Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		22.11.2006
Source:		BUGTRAQ
SecurityVulns ID:		6847
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		POSTNUKE : PostNuke 0.7
		CUREPHP : CuteNews 1.4
		ETOMITE : Etomite CMS 0.6
		PERLFORUMS : Pearl Forums 2.4
		MGAPPLANIX : mg.applanix 1.3
		MXBB : mxBB calsnails module 1.06
		CONTENTNOW : ContentNow CMS 1.39
		IXPRIMCMS : Ixprim CMS 1.2
		TELAEN : Telaen 1.1
		RAPIDCLASSIFIED : Rapid Classified 3.1
		PHPOLL : PHPOLL 0.96
		RIALTO : Rialto 1.6
		SHOPPINGCATALOG : Shopping_Catalog 0.9
		DISCHUNARY : dicshunary 0.1
		ENOMPHP : enomphp 4.0
		DODOSMAIL : DodosMail 2.0
		LOUDMOUTH : LoudMouth 2.4
		BIRDBLOG : BirdBlog 1.4
		WABBIT : Wabbit PHP Gallery 0.9
		MALBUM : mAlbum 0.3
		LTWCALENDAR : ltwCalendar 4.2
		SEDITIO : Seditio 1.10
		LDU : LDU 8.0
		PHOTOCART : PhotoCart 3.9
		EARK : e-Ark 1.0
		PHPPC : phpPC 1.04

Original document		iss4m, phpPC 1.04 Multiples Remote File Inclusion (22.11.2006)
		Dr Max Virus, Pearl Forums 2.4 Multiple Remote File Include Vulnerabilities (22.11.2006)
		irvian, PhotoCart 3.9 (adminprint.php) Remote File Include Vulnerability (22.11.2006)
		sni-labs_(at)_sni-labs.com, Vulnerability in PostNuke (22.11.2006)
		Mustafa Can Bjorn IPEKCI, Advisory: LDU <= 8.x Remote SQL Injection Vulnerability. (22.11.2006)
		Mustafa Can Bjorn IPEKCI, Advisory: Seditio <= 1.10 Remote SQL Injection Vulnerability. (22.11.2006)
		laurent gaffié, JiRos Links Manager[injection sql & xss permanent] (22.11.2006)
		laurent gaffié, creadirectory [injection sql & xss] (22.11.2006)
		laurent gaffié, Link Exchange Lite [injection sql] (22.11.2006)
		laurent gaffié, aBitWhizzy [local file include] (22.11.2006)
		alireza hassani, [KAPDA]::Security analysis of cutenews 1.4.5 (22.11.2006)
		laurent gaffié, The Classified Ad System [multiple xss & injection sql] (22.11.2006)
		the_3dit0r_(at)_yahoo.com, ltwCalendar => 4.2.1 Remote File Include Vulnerabilities (22.11.2006)
		the_3dit0r_(at)_yahoo.com, my little weblog => Cross Site Scripting (22.11.2006)
		laurent gaffié, Classified System [injection sql] (22.11.2006)
		tux025_(at)_gmail.com, mAlbum v0.3 Multiple vulnerabilitizzz (22.11.2006)
		the_3dit0r_(at)_yahoo.com, Wabbit PHP Gallery => 0.9 Remote Traversal Directory (22.11.2006)
		the_3dit0r_(at)_yahoo.com, BirdBlog => v1.4.0 Cross Site Scripting (22.11.2006)
		the_3dit0r_(at)_yahoo.com, LoudMouth => 2.4 Remote File Include Vulnerabilities (22.11.2006)
		the_3dit0r_(at)_yahoo.com, Telaen => 1.1.0 Remote File Include Vulnerability (22.11.2006)
		laurent gaffié, klf-realty [injection sql] (22.11.2006)
		the_3dit0r_(at)_yahoo.com, enomphp => 4.0 Remote Traversal Directory (22.11.2006)
		Advisory_(at)_Aria-Security.net, gNews Publisher SQL Injection Vulnerabilites (22.11.2006)
		laurent gaffié, Rialto 1.6[admin login bypass & multiples injections sql] (22.11.2006)
		laurent gaffié, eClassifieds [injection sql] (22.11.2006)
		the_3dit0r_(at)_yahoo.com, PHPOLL => 0.96 Cross Site Scripting (22.11.2006)
		laurent gaffié, ehomes [multiples injections sql] (22.11.2006)
		ajannhwt_(at)_hotmail.com, ASPNuke <= 0.80 (register.asp) Remote SQL Injection Vulnerability (22.11.2006)
		bluespy.ok_(at)_gmail.com, PhpBB Module Dimension Remote File Include (22.11.2006)
		vitux.manis_(at)_gmail.com, Ixprim CMS 1.2 Remote File Include Vulnerability (22.11.2006)
		revenge, ContentNow CMS 1.39 Sql Injection + Path Disclosure Vulnerabilities (22.11.2006)
		revenge, ContentNow CMS 1.39 'pageid' Sql Injection + Path Disclosure Vulnerabilities (22.11.2006)
		revenge, Etomite CMS 0.6.1.2 Vulnerabilities + ContenNow 1.39 Vulnerabilities + Exploits (22.11.2006)

Files:		Exploits Etomite CMS Remote Command Execution
		Exploits Etomite CMS "id" SQL Injection
		Exploits ContentNow "pageid" Sql Injection
		mg.applanix <= 1.3.1 Remote File Include Exploit
		mxBB calsnails module 1.06 Remote File Inclusion Exploit
		MyAlbum <= 3.02 (langs_dir) Remote File Inclusion Exploit
		dicshunary 0.1 alpha Remote File Inclusion Exploit
		Shopping_Catalog Remote File Include exploit
		DodosMail <= 2.0.1(dodosmail.php) Remote File Inclusion Exploit
		Telaen => 1.1.0 Remote File Include Vulnerability Exploit
		e-Ark project Remote File Inclusion Exploit
Discuss:		Read or add your comments to this news (0 comments)

My Firewall Plus privilege escalation
Published:		22.11.2006
Source:		BUGTRAQ
SecurityVulns ID:		6849
Type:		local
Level:		5/10
Description:		explorer.exe is launched with local system privileges.

Affected:

MYFIREWALL : My Firewall Plus 5.0

Original document

SECUNIA, Secunia Research: My Firewall Plus Privilege Escalation Vulnerability (22.11.2006)

Discuss:

Read or add your comments to this news (0 comments)

PassGo SSO Plus weak permissions
Published:		22.11.2006
Source:		BUGTRAQ
SecurityVulns ID:		6851
Type:		local
Level:		5/10
Description:		Weak installation folder permissions.

Affected:

PASSGO : SSO Plus 2.1

Original document

SECUNIA, Secunia Research: PassGo SSO Plus Insecure Default Directory Permissions (22.11.2006)

Discuss:

Read or add your comments to this news (0 comments)

XMPlay buffer overflow
Published:		22.11.2006
Source:		SECURITEAM
SecurityVulns ID:		6852
Type:		client
Level:		6/10
Description:		Buffer overflow on .ASX and .M3U files parsing.

Affected:

UN4SEEN : XMPlay 3.3

Files:		0-day XMPlay 3.3.0.4 .ASX Filename Buffer Overflow Exploit
		0-day XMPlay 3.3.0.4 .M3U Filename Buffer Overflow Exploit
Discuss:		Read or add your comments to this news (0 comments)

CA BrightStor ARCserve Backup buffer overflow
Published:		22.11.2006
Source:		BUGTRAQ
SecurityVulns ID:		6848
Type:		remote
Level:		6/10
Description:		Buffer overflow on parsing TCP/6502 data.

Affected:

CA : Brightstor ARCserve Backup 11.5

Original document

advisories_(at)_lssec.com, LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability (22.11.2006)

Discuss:

Read or add your comments to this news (0 comments)

VMWare VirtualClient cryptography protection bypass
Published:		22.11.2006
Source:		BUGTRAQ
SecurityVulns ID:		6850
Type:		m-i-t-m
Level:		5/10
Description:		SSL server certificate is not checked by client.

Affected:

VMWARE : VirtualCenter 2.0

Original document

VMWARE, VMSA-2006-0010 - SSL sessions not authenticated by VC Clients (22.11.2006)

Discuss:

Read or add your comments to this news (0 comments)