Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Internet Explorer saved pages crossite scripting
updated since 21.08.2007
Published:24.11.2008
Source:
SecurityVulns ID:8081
Type:client
Threat Level:
3/10
Description:Crossite scripting in context of local machine is possible on saving URL with address like http://site/--><script>alert("XSS")</script>
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2007-4478 (Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6.0 allows user-assisted remote attackers to inject arbitrary web script or HTML in the local zone via a URI, when the document at the associated URL is saved to a local file, which then contains the URI string along with the document's original content.)
Original documentdocumentMustLive, Code Execution via XSS in Internet Explorer (24.11.2008)
 documentDavid Vaartjes, [Fwd: RE: XSS via IE MOTW feature. [sd]] (22.08.2007)
 documentMustLive, Vulnerability in Internet Explorer (21.08.2007)

Linux kernel multiple security vulnerabilities
updated since 05.11.2008
Published:24.11.2008
Source:
SecurityVulns ID:9409
Type:remote
Threat Level:
6/10
Description:Buffer overflow on oversized ESSID in ndiswrapper. DoS with corrupter ext2 / ext3 filesystem.
Affected:LINUX : kernel 2.6
CVE:CVE-2008-4395 (Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs.)
 CVE-2008-3528 (The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries.)
Original documentdocumentUBUNTU, [USN-662-1] Linux kernel vulnerabilities (05.11.2008)

WireShark DoS
Published:24.11.2008
Source:
SecurityVulns ID:9451
Type:remote
Threat Level:
5/10
Description:CPU resource exhaustion on oversized SMTP request.
Affected:WIRESHARK : Wireshark 1.0
CVE:CVE-2008-5285 (Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.)
Original documentdocumentSecurity Vulnerability Research Team, [SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack (24.11.2008)

Adobe Flash multiple security vulnerabilities
Published:24.11.2008
Source:
SecurityVulns ID:9452
Type:client
Threat Level:
8/10
Description:Code execution, information leakage, DoS.
Affected:ADOBE : Flash Player 9.0
 ADOBE : AIR 1.1
 ADOBE : Flash CS4
 ADOBE : Flash CS3
 ADOBE : Flex 3
Original documentdocumentiSEC Partners, Adobe Flash Multiple Vulnerabilities (24.11.2008)

Linux kernel multiple security vulnerabilities
Published:24.11.2008
Source:
SecurityVulns ID:9453
Type:local
Threat Level:
5/10
Description:Multiple DoS conditions
Affected:LINUX : kernel 2.6
CVE:CVE-2008-5029 (The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.)
 CVE-2008-4934 (The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel before 2.6.28-rc1 does not check a certain return value from the read_mapping_page function before calling kmap, which allows attackers to cause a denial of service (system crash) via a crafted hfsplus filesystem image.)
 CVE-2008-4933 (Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.)
Original documentdocumentMANDRIVA, [ MDVSA-2008:234 ] kernel (24.11.2008)

Apple iPhone Configuration Web Utility directory traversal
Published:24.11.2008
Source:
SecurityVulns ID:9454
Type:remote
Threat Level:
6/10
Description:ACcess outside web root is possible.
Affected:APPLE : iPhone Configuration Web Utility 1.0
Original documentdocumentvulnerabilityresearch_(at)_ddifrontline.com, DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal (24.11.2008)

OpenSSH cryptographic weakness
Published:24.11.2008
Source:
SecurityVulns ID:9455
Type:m-i-t-m
Threat Level:
3/10
Description:With low probability it's possible to recover few bits of plaintext.
Affected:OPENSSH : OpenSSH 4.7
Original documentdocumentOPENSSH, OpenSSH security advisory: cbc.adv (24.11.2008)
Files:Plaintext Recovery Attack Against SSH

KVIrc shell characters vulnerabilities
Published:24.11.2008
Source:
SecurityVulns ID:9456
Type:client
Threat Level:
6/10
Description:Shell characters vulnerability on irc:/// URI parsing.
Affected:KVIRC : KVIrc 3.4
Original documentdocumentPyrokinesis_(at)_nospam.it, KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit (24.11.2008)

EMC Control Center SAN Manager multiple security vulnerabilities
Published:24.11.2008
Source:
SecurityVulns ID:9457
Type:remote
Threat Level:
7/10
Description:Buffer overflow, unauthroized files access via TCP/10444.
Affected:EMC : ControlCenter SAN Manager 5.2
 EMC : ControlCenter SAN Manager 6.0
Original documentdocumentZDI, ZDI-08-076: EMC Control Center SAN Manager SST_SENDFILE Remote File Retrieval Vulnerability (24.11.2008)
 documentZDI, ZDI-08-075: EMC Control Center SAN Manager Master SST_CTGTRANS Overflow Vulnerability (24.11.2008)

ffdshow codec buffer overflow
Published:24.11.2008
Source:
SecurityVulns ID:9458
Type:client
Threat Level:
6/10
Description:Buffer overflow on oversized URI
Original documentdocumentSecurity Vulnerability Research Team, [Full-disclosure] [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis) (24.11.2008)

Microsoft Windows LDAP users enumeration
Published:24.11.2008
Source:
SecurityVulns ID:9459
Type:remote
Threat Level:
5/10
Description:Different serverreply on invalid username and invalid password.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2003 Server
Original documentdocumentSECURITEAM, [NT] Microsoft Windows Active Directory LDAP Server Information Disclosure Vulnerability (24.11.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod