Computer Security
[EN] securityvulns.ru no-pyccku


Multiple Intel Centrino / PROSet / Apple Airport wireless drivers security vulnerabilities
updated since 10.08.2006
Published:22.09.2006
Source:
SecurityVulns ID:6475
Type:remote
Threat Level:
9/10
Description:Multiple vulnerabilities, including local privilege escalation anre remote code execution.
Affected:APPLE : MacOS X 10.3
 APPLE : Mac OS X 10.4
 INTEL : Intel PRO/Wireless 2200BG
 INTEL : Intel PRO/Wireless 2915ABG
 INTEL : Intel PRO/Wireless 2100
 INTEL : Intel PRO/Wireless 3945ABG
CVE:CVE-2007-0686 (The Intel 2200BG 802.11 Wireless Mini-PCI driver 9.0.3.9 (w29n51.sys) allows remote attackers to cause a denial of service (system crash) via crafted disassociation packets, which triggers memory corruption of "internal kernel structures," a different vulnerability than CVE-2006-6651. NOTE: this issue might overlap CVE-2006-3992.)
 CVE-2006-3992 (Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, and (4) w29n51.sys Microsoft Windows drivers for Intel 2200BG and 2915ABG PRO/Wireless Network Connection before 10.5 with driver 9.0.4.16 allows remote attackers to execute arbitrary code via certain frames that trigger memory corruption.)
Original documentdocumentAPPLE, About the security content of AirPort Update 2006-001 and Security Update 2006-005 (22.09.2006)
 documentINTEL, Intel® Centrino Wireless Driver Malformed Frame Privilege Escalation (10.08.2006)
 documentINTEL, Intel® PROSet/Wireless Software Local Information Disclosure (10.08.2006)
 documentINTEL, Intel® Centrino Wireless Driver Malformed Frame Remote Code Execution (10.08.2006)
Files:Exploits Intel 2200BG 802.11 disassociation packet Kernel Memory Corruption

Multiple Apple QuickTime security vulnerabilities
updated since 13.09.2006
Published:22.09.2006
Source:
SecurityVulns ID:6607
Type:client
Threat Level:
6/10
Description:Integer overflow on H.264 protocol parsing, heap buffer overflow on parsing FLIC files.
Affected:APPLE : QuickTime 7.1
Original documentdocumentSECUNIA, [SA22048] Apple QuickTime Plug-In Local Resource Linking Weakness (22.09.2006)
 documentReversemode, [Reversemode Advisory] Apple Quicktime FLIC File Heap Overflow (18.09.2006)
 documentAvert, Multiple Vulnerabilities in Apple QuickTime (13.09.2006)
 documentCERT, US-CERT Technical Cyber Security Alert TA06-256A -- Apple QuickTime Vulnerabilities (13.09.2006)
 documentPiotr Bania, Apple QuickTime Player H.264 Codec Remote Integer Overflow (13.09.2006)
 documentSowhat ., Apple QuickTime H.264 Integer Overflow Vulnerability (13.09.2006)
 documentIDEFENSE, iDefense Security Advisory 09.12.06: Apple QuickTime FLIC File Heap Overflow Vulnerability (13.09.2006)

Half-Life / Counter Strike nosteam game servers DoS
Published:22.09.2006
Source:
SecurityVulns ID:6643
Type:remote
Threat Level:
5/10
Description:Windows dedicated server crashes on HLTV client connect if client versions is <= 27 and LKTV support is enabled (sv_proxies ="1")/
Affected:VALVE : hlds 1.1
Original documentdocumentGrey, Half-Life/cstrike server remote DoS (22.09.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:22.09.2006
Source:
SecurityVulns ID:6645
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PROGSYS : ProgSys 0.151
 PHPQUESTIONNAIRE : phpQuestionnaire 3.12
 SOLIDSTATE : SolidState 0.4
 SUN : Sun Secure Global Desktop 4.3
Original documentdocumentKacper, SolidState <= 0.4 Multiple Include Vulnerabilities (22.09.2006)
 documentHACKERS PAL, Wili-CMS Multiple Input Validation Vulnerabilities (22.09.2006)
 documentSolpot, phpQuestionnaire 3.12 (GLOBALS[phpQRootDir]) Remote File Inclusion (22.09.2006)
 documentMarc Ruef, [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities (22.09.2006)
 documentHACKERS PAL, Wili-CMS Multiple Input Validation Vulnerabilities (22.09.2006)
 documentHACKERS PAL, Grayscale BandSite CMS Multiple Input Validation Vulnerabilities (22.09.2006)
Files:ProgSys <= 0.151 Remote File Include Exploit

Multiple CA eTrust Security Command Center / eTrust Audit security vulnerabilities
updated since 22.09.2006
Published:23.09.2006
Source:
SecurityVulns ID:6644
Type:remote
Threat Level:
5/10
Description:Path disclosure, directory traversal, replay attacks.
Affected:CA : eTrust Audit 1.5
 CA : eTrust Security Command Center 1.0
Original documentdocumentPatrick Webster, RE: Computer Associates eTrust Security Command Center Multiple Vulnerabilities (23.09.2006)
 documentCA, [CAID 34616, 34617, 34618]: CA eSCC and eTrust Audit vulnerabilities (22.09.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod