Computer Security
[EN] securityvulns.ru no-pyccku


Trend Micro HouseCall ActiveX memory corruption
updated since 22.12.2008
Published:23.12.2008
Source:
SecurityVulns ID:9536
Type:client
Threat Level:
5/10
Description:Use-after-free() vulnerability.
Affected:TM : HouseCall 6.51
 TM : HouseCall 6.6
Original documentdocumentSECUNIA, Secunia Research: Trend Micro HouseCall ActiveX Control Arbitrary Code Execution (23.12.2008)
 documentSECUNIA, [Full-disclosure] Secunia Research: Trend Micro HouseCall "notifyOnLoadNative()" Vulnerability (22.12.2008)

mailscanner symbolic links vulnerability
Published:23.12.2008
Source:
SecurityVulns ID:9538
Type:local
Threat Level:
5/10
Description:Multiple symlink vulnerabilities in different scripts.
Affected:MAILSCANNER : mailscanner 4.68
 MAILSCANNER : mailscanner 4.55
CVE:CVE-2008-5313 (mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the (5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper, and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9) Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) WorkArea.pm, and (13) SA.pm scripts in /usr/share/MailScanner/MailScanner/; (14) /usr/sbin/MailScanner; and (15) scripts that load the /etc/MailScanner/mailscanner.conf.with.mcp configuration file.)
 CVE-2008-5312 (mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different vulnerability than CVE-2008-5140.)
 CVE-2008-5140 (trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/opr.ini.##### or (2) /tmp/lpt*.zip temporary file.)
Original documentdocumentMANDRIVA, [ MDVA-2008:241 ] mailscanner (23.12.2008)

COMTREND CT-536 / COMTREND HG-536+ routers multiple security vulnerabilities
Published:23.12.2008
Source:
SecurityVulns ID:9539
Type:remote
Threat Level:
5/10
Description:Authentication bypass, DoS, crossite scripting and request forgery.
Affected:COMTREND : Comtrend CT-536
 COMTREND : Comtrend HG-536+
Original documentdocumentISecAuditors Security Advisories, [ISecAuditors Security Advisories] Multiple vulnerabilities in WiFi router COMTREND CT-536/HG-536+ (23.12.2008)

Avahi multicast DNS server DoS
Published:23.12.2008
Source:
SecurityVulns ID:9540
Type:remote
Threat Level:
5/10
Description:assert() on UDP packet with SRC port 0.
Affected:AVAHI : Avahi 0.6
CVE:CVE-2008-5081 (The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.)
Original documentdocumentFlorian Weimer, [SECURITY] [DSA 1690-1] New avahi packages fix denial of service (23.12.2008)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:23.12.2008
Source:
SecurityVulns ID:9541
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. NetCat CMS: directory traversal, SQL injection.
Affected:ROUNDCUBE : Roundcube Webmail 0.2
 NAGIOS : Nagios 3.0
 OP5MONITOR : op5 Monitor 4.0
 NETCAT : NetCat 3.12
CVE:CVE-2008-5619 (html2text.php in RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta allows remote attackers to execute arbitrary code via crafted input that is processed by the preg_replace function with the eval switch.)
 CVE-2008-5028 (Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagios 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote attackers to send commands to the Nagios process, and trigger execution of arbitrary programs by this process, via unspecified HTTP requests.)
 CVE-2008-5027 (The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form or a (b) browser addon.)
Original documentdocumentS4aVRd0w, Многочисленные уязвимости в NetCat CMS <= 3.12 (23.12.2008)
 documentMarc Deslauriers, [USN-698-1] Nagios vulnerability (23.12.2008)
 documentJacobo Avariento Gimeno, POC for CVE-2008-5619 (roundcubemail PHP arbitrary code injection) (23.12.2008)
 documentISecAuditors Security Advisories, [ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS (23.12.2008)
Files:Blind SQL Injection exploit for CMS NetCat v3.12

Qemu / KVM DoS
Published:23.12.2008
Source:
SecurityVulns ID:9542
Type:remote
Threat Level:
5/10
Description:Virtual machine's VNC server infinite loop.
Affected:QEMU : Qemu 0.9
 KVM : KVM 79
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2008-1210: Qemu and KVM VNC server remote DoS (23.12.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod