 |
|
|
|
| Multiple Siemens Santis 50 wireless router vulnerabilities | | Published: |  | 25.07.2005 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 5035 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | DoS, local network administration backdoor access. |
| Affected: |  | SIEMENS : Santis 50 | | | | ERICSSON : HN294dp | | | | DYNALINK : RTA300W |
| Original document |  | luca.carettoni_(at)_securenetwork.it, Siemens SANTIS 50 Authentication Vulnerability (25.07.2005) |
| Gentoo Linux sandbox portage package management system utility symbolic links problem | | Published: | | 25.07.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5037 | | Type: | | local | | Level: | | 5/10 | | Description: | | Race conditions during temporary files creation. |
| Affected: | | GENTOO : sandbox 1.2 |
| Original document | | GENTOO, [ GLSA 200507-22 ] sandbox: Insecure temporary file handling (25.07.2005) |
| SAP R/3 Internet Graphics Server directory traversal | | Published: | | 25.07.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5034 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Directory traversal on accesing htdocs folder. |
| Affected: | | SAP : SAP IGS 6.40 |
| Original document | | advisories, Corsaire Security Advisory: SAP Internet Graphics Server traversal issue (25.07.2005) |
| Multiple ClamAV antivirus integer overflows | | Published: | | 25.07.2005 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 5031 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Integer overflows on multiple file formats ( TNEF, CHM, FSG) parsing lead to heap corruption. |
| Affected: | | CLAMAV : ClamAV 0.86 |
| Original document | | list_(at)_rem0te.com, [Full-disclosure] ClamAV Multiple Rem0te Buffer Overflows (25.07.2005) |
| Unfiltered shell characters in vim editor | | Published: | | 25.07.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5033 | | Type: | | local | | Level: | | 5/10 | | Description: | | modelines mode shell characters problem on file open. |
| Affected: | | VIM : vim 6.3 |
| Original document | | Georgi Guninski, [Full-disclosure] Help poor children in Uganda (25.07.2005) |
netpbm / pstotext PostScript code execution
updated since 25.07.2005 | | Published: | | 26.07.2005 | | Source: | | SECUNIA | | SecurityVulns ID: | | 5038 | | Type: | | remote | | Level: | | 5/10 | | Description: | | -dSAFER option is not used while calling GhostScript. |
| Affected: | | NETPBM : netpbm 10.0 | | | | PSTOTEXT : pstotext 1.9 |
| Original document | | SECUNIA, [SA16183] pstotext Arbitrary Postscript Code Execution Vulnerability (26.07.2005) |
| | | SECUNIA, [SA16184] netpbm Arbitrary Postscript Code Execution Vulnerability (25.07.2005) |
PHP, ASP, CGI web applications security vulnerabilities
updated since 25.07.2005 | | Published: | | 29.07.2005 | | Source: | | | | SecurityVulns ID: | | 5032 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: | | PHPLIST : phplist 2.8 | | | | HOSTINGCONTROLLE : Hosting Controller 6.1 | | | | PHPFIRSTPOST : PHP FirstPost 0.1 | | | | BEEHIVEFORUM : Beehive Forum 0.6 | | | | FTPLOCATE : FtpLocate 2.02 | | | | ATOMICPA : Atomic Photo Album 1.1 | | | | ASNGUESTBOOK : Asn Guestbook 1.5 | | | | VIRTECH : Netquery 3.1 | | | | CLEVERCOPY : Clever Copy 2.0 | | | | PNGCOUNTER : PNG Counter 1.0 | | | | PHPBOOK : phpBook 1.50 | | | | VBZOOM : VBZooM 1.0 | | | | BMFORUM : BMForum Plus! 2.6 | | | | BMFORUM : BMForum Plus! 3.0 | | | | MYSQL : Eventum 1.5 | | | | GFORGE : gforge 4.5 | | | | USEBB : UseBB 0.5 | | | | PHPMYGALLERY : PHPmyGallery 1.5 | | | | SIMPLICITYOFUPLO : Simplicity oF Upload 1.3 | | | | EASYPX : Easy PX 41 CMS | | | | CALACODE : @Mail 4.11 | | | | KNUSPERLEICHT : Kshout 3.0 | | | | KAYAKO : liveResponse 2.0 | | | | EARLYINPACT : Product Cart 2.6 | | | | ROCP : ROCP 4.3 |
| Original document | | svt_(at)_svt.nukleon.us, [SVadvisory] - SQL injection in OpenBook 1.2.2 (02.08.2005) |
| | | fjlj_(at)_wvi.com, RO CP root exploit (31.07.2005) |
| | | Zinho, [HSC Security Group] SQL Injection in Product Cart 2.6 (31.07.2005) |
| | | l--s_(at)_hotmail.com, Kent's Guestbook database exploit (31.07.2005) |
| | | rat_(at)_marocmaffia.com, PC-EXPERIENCE/TOPPE CMS Security Advisory (31.07.2005) |
| | | JeiAr, Kayako liveResponse Multiple Vulnerabilities (31.07.2005) |
| | | group_(at)_soulblack.com.ar, Kshout Data Disclosure (31.07.2005) |
| | | Debasis Mohanty, [Full-disclosure] Indiatimes Shopping Cart XSS (Cross Site Scripting) Attacks (30.07.2005) |
| | | SECUNIA, [SA16252] @Mail Multiple Cross-Site Scripting Vulnerabilities (30.07.2005) |
| | | SECUNIA, [SA16264] Easy PX 41 CMS Cross-Site Scripting and Information Disclosure (30.07.2005) |
| | | SECUNIA, [SA16273] Simplicity oF Upload "language" File Inclusion Vulnerability (30.07.2005) |
| | | SECUNIA, [SA16260] PHPmyGallery "confdir" File Inclusion Vulnerability (30.07.2005) |
| | | SECUNIA, [SA16270] UNG "name" and "email" Mail Header Injection (30.07.2005) |
| | | l--s_(at)_hotmail.com, uguestbook exploit (29.07.2005) |
| | | Stefan Esser, Advisory 12/2005: UseBB Multiple Vulnerabilities (29.07.2005) |
| | | thegreatone2176_(at)_yahoo.com, Website Baker Project Multiple Vulnerabilities (29.07.2005) |
| | | Jose Antonio, Cross Site Scripting vulnerabilities in GForge (29.07.2005) |
| | | thegreatone2176_(at)_yahoo.com, PhpList Sql Injection and Path Disclosure (29.07.2005) |
| | | SECUNIA, [SA16253] GForge Cross-Site Scripting Vulnerabilities (28.07.2005) |
| | | SECUNIA, [SA16255] MySQL Eventum PEAR XML_RPC PHP Code Execution Vulnerability (28.07.2005) |
| | | SECUNIA, [SA16224] BMForum Plus! Cross-Site Scripting Vulnerabilities (28.07.2005) |
| | | SECUNIA, [SA16192] phpBook "admin" Cross-Site Scripting Vulnerability (27.07.2005) |
| | | SECUNIA, [SA16237] PNG Counter "digit" Cross-Site Scripting Vulnerability (27.07.2005) |
| | | SECUNIA, [SA16235] Hosting Controller comgetfile.asp Information Disclosure (27.07.2005) |
| | | SECUNIA, [SA16236] Clever Copy Cross-Site Scripting Vulnerabilities (27.07.2005) |
| | | Zinho, [HSC Security Group] XSS in CartWiz (27.07.2005) |
| | | SECURITEAM, [EXPL] Netquery Command Execution (Exploit) (26.07.2005) |
| | | SECUNIA, [SA16202] Asn Guestbook "version" Cross-Site Scripting Vulnerability (25.07.2005) |
| | | gr0up.pclabs_(at)_gmail.com, Atomic Photo Album (APA) apa_phpinclude.inc.php remote file include (25.07.2005) |
| | | newbug_(at)_chroot.org, Chroot Security Group Advisory 2005-07-25 -- ftplocate (25.07.2005) |
| | | thegreatone2176_(at)_yahoo.com, Beehive Forum Multiple Vulnerabilities (25.07.2005) |
| | | gb.network_(at)_gmail.com, PHP FirstPost remote file include vulnerability (25.07.2005) |
| |
|
| |
