Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:25.04.2006
Source:
SecurityVulns ID:6044
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:INVISION : Invision Power Board 2.1
 HELPCENTERLIVE : Help Center Live 2.0
 VWAR : VWar 1.21
 AMPLECOM : ampleShop 2.1
 PHPMYAGENDA : phpMyAgenda 3.0
 RIBLOG : RI Blog 1.1
 BUILT2GO : built2go Movie Review 1.0
 SLSITE : SL_Site 1.0
 PHOTOCORN : photokorn 1.53
 PHOTOCORN : photokorn 1.542
 PHPWEBFTP : PhpWebFtp 2.3
 PHPWEBGALLERY : PhpWebGallery 1.6
Original documentdocumentSECUNIA, [SA19801] PhpWebGallery "picture.php" Disclosure of Arbitrary Pictures (25.04.2006)
 documentspam_(at)_we11er.co.uk, Invision Vulnerabilities, including remote code execution (25.04.2006)
 documentarko.dhar_(at)_gmail.com, PhpWebFtp Cross Site Scripting Vulnerability (25.04.2006)
 documentaminrayden_(at)_yahoo.com, NextAge Shopping Cart Software XSS (25.04.2006)
 documentDr-Jr7_(at)_hotmail.com, photokorn 1.53 , 1.542 << Sql (25.04.2006)
 documentSECUNIA, [SA19776] Help Center Live osTicket SQL Injection Vulnerabilities (25.04.2006)
 documentSECUNIA, [SA19792] SL_site Multiple Vulnerabilities and Weakness (25.04.2006)
 documentSECUNIA, [SA19749] built2go Movie Review "full_path" File Inclusion Vulnerability (25.04.2006)
 documentomnipresent_(at)_email.it, RIblog Remote SQL Injection Exploit (25.04.2006)
 documentarko.dhar_(at)_gmail.com, VWar Path Disclosure (25.04.2006)
 documentAesthetico, [MajorSecurity] phpMyAgenda 3.0 Final - Remote File Include Vulnerability (25.04.2006)
 documentr0t, ampleShop™ eCommerce Software vuln. (25.04.2006)

iOpus Secure Email protection bypass
Published:25.04.2006
Source:
SecurityVulns ID:6045
Type:remote
Threat Level:
5/10
Description:Any part of password can be used for decryption.
Original documentdocumentntwak0_(at)_safehack.com, ADVISORY FOR IOPUS SECURE EMAIL ATTACHMENTS (25.04.2006)

Safari MacOS X DoS
Published:25.04.2006
Source:
SecurityVulns ID:6046
Type:client
Threat Level:
5/10
Description:Large rowspan number leads to CPU and memory consumption.
Affected:APPLE : Mac OS X 10.4
 APPLE : Safari 2.0
Original documentdocumentsecurity_(at)_slashdot.ch, Apple Mac OS X Safari 2.0.3 Vulnerability (25.04.2006)

Quick 'n Easy FTP Server buffer overflow
Published:25.04.2006
Source:
SecurityVulns ID:6047
Type:remote
Threat Level:
5/10
Description:Buffer overflow on oversized command during logging.
Affected:QUICKNEASY : Quick 'n Easy FTP Server 3.0
Original documentdocumentc0d3r_(at)_ihsteam.com, Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow (25.04.2006)

Winny P2Pclient buffer overflow
Published:25.04.2006
Source:
SecurityVulns ID:6049
Type:remote
Threat Level:
5/10
Affected:WINNY : Winny 2.0
Original documentdocumentEEYE, Winny Remote Buffer Overflow Vulnerability (25.04.2006)

Multiple Ethereal security vulnerabilities
Published:25.04.2006
Source:
SecurityVulns ID:6050
Type:remote
Threat Level:
5/10
Description:~30 errors on parsing different protocols.
Affected:ETHEREAL : Ethereal 0.10
Original documentdocumentETHEREAL, Ethereal 0.99.0 Release Notes (25.04.2006)

dnsmasq DNS forwarder / DHCP server DoS
Published:25.04.2006
Source:
SecurityVulns ID:6051
Type:remote
Threat Level:
5/10
Description:Crash on parsing malformed DHCP client request.
Original documentdocumentSECUNIA, [SA19760] Dnsmasq DHCP Broadcast Reply Denial of Service (25.04.2006)

Nessus buffer overflow
Published:25.04.2006
Source:
SecurityVulns ID:6052
Type:local
Threat Level:
5/10
Description:Buffer overflow on parsing NASL (Nessus Attack Scripting Language) scripts.
Affected:NESSUS : Nessus 2.7
 NESSUS : Nessus 3.0
Original documentdocumentOS2A BTO, NASL 'Split' function Buffer overflow Vulnerability (25.04.2006)

abc2ps / abcmidi abc music files to postscript converter buffer overflow
updated since 25.04.2006
Published:26.04.2006
Source:
SecurityVulns ID:6048
Type:client
Threat Level:
5/10
Description:Buffer overflow on abc format parsing.
Affected:ABC2PS : abc2ps 1.3
 ABCMIDI : abcmidi 17
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1043-1] New abcmidi packages fix arbitrary code execution (26.04.2006)
 documentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1041-1] New abc2ps packages fix arbitrary code execution (25.04.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod