SmbClientParser shell characters vulnerability
Published:		22.07.2008
Source:		BUGTRAQ
SecurityVulns ID:		9163
Type:		client
Level:		5/10
Description:		Shell characters vulnerability with shared folder names.

Affected:

SMBCLIENTPARSER : SmbClientParser 2.7

Original document

ISecAuditors Security Advisories, [ISecAuditors Security Advisories] SmbClientParser Perl module allows remote command execution (22.07.2008)

Discuss:

Read or add your comments to this news (0 comments)

EMC Dantz Retrospect backup server and lcient multiple security vulnerabilities
Published:		22.07.2008
Source:		FULL-DISCLOSURE
SecurityVulns ID:		9166
Type:		remote
Level:		6/10
Description:		Password recovery from hash for both server and client, memory corruption, DoS.

Affected:		EMC : Dantz Retrospect 7
		EMC : Dantz Retrospect Backup Server 7.5
		EMC : Dantz Retrospect Backup Client 7.5

Original document		zhliu_(at)_fortinet.com, [Full-disclosure] EMC Dantz Retrospect 7 backup Client PlainText Password Hash Disclosure Vulnerability (22.07.2008)
		zhliu_(at)_fortinet.com, FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 Remote Memory corruption Vulnerability (22.07.2008)
		zhliu_(at)_fortinet.com, FGA-2008-16: EMC Dantz Retrospect 7 backup Server Authentication Module Weak Password Hash Arithmetic Vulnerability (22.07.2008)
		zhliu_(at)_fortinet.com, FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability (22.07.2008)

Discuss:

Read or add your comments to this news (0 comments)

ZDaemon games server DoS
Published:		22.07.2008
Source:		BUGTRAQ
SecurityVulns ID:		9167
Type:		remote
Level:		5/10
Description:		NULL pointer dereference on malformed network packet.

Affected:

ZDAEMON : ZDaemon 1.08

Original document

Luigi Auriemma, NULL pointer in ZDaemon 1.08.07 (22.07.2008)

Files:		Exploits ZDaemon <= 1.08.07 NULL pointer
Discuss:		Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		22.07.2008
Source:
SecurityVulns ID:		9165
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PostNuke: crossite scripting, automation protection bypass.

Affected:		POSTNUKE : PostNuke 0.7
		MYBLOG : MyBlog 0.9
		INTERACT : Interact 2.4
		flip : Flip 3.0
		EASYPUBLISH : EasyPublish 3.0
		EASYCARDS : Easyecards 310
		EASYBOKMARKER : Easybookmarker 40
		EASYDYNAMICPAGES : Easydynamicpages 30
		SOCIALENGINE : SocialEngine 2.82

Original document		Peter Wiesen, E-Mail header Injection in HiFriend (22.07.2008)
		tim.loshak_(at)_gmail.com, Vulnerability: SocialEngine (SocialEngine.net) high risk security flaw (22.07.2008)
		Digital Security Research Group [DSecRG], [DSECRG-08-031] Local File Include Vulnerability in Interact 2.4.1 (22.07.2008)
		admin_(at)_bugreport.ir, MyBlog <=0.9.8 Multiple Vulnerabilities (22.07.2008)
		Ghost hacker, EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability (22.07.2008)
		irancrash_(at)_gmail.com, Easydynamicpages 30tr Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) (22.07.2008)
		irancrash_(at)_gmail.com, Maran PHP Blog Xss By Khashayar Fereidani (22.07.2008)
		irancrash_(at)_gmail.com, Easybookmarker 40tr Xss Vulnerability By Khashayar Fereidani (22.07.2008)
		irancrash_(at)_gmail.com, Easyecards 310a Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) By Khashayar Fereidani (22.07.2008)
		irancrash_(at)_gmail.com, EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) (22.07.2008)
		Cru3l.b0y, Flip V3.0 final (22.07.2008)
		MustLive, Vulnerabilities in PostNuke (22.07.2008)

Files:		EasyPublish 3.0tr Exploit
		Easyecards 310a Exploit
		Easydynamicpages 30tr Exploit
Discuss:		Read or add your comments to this news (0 comments)

MySQL privilege escalation updated since 22.07.2008
Published:		10.11.2008
Source:		CVE
SecurityVulns ID:		9164
Type:		local
Level:		5/10
Description:		It's possible to specify file of different database in CREATE TABLE.

Affected:		MYSQL : MySQL 4.1
		ORACLE : MySQL 5.0
		ORACLE : MySQL 5.1
		MYSQL : MySQL 6.0
CVE:		CVE-2008-4098 (MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.)
		CVE-2008-4097 (MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.)
		CVE-2008-2079 (MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.)

Original document

DEBIAN, [SECURITY] [DSA 1662-1] New mysql-dfsg-5.0 packages fix authorization bypass (10.11.2008)

Discuss:

Read or add your comments to this news (0 comments)