Computer Security
[EN] securityvulns.ru no-pyccku


freetype integer overflow
Published:25.05.2007
Source:
SecurityVulns ID:7734
Type:local
Threat Level:
5/10
Description:Integer overflow on TTF fonts parsing leads to heap bufffer overflow.
Affected:FREETYPE : FreeType 2.3
CVE:CVE-2007-2754 (Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.)
Original documentdocumentRPATH, rPSA-2007-0108-1 freetype (25.05.2007)

Cisco routers SSL DoS
Published:25.05.2007
Source:
SecurityVulns ID:7735
Type:remote
Threat Level:
6/10
Description:Multiple vulnerabilities on SSL packets parsing.
Affected:CISCO : IOS 12.0
 CISCO : IOS 12.1
 CISCO : IOS 12.2
 CISCO : IOS 12.3
 CISCO : IOS 12.4
Original documentdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS While Processing SSL Packets (25.05.2007)

Microsoft IIS unauthorized files access
Published:25.05.2007
Source:
SecurityVulns ID:7736
Type:remote
Threat Level:
5/10
Description:It's possible to bypass authentication with null.htw template.
Affected:MICROSOFT : Windows 2000 Server
Original documentdocumentISecAuditors Security Advisories, [ISecAuditors Security Advisories] Microsoft IIS5 NTLM and Basic authentication bypass (25.05.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 25.05.2007
Published:25.05.2007
Source:
SecurityVulns ID:7737
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:BOASTMACHINE : BoastMachine 3.0
 CUBECART : CubeCart 3.0
 JETBOX : Jetbox CMS 2.1
 WORDPRESS : WordPress 2.1
 PSYCHOSTATS : PsychoStats 3.0
 HLSTATS : HLstats 1.35
 CLONUSWIKI : ClonusWiki 0.5
 GMTT : GMTT Music Distro 1.2
 PHPPGADMIN : phpPgAdmin 4.1
 ABC : ABC Excel Parser 4.0
 2ZPROJECT : 2z project 0.9
 WIYS : WIYS 1.0
 GFORGE : gforge-plugin-scmcvs 4.5
CVE:CVE-2007-0246 (plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 before 20070524, aka gforge-plugin-scmcvs, allows remote attackers to execute arbitrary commands via shell metacharacters in the PATH_INFO.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution (25.05.2007)
 documentvagrant Pest, WIYS v1.0 Cross-Site Scripting Vulnerability - (05.24.2007) (NEW) (25.05.2007)
 documentJanek Vind, [waraxe-2007-SA#051] - Sql Injection in 2z Project 0.9.5 (25.05.2007)
 documentthe_3dit0r_(at)_yahoo.com, ABC Excel Parser Pro v4.0 Remote File Include Exploit (25.05.2007)
 documentvagrant Pest, BoastMachine v3.0 platinum - Session Эd Hacking (25.05.2007)
 documentjohn_(at)_martinelli.com, RedLevel Advisory #021 - CubeCart v3.0.16 SQL Injection Vulnerability (25.05.2007)
 documentCornelius Riemenschneider, SQL-Injection in IP-TRACKING Mod for phpBB2.0.x (25.05.2007)
 documentthe_3dit0r_(at)_yahoo.com, phpPgAdmin-4.1.1 Remote File Include & Url Redirecting Vulnerabilitiy (25.05.2007)
 documentjohn_(at)_martinelli.com, RedLevel Advisory #020 - HLstats v1.35 Cross-Site Scripting Vulnerability #3 (25.05.2007)
 documentjohn_(at)_martinelli.com, RedLevel Advisory #018 - RM EasyMail Plus - Cross-Site Scripting Vulnerability #2 (25.05.2007)
 documentCorryL, GMTT Music Distro 1.2 XSS Exploit (25.05.2007)
 documentjohn_(at)_martinelli.com, RedLevel Advisory #017 - PsychoStats v3.0.6b Multiple Cross-Site Scripting Vulnerabilities (25.05.2007)
 documentJanek Vind, [waraxe-2007-SA#050] - Sql Injection in WordPress 2.1.3 (25.05.2007)
 documentsecurityresearch_(at)_netvigilance.com, Jetbox CMS version 2.1 XSS Attack Vulnerability (25.05.2007)
 documentjohn_(at)_martinelli.com, RedLevel Advisory #022 - ClonusWiki .5 Cross-Site Scripting Vulnerability (25.05.2007)
Files:Exploits HLstats v1.35 - Cross-Site Scripting Vulnerability #3
 ABC Excel Parser v4.0 Remote File Include Exploit
 Exploits ClonusWiki .5 - Cross-Site Scripting Vulnerability

