Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows application policy bypass
Published:24.02.2011
Source:
SecurityVulns ID:11455
Type:local
Threat Level:
6/10
Description:It's possible to bypass application restriction policy by directly loading code into suspended process' memory via e.g. Microsoft Word macro.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
Original documentdocumentFar Sighter, Microsoft Windows application restriction policy bypass (24.02.2011)
Files:XRun - module to replace suspended process' memory

Cisco Secure Desktop ActiveX multiple security vulnerabilities
Published:24.02.2011
Source:
SecurityVulns ID:11456
Type:client
Threat Level:
6/10
Description:Few code execution possibilities.
CVE:CVE-2011-0926 (A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589.)
 CVE-2011-0925 (The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this program, by identifying a Cisco program with a Cisco digital signature and then renaming this program to inst.exe, a different vulnerability than CVE-2010-0589 and CVE-2011-0926.)
Original documentdocumentZDI, ZDI-11-092: (0day) Cisco Secure Desktop CSDWebInstaller ActiveX Control Cleaner.cab Remote Code Execution Vulnerability (24.02.2011)
 documentZDI, ZDI-11-091: (0day) Cisco Secure Desktop CSDWebInstaller Remote Code Execution Vulnerability (24.02.2011)

Novell Netware integer overflow
Published:24.02.2011
Source:
SecurityVulns ID:11458
Type:remote
Threat Level:
7/10
Description:Integer overflow on XNFS (UDP/1234) processing.
CVE:CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.)
Original documentdocumentZDI, ZDI-11-090: Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability (24.02.2011)

bin IXFR DoS
Published:24.02.2011
Source:
SecurityVulns ID:11459
Type:remote
Threat Level:
5/10
Description:Resources exhaustion on IXFR processing.
Affected:ISC : bind 9.7
CVE:CVE-2011-0414 (ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.)
Original documentdocumentUBUNTU, [USN-1070-1] Bind vulnerability (24.02.2011)

Avahi DNS server DoS
updated since 05.08.2010
Published:24.02.2011
Source:
SecurityVulns ID:11035
Type:remote
Threat Level:
5/10
Description:Crash on malformed DNS packet parsing.
Affected:AVAHI : Avahi 0.6
CVE:CVE-2011-1002 (avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.)
 CVE-2010-2244 (The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081.)
Original documentdocumentMANDRIVA, [ MDVSA-2011:037 ] avahi (24.02.2011)
 documentDEBIAN, [SECURITY] [DSA 2086-1] New avahi packages fix denial of service (05.08.2010)

CA Internet Security / CA Host-Based Intrusion Prevention System code execution
updated since 24.02.2011
Published:28.02.2011
Source:
SecurityVulns ID:11457
Type:client
Threat Level:
6/10
Description:SetXml and Save methods of HIPSEngine component allows to save file to any location.
CVE:CVE-2011-1036 (The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.)
Original documentdocumentCA, CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System (28.02.2011)
 documentZDI, ZDI-11-093: CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability (24.02.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod