthorized Data Modification (22.02.2006)
 documentMustafa Can Bjorn IPEKCI, MiniNuke CMS System all versions (pages.asp) SQL Injection (22.02.2006)
 documentAliaksandr Hartsuyeu, [eVuln] Magic News Lite PHP Code Execution & Unauthorized Data Modification (22.02.2006)
 documentEd Wiget, how to crash apache/php in cpanel (22.02.2006)
 documentk4p0k4p0_(at)_hotmail.com, [eVuln] BirthSys SQL Injection Vulnerability (22.02.2006)
 documentk4p0k4p0_(at)_hotmail.com, PunBB 1.2.10 Multiple DoS Vulnerabilities (22.02.2006)
 documentpaisterist.nst_(at)_gmail.com, Invision Power Board 2.1.4 Multiple Vulnerabilities (22.02.2006)
Discuss:Read or add your comments to this news (0 comments)

Multiple Bugzilla bug tracking system security vulnerabilities
Published:22.02.2006
Source:BUGTRAQ
SecurityVulns ID:5808
Type:remote
Level:5/10
Description:SQL injection cross site scripting.
Affected:BUGZILLA : Bugzilla 2.20
Original documentdocumentBUGZILLA, [BUGZILLA] Security Advisory for Bugzilla 2.20, 2.21.1, and 2.18.4 (22.02.2006)
Discuss:Read or add your comments to this news (0 comments)

Tar tape archiver buffer overflow
Published:22.02.2006
Source:BUGTRAQ
SecurityVulns ID:5810
Type:local
Level:5/10
Description:Buffer overflow on extended PAX headers parsing.
Original documentdocumentMANDRIVA, [Full-disclosure] [ MDKSA-2006:046 ] - Updated tar packages fix vulnerability (22.02.2006)
Discuss:Read or add your comments to this news (0 comments)

Novell Common Authentication Service Adapter buffer overflow
Published:22.02.2006
Source:FULL-DISCLOSURE
SecurityVulns ID:5812
Type:remote
Level:6/10
Description:pam_micasa pre-authentication buffer overflow.
Affected:NOVELL : Novell Linux Desktop 9
 NOVELL : Open Enterprise Server 1
Original documentdocumentSUSE, [Full-disclosure] SUSE Security Announcement: CASA remote code execution (SUSE-SA:2006:010) (22.02.2006)
Discuss:Read or add your comments to this news (0 comments)

MacOS X ZIP archives code execution
Published:22.02.2006
Source:SECUNIA
SecurityVulns ID:5811
Type:client
Level:6/10
Description:It's possible to set files associations with __MACOSX folder.
Affected:APPLE : Mac OS X 10.4
 APPLE : Safari 2.0
Original documentdocumentSECUNIA, [SA18963] Mac OS X "__MACOSX" ZIP Archive Shell Script Execution (22.02.2006)
Files:This module exploits a vulnerability in Safari's "Safe file" feature
Discuss:Read or add your comments to this news (0 comments)

Multiple Microsoft Windows Media Player vulnerabilities
updated since 15.02.2006
Published:22.02.2006
Source:BUGTRAQ
SecurityVulns ID:5769
Type:client
Level:8/10
Description:Buffer overflow on BMP files playing. Buffer overflow on oversized SRC for HTML page with EMBED'ded WMP. May be used for client machine trojaning.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS06-006 Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564) (15.02.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-005 Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565) (15.02.2006)
 documentCERT, US-CERT Technical Cyber Security Alert TA06-045A -- Microsoft Windows, Windows Media Player, and Internet Explorer Vulnerabilities (15.02.2006)
 documentEEYE, [EEYEB-20051017] Windows Media Player BMP Heap Overflow (15.02.2006)
 documentIDEFENSE, iDefense Security Advisory 02.14.06: Microsoft Windows Media Player Plugin Buffer Overflow Vulnerability (15.02.2006)
Files:Exploits Windows Media Player BMP Heap Overflow (MS06-005)
 Exploits Bulletin MS06-005 Vulnerability in Windows Media Player Could Allow Remote Code Execution
 Windows Media Player Plug-in for Non-Microsoft Browsers Code Execution (MS06-006) - Exploit II
 Windows Media Player Plug-in for Non-Microsoft Browsers Code Execution (MS06-006)
 Exploiting 'Non-Critical' Media Player Vulnerabilities for Fun and Profit
 Microsoft Security Bulletin MS06-005 Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565)
 Microsoft Security Bulletin MS06-006 Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)
Discuss:Read or add your comments to this news (0 comments)

PnuPG gpgv / gpg invalid return code
updated since 16.02.2006
Published:22.02.2006
Source:SECUNIA
SecurityVulns ID:5786
Type:client
Level:5/10
Description:Utility returns 0 status code if no signature found.
Affected:GNUPG : gpg 1.4
Original documentdocumentMarcus Meissner, Not completely fixed? (was: False positive signature verification in GnuPG) (22.02.2006)
 documentWerner Koch, False positive signature verification in GnuPG (18.02.2006)
 documentSECUNIA, [SA18845] GnuPG "gpgv" Signature Verification Security Issue (16.02.2006)
Discuss:Read or add your comments to this news (0 comments)

Hauri Virobot antivirus privilege esalation
Published:22.02.2006
Source:BUGTRAQ
SecurityVulns ID:5813
Type:local
Level:5/10
Description:Local user can obtain unrestricted access with suid CGI executable.
Affected:HAURI : ViRobot Linux Server 2.0
Original documentdocumentdong-h0un U, [Full-disclosure] [INetCop Security Advisory] Global Hauri Virobot cookie exploit (22.02.2006)
Discuss:Read or add your comments to this news (0 comments)

TrueNorth IA eMailserver IMAP server buffer overflow
Published:22.02.2006
Source:BUGTRAQ
SecurityVulns ID:5809
Type:remote
Level:5/10
Description:Buffer overflow in oversized SEARCH command.
Affected:TRUENORTH : IA eMailserver 5.3
Original documentdocumentJoгo Antunes, [AJECT] TrueNorth IA eMailserver 5.3.4 buffer overflow vulnerability (22.02.2006)
Discuss:Read or add your comments to this news (0 comments)

SCO Unixware ptrace privilege escalation
updated since 22.02.2006
Published:25.02.2006
Source:FULL-DISCLOSURE
SecurityVulns ID:5814
Type:local
Level:5/10
Description:ptrace can be attached to suid application.
Affected:SCO : UnixWare 7.1
Original documentdocumentIDEFENSE, iDefense Security Advisory 02.24.06: SCO Unixware Setuid ptrace Local Privilege Escalation Vulnerability (25.02.2006)
 documentSCO, [Full-disclosure] SCOSA-2006.9 UnixWare 7.1.3 UnixWare 7.1.4 : Setuid ptrace Local Privilege Escalation Vulnerability (22.02.2006)
Files:SCO Unixware 7.1.3 ptrace local root exploit
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server