Computer Security
[EN] securityvulns.ru no-pyccku


3COM TippingPoint intrusion prevension system DoS
Published:25.04.2007
Source:
SecurityVulns ID:7634
Type:remote
Threat Level:
5/10
Description:Packets flood to TCP/80 port leads to resources exhaustion.
Original documentdocumentmike20061005_(at)_webmail.co.za, 3Com's TippingPoint Denial of Service (25.04.2007)

Apache unfiltered HTTP methods
Published:25.04.2007
Source:
SecurityVulns ID:7637
Type:remote
Threat Level:
4/10
Description:HTTP request method is not checked for RFC2616 complience. Under specific conditions it may lead, for example, to crossite scripting.
Original documentdocumentMichal Majchrowicz, [Full-disclosure] Apache/PHP REQUEST_METHOD XSS Vulnerability (25.04.2007)

Asterisk multiple security vulnerabilities
Published:25.04.2007
Source:
SecurityVulns ID:7638
Type:remote
Threat Level:
7/10
Description:Multiple buffer overflows on T.38 SDP SIP channels parsing. DoS in administration interface. Multiple security vulnerabilities in parsing SIP replies.
Affected:ASTERISK : Asterisk 1.2
 DIGIUM : Asterisk 1.4
 ASTERISK : Asterisk 1.3
 ASTERISK : Asterisk Appliance Developer Kit 0.4
Original documentdocumentASTERISK, [Full-disclosure] ASA-2007-011: Multiple problems in SIP channel parser handling response codes (25.04.2007)

Cisco Network Services NetFlow Collection Engine default account
Published:25.04.2007
Source:
SecurityVulns ID:7639
Type:remote
Threat Level:
5/10
Description:Account with hardcoded password is used for NetFlow information gathering.
Affected:CISCO : NetFlow Collection Engine 5.0
Original documentdocumentCISCO, Cisco Security Advisory: Default Passwords in NetFlow Collection Engine (25.04.2007)

CA BrightStor ARCserve backup system multiple buffer overflows
updated since 25.04.2007
Published:17.05.2007
Source:
SecurityVulns ID:7635
Type:remote
Threat Level:
6/10
Description:Multiple buffer overflows in RPC-based Media Server service.
Affected:CA : Brightstor ARCserve Backup 11.1
 CA : BrightStor ARCserve Backup 9.01
 CA : BrightStor Enterprise Backup 10.5
 CA : Brightstor ARCserve Backup 11.5
 CA : CA Server Protection Suite 2
 CA : CA Business Protection Suite 2
 CA : BrightStor ARCserve Backup 11
CVE:CVE-2007-2139 (Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785.)
 CVE-2007-1785 (The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request.)
Original documentdocumentCA, CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe Vulnerabilities (17.05.2007)
 documentCA, [CAID 35198, 35276]: CA BrightStor ARCserve Backup Media Server Vulnerabilities (27.04.2007)
 documentZDI, ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities (25.04.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod