Computer Security
[EN] securityvulns.ru no-pyccku


Linux kernel multiple vulnerabilities
updated since 22.03.2006
Published:23.03.2006
Source:
SecurityVulns ID:5932
Type:library
Threat Level:
7/10
Description:Integer overflow in netfilter's do_replace() function, memory corruption in usb/gadget driver. Kernel memory content leak through sockaddr_in.sin_zero.
Affected:LINUX : kernel 2.6
Original documentdocumentSECUNIA, [SA19357] Linux Kernel IPv4 "sockaddr_in.sin_zero" Information Disclosure (23.03.2006)
 documentSECUNIA, [SA19330] Linux Kernel Buffer Overflow Vulnerabilities (22.03.2006)

Orion application server source code disclosure
Published:23.03.2006
Source:
SecurityVulns ID:5935
Type:remote
Threat Level:
5/10
Description:It's possible to access JSP page content by adding dot with space character to file extention.
Affected:ORION : Orion Application Server 2.0
Original documentdocumentSECUNIA, [Full-disclosure] Secunia Research: Orion Application Server JSP Source Disclosure Vulnerability (23.03.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:23.03.2006
Source:
SecurityVulns ID:5936
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:ANYPORTAL : AnyPortal 0.1
 CUREPHP : CuteNews 1.4
 ADMAN : AdMan 1.0
 OSICODES : PHP Live! 3.0
 VBULLETIN : vBulletin ImpEx 1.74
 XHP : XHP CMS 0.5
 WEBCHECK : webcheck 1.9
 COMOBLOG : CoMoblog 1.1
Original documentdocumentSECUNIA, [SA19359] AnyPortal(php) "F" Directory Traversal Vulnerability (23.03.2006)
 documentfarhadkey_(at)_kapda.ir, [KAPDA::#37] - CoMoblog XSS (23.03.2006)
 documentSECUNIA, [SA19309] webcheck Website Content Script Insertion Vulnerability (23.03.2006)
 documentScott Dewey, [Full-disclosure] XOR Crew :: vBulletin ImpEx <= 1.74 - Remote Command Execution Vulnerability (23.03.2006)
 documenth e, cutenews 1.4.1 Arbitrary File Access (23.03.2006)
 documentkspecial, PHP Live! XSS status_image.php (23.03.2006)
 documentr0t, AdMan v1.0.x SQL vuln (23.03.2006)
Files:vbulletin ImpEx Remote File Inclusion Exploit
 XHP CMS <= 0.5 remote cmmnds xctn

KisMac MacOS sniffer buffer overflow
Published:23.03.2006
Source:
SecurityVulns ID:5937
Type:remote
Threat Level:
5/10
Description:Buffer overflow on parsing SSID paramtere of Cisco vendor-specific tags.
Affected:KISMAC : KisMAC 73
Original documentdocumentStefan Esser, [Full-disclosure] Advisory 03/2006: KisMAC Cisco Vendor Tag Encapsulated SSID Overflow (23.03.2006)

IBM Tivoli Business Systems Manage crossite scripting
Published:23.03.2006
Source:
SecurityVulns ID:5938
Type:remote
Threat Level:
5/10
Description:Crossite scripting with https://[host]:9443/TbsmWebConsole/help/en/jsp/apwc_win_main.jsp?skin=[code]
Affected:IBM : Tivoli Business Systems Manager 3.1
Original documentdocumentSECUNIA, [SA19332] IBM Tivoli Business Systems Manager Cross-Site Scripting (23.03.2006)

Baby FTP Server file enumeration information leak
Published:23.03.2006
Source:
SecurityVulns ID:5939
Type:remote
Threat Level:
5/10
Description:Different messages for existing and non-existing user outside FTP home directory.
Affected:BABY : Baby FTP Server 1.24
Original documentdocumentSECUNIA, [SA19338] Baby FTP Server File Enumeration Weakness (23.03.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod