 |
|
|
|
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 23.09.2009 | | Published: |  | 23.09.2009 | | Source: |  | | | SecurityVulns ID: |  | 10255 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| nginx directory traversal | | Published: | | 23.09.2009 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 10257 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Directory traversal with webdav enabled. |
| Xfig symbolic links vulnerability | | Published: | | 23.09.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10259 | | Type: | | local | | Level: | | 5/10 | | Description: | | Different files are created in insecure manner. |
| Affected: |  | XFIG : Xfig 3.2 | | CVE: |  | CVE-2009-1962 (Xfig in Debian GNU/Linux, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the (1) xfig-eps[PID], (2) xfig-pic[PID].pix, (3) xfig-pic[PID].err, (4) xfig-pcx[PID].pix, (5) xfig-xfigrc[PID], (6) xfig[PID], (7) xfig-print[PID], (8) xfig-export[PID].err, (9) xfig-batch[PID], (10) xfig-exp[PID], or (11) xfig-spell.[PID] temporary files, where [PID] is a process ID.) |
| Avast Antivirus privilege esclalation | | Published: | | 23.09.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10260 | | Type: | | local | | Level: | | 5/10 | | Description: | | Memory corruption on IOCTL processing. |
| changetrack shell characters vulnerability | | Published: | | 23.09.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10254 | | Type: | | local | | Level: | | 5/10 | | Description: | | Shell characters vulnerability via filenames. |
| Affected: | | CHANGETRACK : changetrack 4.3 | | CVE: | | CVE-2009-3233 (changetrack 4.3 allows local users to execute arbitrary commands via CRLF sequences and shell metacharacters in a filename in a directory that is checked by changetrack.) |
| HP-UX Role-Based Access Control privilege escalation | | Published: | | 23.09.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10262 | | Type: | | local | | Level: | | 5/10 |
| Affected: | | HP : HP-UX 11.23 | | | | HP : HP-UX 11.31 | | CVE: | | CVE-2009-2682 (Unspecified vulnerability in Role-Based Access Control (RBAC) in HP HP-UX B.11.23 and B.11.31 allows local users to bypass intended access restrictions via unknown vectors.) |
| HP Procurve IDM privilege escalation | | Published: | | 23.09.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10261 | | Type: | | local | | Level: | | 5/10 |
| Check Point Connectra crossite scripting | | Published: | | 23.09.2009 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 10256 | | Type: | | remote | | Level: | | 5/10 | | Description: | | /Login/Login crossite scripting. |
squid proxy DoS
updated since 10.08.2009 | | Published: | | 23.09.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10135 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Crash on request or response headers parsing. |
| Affected: | | SQUID : squid 3.0 | | | | SQUID : Squid 2.7 | | | | SQUID : squid 3.1 | | CVE: | | CVE-2009-2855 (The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.) | | | | CVE-2009-2622 (Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc.) | | | | CVE-2009-2621 (Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header size, related to (a) HttpMsg.cc and (b) client_side.cc.) |
Cisco IOS multiple security vulnerabilities
updated since 23.09.2009 | | Published: | | 24.09.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10258 | | Type: | | remote | | Level: | | 8/10 | | Description: | | Multiple DoS conditions, restriction bypass. |
| Affected: | | CISCO : IOS 12.0 | | | | CISCO : IOS 12.1 | | | | CISCO : IOS 12.2 | | | | CISCO : IOS 12.3 | | | | CISCO : IOS 12.4 | | | | CISCO : IOS XE 2.1 | | | | CISCO : IOS XE 2.2 | | | | CISCO : IOS XE 2.3 | | | | CISCO : IOS XE 2.4 | | CVE: | | CVE-2009-2871 (Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.) | | | | CVE-2009-2870 (Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880.) | | | | CVE-2009-2869 (Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948.) | | | | CVE-2009-2868 (Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.) | | | | CVE-2009-2867 (Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691.) | | | | CVE-2009-2866 (Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104.) | | | | CVE-2009-2862 (The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252.) |
Apache mod_proxy_ftp multiple security vulnerabilities
updated since 23.09.2009 | | Published: | | 31.03.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10253 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Denial of service, restrictions bypass. |
| Affected: | | APACHE : Apache 2.0 | | | | APACHE : Apache 2.2 | | | | HP : HP Secure Web Server 2.1 | | CVE: | | CVE-2009-3095 (The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.) | | | | CVE-2009-3094 (The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.) |
|
|
|
|
|
|
|
|
