Computer Security

Search:Vulnerability:23.03.2006
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:23.03.2006
Source:
SecurityVulns ID:5936
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:ANYPORTAL : AnyPortal 0.1
 CUREPHP : CuteNews 1.4
 ADMAN : AdMan 1.0
 OSICODES : PHP Live! 3.0
 VBULLETIN : vBulletin ImpEx 1.74
 XHP : XHP CMS 0.5
 WEBCHECK : webcheck 1.9
 COMOBLOG : CoMoblog 1.1
Original documentdocumentSECUNIA, [SA19359] AnyPortal(php) "F" Directory Traversal Vulnerability (23.03.2006)
 documentfarhadkey_(at)_kapda.ir, [KAPDA::#37] - CoMoblog XSS (23.03.2006)
 documentSECUNIA, [SA19309] webcheck Website Content Script Insertion Vulnerability (23.03.2006)
 documentScott Dewey, [Full-disclosure] XOR Crew :: vBulletin ImpEx <= 1.74 - Remote Command Execution Vulnerability (23.03.2006)
 documenth e, cutenews 1.4.1 Arbitrary File Access (23.03.2006)
 documentkspecial, PHP Live! XSS status_image.php (23.03.2006)
 documentr0t, AdMan v1.0.x SQL vuln (23.03.2006)
Files:vbulletin ImpEx Remote File Inclusion Exploit
 XHP CMS <= 0.5 remote cmmnds xctn
Discuss:Read or add your comments to this news (0 comments)

KisMac MacOS sniffer buffer overflow
Published:23.03.2006
Source:FULL-DISCLOSURE
SecurityVulns ID:5937
Type:remote
Level:5/10
Description:Buffer overflow on parsing SSID paramtere of Cisco vendor-specific tags.
Affected:KISMAC : KisMAC 73
Original documentdocumentStefan Esser, [Full-disclosure] Advisory 03/2006: KisMAC Cisco Vendor Tag Encapsulated SSID Overflow (23.03.2006)
Discuss:Read or add your comments to this news (0 comments)

Linux kernel multiple vulnerabilities
updated since 22.03.2006
Published:23.03.2006
Source:BUGTRAQ
SecurityVulns ID:5932
Type:library
Level:7/10
Description:Integer overflow in netfilter's do_replace() function, memory corruption in usb/gadget driver. Kernel memory content leak through sockaddr_in.sin_zero.
Affected:LINUX : kernel 2.6
Original documentdocumentSECUNIA, [SA19357] Linux Kernel IPv4 "sockaddr_in.sin_zero" Information Disclosure (23.03.2006)
 documentSECUNIA, [SA19330] Linux Kernel Buffer Overflow Vulnerabilities (22.03.2006)
Discuss:Read or add your comments to this news (0 comments)

Orion application server source code disclosure
Published:23.03.2006
Source:FULL-DISCLOSURE
SecurityVulns ID:5935
Type:remote
Level:5/10
Description:It's possible to access JSP page content by adding dot with space character to file extention.
Affected:ORION : Orion Application Server 2.0
Original documentdocumentSECUNIA, [Full-disclosure] Secunia Research: Orion Application Server JSP Source Disclosure Vulnerability (23.03.2006)
Discuss:Read or add your comments to this news (0 comments)

IBM Tivoli Business Systems Manage crossite scripting
Published:23.03.2006
Source:SECUNIA
SecurityVulns ID:5938
Type:remote
Level:5/10
Description:Crossite scripting with https://[host]:9443/TbsmWebConsole/help/en/jsp/apwc_win_main.jsp?skin=[code]
Affected:IBM : Tivoli Business Systems Manager 3.1
Original documentdocumentSECUNIA, [SA19332] IBM Tivoli Business Systems Manager Cross-Site Scripting (23.03.2006)
Discuss:Read or add your comments to this news (0 comments)

Baby FTP Server file enumeration information leak
Published:23.03.2006
Source:BUGTRAQ
SecurityVulns ID:5939
Type:remote
Level:5/10
Description:Different messages for existing and non-existing user outside FTP home directory.
Affected:BABY : Baby FTP Server 1.24
Original documentdocumentSECUNIA, [SA19338] Baby FTP Server File Enumeration Weakness (23.03.2006)
Discuss:Read or add your comments to this news (0 comments)

RealPlayer buffer overflow
updated since 23.03.2006
Published:11.04.2006
Source:FULL-DISCLOSURE
SecurityVulns ID:5934
Type:client
Level:6/10
Description:Buffer overflow on SWF files parsing, Web pages parsing, MBC files parsing.
Affected:REAL : RealPlayer 8
 REAL : RealPlayer 10.5
 REAL : Helix Player 10.0
 REAL : RealPlayer 10.0
 REAL : Rhapsody 3
Original documentdocumentSowhat ., [Full-disclosure] Realplayer .SWF Multiple Remote Memory Corruption Vulnerabilities (11.04.2006)
 documentX-FORCE, ISS Protection Brief: RealNetworks RealPlayer chunked Transfer-Encoding buffer overflow (29.03.2006)
 documentIDEFENSE, iDefense Security Advisory 03.23.06: RealNetworks RealPlayer and Helix Player Invalid Chunk Size Heap Overflow Vulnerability (24.03.2006)
 documentSECUNIA, [SA19358] RealNetworks Products Multiple Buffer Overflow Vulnerabilities (23.03.2006)
 documentSUSE, [Full-disclosure] SUSE Security Announcement: RealPlayer security problems (SUSE-SA:2006:018) (23.03.2006)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server