Computer Security
[EN] securityvulns.ru no-pyccku


MIT Kerberos DoS
Published:25.03.2010
Source:
SecurityVulns ID:10712
Type:library
Threat Level:
6/10
Description:Crash on SPNEGO negotiation.
Affected:MIT : krb5 1.7
 MIT : krb5 1.8
CVE:CVE-2010-0628 (The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid packet that triggers incorrect preparation of an error token.)
Original documentdocumentMIT, MITKRB5-SA-2010-002 denial of service in SPNEGO [CVE-2010-0628 VU#839413] (25.03.2010)

Lexmark laser printers multiple security vulnereabilities
Published:25.03.2010
Source:
SecurityVulns ID:10713
Type:remote
Threat Level:
5/10
Description:PJL processing buffer overflow, FTP service DoS.
CVE:CVE-2010-0619 (Stack-based buffer overflow in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser printers and multi-function printers allows remote attackers to execute arbitrary code or cause a denial of service (device hang) via a long argument to a PJL INQUIRE command.)
 CVE-2010-0618 (The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser and inkjet printers and MarkNet devices allows remote attackers to cause a denial of service (TCP outage) by making many passive FTP connections and then aborting these connections.)
Original documentdocumentFrancis Provencher, {PRL} Lexmark Multiple Laser printer FTP Remote Denial of Services (25.03.2010)
 documentFrancis Provencher, {PRL} Lexmark Multiple Laser Printer Remote Stack Overflow (25.03.2010)

Cisco routers IOS multiple security vulnerabilities
Published:25.03.2010
Source:
SecurityVulns ID:10714
Type:remote
Threat Level:
7/10
Description:DoS via TCP connections, multiple vulnerabilities in IPSec, H.323, SIP. SCCP, MPLS protocols.
Affected:CISCO : IOS 12.0
 CISCO : IOS 12.1
 CISCO : IOS 12.2
 CISCO : IOS 12.3
 CISCO : IOS 12.4
 CISCO : IOS 15.0
 CISCO : IOS 15.1
 CISCO : IOS-XE 2.1
 CISCO : IOS-XE 2.2
 CISCO : IOS-XE 2.3
 CISCO : IOS-XE 2.4
 CISCO : IOS-XE 2.5
 CISCO : IOS-XE 2.6
CVE:CVE-2010-0586 (Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz49741, the "SCCP Request Handling Denial of Service Vulnerability.")
 CVE-2010-0585 (Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz48614, the "SCCP Packet Processing Denial of Service Vulnerability.")
 CVE-2010-0584 (Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250.)
 CVE-2010-0583 (Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855.)
 CVE-2010-0582 (Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962.)
 CVE-2010-0581 (Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability.")
 CVE-2010-0580 (Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability.")
 CVE-2010-0578 (The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491.)
 CVE-2010-0577 (Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186.)
 CVE-2010-0576 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or process restart) via a crafted LDP packet, aka Bug IDs CSCsz45567 and CSCsj25893.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability (25.03.2010)
 documentCISCO, Cisco Security Advisory: Cisco IOS Software H.323 Denial of Service Vulnerabilities (25.03.2010)
 documentCISCO, Cisco Security Advisory: Cisco IOS Software IPsec Vulnerability (25.03.2010)
 documentCISCO, Cisco Security Advisory: Cisco IOS Software Multiprotocol Label Switching Packet Vulnerability (25.03.2010)
 documentCISCO, Cisco Security Advisory: Cisco IOS Software NAT Skinny Call Control Protocol Vulnerability (25.03.2010)
 documentCISCO, Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities (25.03.2010)
 documentCISCO, Cisco Security Advisory: Cisco Unified Communications Manager Express Denial of Service Vulnerabilities (25.03.2010)

Linux GFS / GFS2 file system DoS
Published:25.03.2010
Source:
SecurityVulns ID:10715
Type:local
Threat Level:
4/10
Description:gfs2_lock/gfs_lock doesn't check file permissions.
CVE:CVE-2010-0727 (The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions.)
Original documentdocumentMANDRIVA, [ MDVSA-2010:066 ] kernel (25.03.2010)

Apple Safari / WebKit protection bypass
Published:25.03.2010
Source:
SecurityVulns ID:10716
Type:remote
Threat Level:
5/10
Description:Integer overflow allows to bypass destination port limitations.
Original documentdocumentGary Niger, Safari browser port blocking bypassed by integer overflow (25.03.2010)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:25.03.2010
Source:
SecurityVulns ID:10717
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:JUSTVISUAL : justVisual 2.0
 EASYENTERPRISEDM : EASY Enterprise DMS 6.0
 DISCUZ : Discuz! 7.2
Original documentdocumentYaniv Miron, Aris AGX agXchange ESM Cross Site Scripting Vulnerability (25.03.2010)
 documentlis cker, There is a Permanent-type Cross-Site Vulnerability in “Personal Signature” in all version of Discuz!. It can be written by the worm! (25.03.2010)
 documentmichael.mueller_(at)_integralis.com, Multiple Vulnerabilities in EASY Enterprise DMS (25.03.2010)
 documentInj3ct0r.com, Interactivefx.ie CMS SQL Injection Vulnerability (25.03.2010)
 documenteidelweiss, justVisual 2.0 (index.php) <= LFI Vulnerability (25.03.2010)

Deliver race conditions
Published:25.03.2010
Source:
SecurityVulns ID:10718
Type:local
Threat Level:
5/10
Description:Multiple race conditions lead to symlink attacks and DoS conditions.
CVE:CVE-2010-0439 (Chip Salzenberg Deliver allows local users to cause a denial of service, obtain sensitive information, and possibly change the ownership of arbitrary files via a symlink attack on an unspecified file.)
Original documentdocumentDan Rosenberg, Multiple vulnerabilities in Deliver (25.03.2010)

puppet privilege escalation
Published:25.03.2010
Source:
SecurityVulns ID:10719
Type:local
Threat Level:
5/10
Description:Elevated privileges are not dropped on files access, symbolic links vulnerability.
Affected:PUPPET : puppet 0.24
CVE:CVE-2010-0156 (Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file.)
 CVE-2009-3564 (puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files.)
Original documentdocumentUBUNTU, [USN-917-1] Puppet vulnerabilities (25.03.2010)

MX Simulator Server buffer overflow
Published:25.03.2010
Source:
SecurityVulns ID:10720
Type:remote
Threat Level:
5/10
Description:Buffer overflow on network request handling.
Affected:MXSIMULATOR : MX Simulator Server 2010-02-06
Files:MX Simulator Server 2010-02-06 Remote Buffer Overflow PoC

Remote Help HTTP server format string vulnerability
Published:25.03.2010
Source:
SecurityVulns ID:10721
Type:remote
Threat Level:
5/10
Affected:HIPERNES : Remote Help 0.0
Original documentdocumentsecurity_(at)_corelan.be, [CORELAN-10-015] - Remote Help 0.0.7 Httpd DoS (Format String) (25.03.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod