Search:Vulnerability:24.03.2008 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

ircu and snircd IRC servers array index overflow
Published: 24.03.2008
Source: FULL-DISCLOSURE
SecurityVulns ID: 8825
Type: remote
Level: 6/10
Description: Array index overflow in /mode command.

Affected: IRCU : ircu 2.10
SNIRCD : snircd 1.3

Original document Chris Porter, [Full-disclosure] ircu/snircd remote crash vulnerability (24.03.2008)

Discuss: Read or add your comments to this news (0 comments)

Sun Solaris rpc.ypupdated code execution
Published: 24.03.2008
Source: SECURITEAM
SecurityVulns ID: 8827
Type: remote
Level: 6/10
Description: Insufficient RPC requests filtering.

Affected: SUN : Solaris 10

Original document SECURITEAM, [EXPL] Sun Solaris rpc.ypupdated Arbitrary Command Execution (Exploit) (24.03.2008)

Files: Exploits KEYSERV/YPUPDATED (SunOS 4.1.3/RPC SERVICES)
Discuss: Read or add your comments to this news (0 comments)

Linksys WRT54g authentication bypass
updated since 04.08.2006
Published: 24.03.2008
Source: FULL-DISCLOSURE
SecurityVulns ID: 6449
Type: remote
Level: 5/10
Description: Configuration changes are applied without authentication through Web interface.

Affected: CISCO : Linksys WRT54g

Original document SECUNIA, [SA29344] Linksys WRT54G Security Bypass Vulnerability (24.03.2008)

Ginsu Rabbit, [Full-disclosure] linksys WRT54g authentication bypass (04.08.2006)

Discuss: Read or add your comments to this news (0 comments)

Adobe Flash CS3 Professional / Macromedia Flash MX code execution
Published: 24.03.2008
Source: FULL-DISCLOSURE
SecurityVulns ID: 8826
Type: local
Level: 5/10
Description: Multiple code execution vulnerabilities on .FLV files parsing.

Affected: ADOBE : Flash CS3 Professional 9.0
ADOBE : Macromedia Flash MX 2004
CVE: CVE-2008-1201

Original document cocoruder, [Full-disclosure] Adobe Flash CS3 Professional FLA File Parsing Multiple Local Code Execute Vulnerabilities (24.03.2008)

Discuss: Read or add your comments to this news (0 comments)

Novell Groupwise unauthorized access
Published: 24.03.2008
Source: SECURITEAM
SecurityVulns ID: 8828
Type: remote
Level: 5/10
Description: User who has access to shared folder of different user can gain access to the rest of the folders.

Affected: NOVELL : GroupWise 6.5
NOVELL : GroupWise 7

Original document SECURITEAM, [NEWS] GroupWise Windows Client API Security Vulnerability (24.03.2008)

Discuss: Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 24.03.2008
Source:
SecurityVulns ID: 8829
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Claroline: crossite scripting.

Affected: POWERSCRIPTS : PowerClan 1.14
CLAROLINE : Claroline 1.8
POWERSCRIPTS : PowerBook 1.21
POWERSCRIPTS : PowerPHPBoard 1.00
SERENDIPITY : serendipity 1.3
CVE: CVE-2008-0124
CVE-2007-6205 (Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed.)

Original document DEBIAN, [SECURITY] [DSA 1528-1] New serendipity packages fix cross site scripting (24.03.2008)

Zero-X ScriptKiddy, HIS-webshop is vulnerable against Directory-Traversal (www.shoppark.de) (24.03.2008)

Digital Security Research Group [DSecRG], [DSECRG-08-020] RFI-LFI in PowerClan 1.14a (24.03.2008)

document Digital Security Research Group [DSecRG], [DSECRG-08-021] Multiple LFI in PowerPHPBoard 1.00b (24.03.2008)

Digital Security Research Group [DSecRG], [DSECRG-08-019] LFI in PowerBook 1.21 (24.03.2008)

MustLive, Vulnerability in Claroline (24.03.2008)

Discuss: Read or add your comments to this news (0 comments)