Computer Security
[EN] securityvulns.ru no-pyccku


Cisco Video Surveillance products security vulnerabilities
Published:25.06.2009
Source:
SecurityVulns ID:10010
Type:remote
Threat Level:
5/10
Description:DoS, unauthorized camera access.
Affected:CISCO : Video Surveillance 2500
 CISCO : Video Surveillance Stream Manager 5.2
CVE:CVE-2009-2045 (The Cisco Video Surveillance Stream Manager firmware before 5.3, as used on Cisco Video Surveillance Services Platforms and Video Surveillance Integrated Services Platforms, allows remote attackers to cause a denial of service (reboot) via a malformed payload in a UDP packet to port 37000, related to the xvcrman process, aka Bug ID CSCsj47924.)
 CVE-2009-2045 (The Cisco Video Surveillance Stream Manager firmware before 5.3, as used on Cisco Video Surveillance Services Platforms and Video Surveillance Integrated Services Platforms, allows remote attackers to cause a denial of service (reboot) via a malformed payload in a UDP packet to port 37000, related to the xvcrman process, aka Bug ID CSCsj47924.)
Original documentdocumentCISCO, Cisco Security Advisory: Vulnerabilities in Cisco Video Surveillance Products (25.06.2009)

Cisco Physical Access Gateway DoS
Published:25.06.2009
Source:
SecurityVulns ID:10011
Type:remote
Threat Level:
5/10
Description:Memory leaks on HTTPs processing.
CVE:CVE-2009-1163 (Memory leak on the Cisco Physical Access Gateway with software before 1.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified TCP packets.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco Physical Access Gateway Denial of Service Vulnerability (25.06.2009)

Cisco ASA Web VPN multiple security vulnerabilities
Published:25.06.2009
Source:
SecurityVulns ID:10013
Type:remote
Threat Level:
5/10
Description:Crossite scripting, filtering bypass, information leak.
CVE:CVE-2009-1203 (WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709.)
 CVE-2009-1202 (WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) attacks, by modifying the first hex-encoded character in a /+CSCO+ URI, aka Bug ID CSCsy80705.)
 CVE-2009-1201 (Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN['process'] to the name of a crafted function, aka Bug ID CSCsy80694.)
Original documentdocumentTrustwave Advisories, Trustwave's SpiderLabs Security Advisory TWSL2009-002 (25.06.2009)

Multiple OpenSSL DoS conditions
Published:25.06.2009
Source:
SecurityVulns ID:10014
Type:library
Threat Level:
5/10
Description:Multiple vulnerabilities on DTLS handling.
Affected:OPENSSL : OpenSSL 0.9
CVE:CVE-2009-1387 (The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug.")
 CVE-2009-1386 (ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.)
 CVE-2009-1379 (Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.)
 CVE-2009-1378 (Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak.")
 CVE-2009-1377 (The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug.")
Original documentdocumentUBUNTU, [USN-792-1] OpenSSL vulnerabilities (25.06.2009)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 25.06.2009
Published:26.06.2009
Source:
SecurityVulns ID:10012
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SMARTY : Smarty 2.6
 PHPMYADMIN : phpMyAdmin 2.11
 ALUMNISERVER : AlumniServer 1.0
 PHPMYADMIN : phpMyAdmin 3.1
CVE:CVE-2009-1669 (The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third party information.)
 CVE-2009-1669 (The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third party information.)
 CVE-2009-1151 (Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.)
 CVE-2009-1150 (Multiple cross-site scripting (XSS) vulnerabilities in the export page (display_export.lib.php) in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pma_db_filename_template cookie.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1824-1] New phpmyadmin packages fix several vulnerabilities (26.06.2009)
 documenty3nh4ck3r_(at)_gmail.com, SQL INJECTION VULNERABILITY --AlumniServer v-1.0.1--> (26.06.2009)
 documenty3nh4ck3r_(at)_gmail.com, (POST var 'resetpwemail') BLIND SQL INJECTION EXPLOIT --AlumniServer v-1.0.1--> (25.06.2009)
 documentUBUNTU, [USN-791-3] Smarty vulnerability (25.06.2009)
Files:AlumniServer v-1.0.1 Blind SQLi Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod