Computer Security
[EN] securityvulns.ru no-pyccku


Linksys WAP54G access point unauthroized access
updated since 15.06.2010
Published:23.06.2010
Source:
SecurityVulns ID:10933
Type:remote
Threat Level:
6/10
Description:Debug interface with hardcoded Gemtek/gemtekswd account is available.
Affected:LINKSYS : Linksys WAP54G
Original documentdocumentCristofaro Mune, IS-2010-003 - Linksys WAP54Gv3 debug.cgi Cross-Site Scripting (23.06.2010)
 documentCristofaro Mune, IS-2010-002 - Linksys WAP54Gv3 Remote Debug Root Shell (15.06.2010)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:23.06.2010
Source:
SecurityVulns ID:10945
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:REDAKS : RedAks 2.0
 PHPWCMS : PHPWCMS 1.4
 MINDARRAY : synType CMS 0.12
 APACHE : Axis2 1.5
CVE:CVE-2010-0284 (Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with any contents, and consequently execute arbitrary code, via a .. (dot dot) in a parameter, aka ZDI-CAN-678.)
Original documentdocumentZDI, ZDI-10-112: Novell Access Manager Arbitrary File Upload Remote Code Execution Vulnerability (23.06.2010)
 documentTiago Ferreira Barbosa, Apache Axis Session Fixation Vulnerability (23.06.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Scribe CMS (23.06.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Scribe CMS (23.06.2010)
 documentdavid.kurz_(at)_majorsecurity.net, [MajorSecurity SA-075]CMS RedAks 2.0 - SQL injection vulnerability (23.06.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Scribe CMS (23.06.2010)
 documentHigh-Tech Bridge Security Research, Stored XSS vulnerability in synType CMS comment text field (23.06.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in the search module of synType CMS (23.06.2010)
 documentlabs_(at)_redteamsecure.com, CSRF in PHPWCMS 1.4.5 (23.06.2010)
Files:PHPWCMS Cross-Site Request Forgery Vulnerability exploit

Weborf Web server DoS
updated since 23.06.2010
Published:23.06.2010
Source:
SecurityVulns ID:10946
Type:remote
Threat Level:
5/10
Description:Crash on invalid connection: header.
Affected:WEBORF : Weborf 0.12
Original documentdocumentEwerson GuimarŠ³es (Crash) - Dclabs, Weborf DCA-00012 Vulnerability Report (23.06.2010)

Microsoft Windows CHM files protection bypass
Published:23.06.2010
Source:
SecurityVulns ID:10947
Type:local
Threat Level:
4/10
Description:It's possible to bypass CHM file locking protection for file downloaded from Internet.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
Original documentdocumentPaul Craig, Microsoft Help Files (.CHM): 'Locked File' Feature Bypass (23.06.2010)

fastjar archiver directory traversal
Published:23.06.2010
Source:
SecurityVulns ID:10948
Type:local
Threat Level:
4/10
Description:Directory traversal during file extraction.
Affected:FASTJAR : FastJar 0.98
CVE:CVE-2010-0831 (Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a non-initial pathname component in a filename within a .jar archive, a related issue to CVE-2005-1080. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619.)
 CVE-2006-3619 (Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC 4.1.1 and earlier, and 3.4.6 and earlier, allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filenames with "../" sequences.)
 CVE-2005-1080 (Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2, 1.5 allows remote attackersto write arbitrary files via a .. (dot dot) in filenames in a .jar file.)
Original documentdocumentMANDRIVA, [ MDVSA-2010:122 ] fastjar (23.06.2010)

Skype for Mac OS X DoS
Published:23.06.2010
Source:
SecurityVulns ID:10949
Type:remote
Threat Level:
5/10
Description:Crash on chat message with specific Unicode characters.
Affected:SKYPE : Skype for Mac OS X 2.8
Original documentdocumentMarc Ruef, [scip_Advisory 4142] Skype Client for Mac Chat Unicode Denial of Service (23.06.2010)

Codeorigin Sysax Multi Server DoS
Published:23.06.2010
Source:
SecurityVulns ID:10951
Type:remote
Threat Level:
5/10
Description:Multiple buffer overflows in different FTP commands.
Affected:CODEORIGIN : Sysax Multi Server 5.25
Original documentdocumentleinakesi_(at)_gmail.com, Sysax Multi Server "open", "unlink", "mkdir", "scp_get" Commands DoS Vulnerabilities (23.06.2010)
Files:Exploits Sysax Multi Server "open", "unlink", "mkdir", "scp_get" Commands DoS Vulnerabilities

UFO: Alien Invasion code execution
Published:23.06.2010
Source:
SecurityVulns ID:10952
Type:client
Threat Level:
5/10
Description:Code execution on IRC server command parsing.
Affected:UFOALIENINVASION : UFO: Alien Invasion 2.2
Original documentdocumentjason_(at)_ngssoftware.com, Remote Arbitrary Code Execution Vulnerability in UFO: Alien Invasion (23.06.2010)

Wing FTP Server DoS
Published:23.06.2010
Source:
SecurityVulns ID:10953
Type:remote
Threat Level:
5/10
Description:Crash on PORT command parsing.
Affected:WING : Wing FTP Server 3.1
Original documentdocumentsk, Wing FTP Server PORT Command DoS Vulnerability (23.06.2010)

AnNoText ADVOAkte multiple security vulnerabilities
Published:23.06.2010
Source:
SecurityVulns ID:10954
Type:client
Threat Level:
5/10
Description:Buffer overflow and files overwriting in ActiveX component.
Affected:ANNOTEXT : ADVOAkte 17
Original documentdocumentNSO Research, NSOADV-2010-009: AnNoText Third-Party ActiveX Control file overwrite vulnerability (23.06.2010)
 documentNSO Research, NSOADV-2010-008: AnNoText Third-Party ActiveX Control Buffer Overflow (23.06.2010)

libtiff multiple security vulnerabilities
updated since 23.06.2010
Published:29.06.2010
Source:
SecurityVulns ID:10950
Type:library
Threat Level:
7/10
Description:Multiple memory corruptions on tiff files parsing.
Affected:LIBTIFF : libtiff 3.9
CVE:CVE-2010-2067 (Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.)
 CVE-2010-2065 (Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.)
 CVE-2010-1411 (Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 06.21.10: Multiple Vendor LibTIFF 3.9.2 Stack Buffer Overflow Vulnerability (29.06.2010)
 documentBUNTU, [USN-954-1] tiff vulnerabilities (23.06.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod