Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:25.08.2006
Source:
SecurityVulns ID:6543
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPCOIN : phpCOIN 1.2
 PSLASH : pSlash 0.7
 WIKEPAGE : Wikepage Opus 10
Original documentdocumenttimq_(at)_hackernetwork.com, phpCOIN 1.2.3 (_CCFG[_PKG_PATH_INCL]) Remote Include Vulnerability (25.08.2006)
 documentSECUNIA, [SA21542] Wikepage "lng" Local File Inclusion Vulnerability (25.08.2006)
 documentx0r0n_(at)_hotmail.com, pSlash v0.7 (lvc_include_dir) Remote Include Vulnerability (25.08.2006)

SSH Tectia Manager privilege escalation
Published:25.08.2006
Source:
SecurityVulns ID:6544
Type:local
Threat Level:
6/10
Description:User can start unprivileged 'sshd', after "Restart" GUI button is pressed application is restarted with root privileges.
Affected:SSH : SSH Tectia Manager 2.1
Original documentdocumentSECUNIA, [SA21559] SSH Tectia Management Agent Privilege Escalation (25.08.2006)

AIX mpvg privilege escalation
Published:25.08.2006
Source:
SecurityVulns ID:6546
Type:local
Threat Level:
5/10
Description:External applications are executed with relative path.
Affected:IBM : AIX 5.3
Original documentdocumentSECUNIA, [SA21620] AIX mkvg Insecure Program Execution Vulnerability (25.08.2006)

Sun Java System Content Delivery Server directory traversal
Published:25.08.2006
Source:
SecurityVulns ID:6547
Type:remote
Threat Level:
5/10
Affected:SUN : Content Delivery Server 4.0
 SUN : Content Delivery Server 4.1
 SUN : Content Delivery Server 5.0
Original documentdocumentSECUNIA, [SA21628] Sun Java System Content Delivery Server Arbitrary File Disclosure (25.08.2006)

Streamripper buffer overflow
updated since 25.08.2006
Published:28.08.2006
Source:
SecurityVulns ID:6545
Type:remote
Threat Level:
5/10
Description:Buffer overflow on HTTP headers parsing.
Affected:STREAMRIPPER : Streamripper 1.61
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1158-1] New streamripper packages fix arbitrary code execution (28.08.2006)
 documentSECUNIA, [SA21579] Streamripper HTTP Header Buffer Overflow Vulnerabilities (25.08.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod