 |
|
|
|
| Motorola Timbuktu Pro remote control software buffer overflow | | Published: |  | 26.06.2009 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 10017 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | Buffer overflow via PlughNTCommand named pipe. |
| Affected: |  | MOTOROLA : Timbuktu Pro 8.6 | | CVE: |  | CVE-2009-1394 (Stack-based buffer overflow in Motorola Timbuktu Pro 8.6.5 on Windows allows remote attackers to execute arbitrary code by sending a long malformed string over the PlughNTCommand named pipe.) |
| Unisys Business Information Server buffer overflow | | Published: | | 26.06.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10015 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Stack-based buffer overflow on network request processing. |
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 25.06.2009 | | Published: | | 26.06.2009 | | Source: | | | | SecurityVulns ID: | | 10012 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: | | SMARTY : Smarty 2.6 | | | | PHPMYADMIN : phpMyAdmin 2.11 | | | | ALUMNISERVER : AlumniServer 1.0 | | | | PHPMYADMIN : phpMyAdmin 3.1 | | CVE: | | CVE-2009-1669 (The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third party information.) | | | | CVE-2009-1669 (The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third party information.) | | | | CVE-2009-1151 (Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.) | | | | CVE-2009-1150 (Multiple cross-site scripting (XSS) vulnerabilities in the export page (display_export.lib.php) in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pma_db_filename_template cookie.) |
| Samba security vulnerabilities | | Published: | | 26.06.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10016 | | Type: | | local | | Level: | | 5/10 | | Description: | | smbclient format string vulnerability, ability to change file permissions if file is already open. |
| Affected: | | SAMBA : Samba 3.2 | | CVE: | | CVE-2009-1888 (The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.) | | | | CVE-2009-1886 (Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename.) |
|
|
|
|
|
|
|
|