Cisco multiple devices DoS
Published:25.05.2007
Source:
SecurityVulns ID:7738
Type:remote
Threat Level:
6/10
Description:Denial of service on ASN.1 parsing due to vulnerability in cryptographics library.
Affected:CISCO : IOS 12.2
 CISCO : IOS 12.3
 CISCO : IOS 12.4
 CISCO : PIX 7.0
 CISCO : FWSM 2.3
 CISCO : IOS XR 3.2
 CISCO : Cisco Unified CallManager 5.0
 CISCO : PIX 7.1
 CISCO : FWSM 3.1
 CISCO : IOS XR 3.4
 CISCO : PIX 7.2
 CISCO : IOS XR 3.3
 CISCO : Cisco Unified CallManager 4.0
 CISCO : Cisco Unified CallManager 4.1
 CISCO : Cisco Unified CallManager 4.2
 CISCO : Cisco Unified CallManager 4.3
 CISCO : Cisco Unified CallManager 5.1
Original documentdocumentCISCO, Cisco Security Advisory: Vulnerability In Crypto Library (25.05.2007)

MicroWorld eScan multiple content filtering products buffer overflow
Published:25.05.2007
Source:
SecurityVulns ID:7739
Type:remote
Threat Level:
5/10
Description:Buffer overflow in TCP/2222 agent management interface.
Affected:MWTI : eScan 9.0
Original documentdocumentSECUNIA, Secunia Research: eScan Products Agent Service Command Decryption Buffer Overflow (25.05.2007)

MySQl database server DoS
Published:25.05.2007
Source:
SecurityVulns ID:7741
Type:remote
Threat Level:
5/10
Description:Division by zero and NULL-pointer dereference on malcrafted IF condition.
Affected:ORACLE : MySQL 5.0
CVE:CVE-2007-2583 (The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.)

Opera BitTorrent buffer overflow
Published:25.05.2007
Source:
SecurityVulns ID:7742
Type:client
Threat Level:
6/10
Description:Buffer overflow on BitTorrent headers parsing.
Affected:OPERA : Opera 9.2
Original documentdocumentIDEFENSE, iDefense Security Advisory 05.23.07: Opera Software Opera Web Browser Transfer Item Pop-up Menu Stack Overflow Vulnerability (25.05.2007)

Apple Mac OS X pppd privilege escalation
Published:25.05.2007
Source:
SecurityVulns ID:7743
Type:local
Threat Level:
6/10
Description:It's possible to attach user-supplied module to privileged process with 'plugin' command.
Affected:APPLE : Mac OS X 10.4
Original documentdocumentIDEFENSE, iDefense Security Advisory 05.24.07: Apple Computer Mac OS X pppd Plugin Loading Privilege Escalation Vulnerability (25.05.2007)

Credant Mobile Guardian Shield information leak
Published:25.05.2007
Source:
SecurityVulns ID:7745
Type:local
Threat Level:
4/10
Description:Sensitive information is stored in memory in crear-text form and may be stored in paging file.
Affected:CREDANT : Credant Mobile Guardian Shield for Windows 5.2
Original documentdocumentmyucebox_(at)_yahoo.com, Vulnerability in Credant Mobile Guardian Shield for Windows (25.05.2007)

Array overflow in Linux kernel
Published:25.05.2007
Source:
SecurityVulns ID:7747
Type:library
Threat Level:
6/10
Description:DecNET dn_fib_props() and TCP/IP fib_props() functions array index overflow.
Affected:LINUX : kernel 2.6
CVE:CVE-2007-2172 (A typo in Linux kernel 2.6 before 2.6.21-rc6 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution (25.05.2007)

KSign KSignSWAT ActiveX buffer overflow
Published:25.05.2007
Source:
SecurityVulns ID:7748
Type:client
Threat Level:
5/10
Description:Multiple buffer overflows in different methods.
Original documentdocumentBPS, [Full-disclosure] KSign KSignSWAT ActiveX Control Multiple Buffer Overflows Vulnerability (25.05.2007)

Avast antivirus code execution
updated since 25.05.2007
Published:26.05.2007
Source:
SecurityVulns ID:7744
Type:remote
Threat Level:
5/10
Description:Code execution on CAB files parsing. Integer overflow on .SIS parsing.
Affected:ALWIL : avast! Antivirus 4.7
Original documentdocumentsecurity_(at)_nruns.com, n.runs-SA-2007.009 - Avast! Antivirus SIS parsing Arbitrary Code Execution Advisory (26.05.2007)
 documentsecurity_(at)_nruns.com, n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory (25.05.2007)

Cisco CallManager crossite scripting and SQL injection
updated since 25.05.2007
Published:31.08.2007
Source:
SecurityVulns ID:7740
Type:remote
Threat Level:
5/10
Description:Crossite scripting via /CCMAdmin/serverlist.asp. SQL injection with /CCMUser/logon.asp.
Affected:CISCO : CallManager 4.1
Original documentdocumentElliot Kendall, SQL Injection in Cisco CallManager (31.08.2007)
 documentCISCO, Cisco Security Advisory: XSS and SQL Injection in Cisco CallManager/Unified Communications Manager Logon Page (29.08.2007)
 documentStefan Friedli, Cisco CallManager 4.1 Input Validation Vulnerability (25.05.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod