Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:26.09.2006
Source:
SecurityVulns ID:6650
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:OPTIAL : Opial Audio/Video Download Management 1.0
 WWWTHREADS : wwwthreads 5.4
 PNEWS : PNews 1.1
 PBLANG : PBlang 4.66
 POLARING : Polaring 0.04
 FACESTONES : faceStones 2.0
 BRUDASWEN : BrudaGB 1.1
 BRUDASWEN : BrudaNews 1.1
 EVOBB : evoBB 0.3
 PHPBBINTEGRAMODE : IM Portal 1.2
 MINERVA : Minerva 2.0
Original documentdocumentSHiKaA-_(at)_hotmail.com, Minerva <= v238 (phpbb_root_path) Remote File Inclusion Exploit (26.09.2006)
 documentSHiKaA-_(at)_hotmail.com, IM Portal <= v1.2.0 (phpbb_root_path) Remote File Inclusion Exploit (26.09.2006)
 documentSHiKaA-_(at)_hotmail.com, evoBB <= v0.3 (path) Remote File Inclusion Exploit (26.09.2006)
 documentSHiKaA-_(at)_hotmail.com, BrudaNews <= v1.1 (o) Remote File Inclusion Exploit (26.09.2006)
 documentSHiKaA-_(at)_hotmail.com, BrudaGB <= v1.1 (o) Remote File Inclusion Exploit (26.09.2006)
 documentSHiKaA-_(at)_hotmail.com, faceStones personal <= v2.0.42 (objpath) Remote File Inclusion Exploit (26.09.2006)
 documentMILW0RM, PBLang <= v4.66z (temppath) Remote File Inclusion Exploit (26.09.2006)
 documentSHiKaA-_(at)_hotmail.com, PBLang <= v4.66z (temppath) Remote File Inclusion Exploit (26.09.2006)
 documentCvIr.System_(at)_gmail.com, PNews v1.1.0 (nbs) Remote File Inclusion (26.09.2006)
 documenth4ck3riran_(at)_yahoo.com, wwwthreads <= 5.4.2 croos site script vulnerbilities (26.09.2006)
 documentmeto5757_(at)_hotmail.com, PhotoStore Multiple Cross-Site Scripting Vulnerabilities (26.09.2006)
 documenth4ck3riran_(at)_yahoo.com, Opial Audio/MyPhotos<= Remote File Include Vulnerability (26.09.2006)
 documentmeto5757_(at)_hotmail.com, Opial Audio/Video Download Management - Version 1.0 index.php Xss vulns. (26.09.2006)
 documenth4ck3riran_(at)_yahoo.com, phpstak <= Remote File Include Vulnerability (26.09.2006)

Multiple FreeBSD kernel integer overflow
Published:26.09.2006
Source:
SecurityVulns ID:6651
Type:local
Threat Level:
5/10
Description:Integer overflow and signed/unsigned conversion problems in i386_set_ldt().
Affected:FREEBSD : FreeBSD 5.5
Original documentdocumentIDEFENSE, iDefense Security Advisory 09.23.06: FreeBSD i386_set_ldt Integer Signedness Vulnerability (26.09.2006)
 documentIDEFENSE, iDefense Security Advisory 09.23.06: FreeBSD i386_set_ldt Integer Overflow Vulnerability (26.09.2006)

Sun Solaris IPv6 DoS
Published:26.09.2006
Source:
SecurityVulns ID:6652
Type:remote
Threat Level:
5/10
Affected:ORACLE : Solaris 10
Original documentdocumentSECUNIA, [SA22103] Solaris IPv6 Denial of Service Vulnerability (26.09.2006)

IBM AIX utilities multiple security vulnerabilities
updated since 26.09.2006
Published:28.09.2006
Source:
SecurityVulns ID:6653
Type:local
Threat Level:
6/10
Description:Xclock buffer overflow; utape, cfgmgr, rdist, uucp, snappd, named8 and mkvg privilege escalation; slip.login and Inventory Scout arbitrary file overwrite.
Affected:IBM : AIX 5.3
Original documentdocumentSECUNIA, [SA22119] IBM AIX "utape" Privilege Escalation Vulnerability (28.09.2006)
 documentSECUNIA, [SA22099] IBM AIX rdist Privlege Escalation Vulnerability (28.09.2006)
 documentSECUNIA, [SA22112] IBM AIX "cfgmgr" Privilege Escalation Vulnerability (28.09.2006)
 documentSECUNIA, [SA22105] IBM AIX uucp Privilege Escalation Vulnerability (28.09.2006)
 documentSECUNIA, [SA22108] IBM AIX snappd Privilege Escalation Vulnerability (28.09.2006)
 documentSECUNIA, [SA22111] IBM AIX slip.login Privilege Escalation Vulnerability (26.09.2006)
 documentSECUNIA, [SA22062] IBM AIX Inventory Scout Arbitrary File Overwrite Vulnerability (26.09.2006)
 documentSECUNIA, [SA22106] IBM AIX mkvg Privilege Escalation Vulnerability (26.09.2006)
 documentSECUNIA, [SA22102] IBM AIX named8 Privilege Escalation Vulnerability (26.09.2006)
 documentSECUNIA, [SA22098] IBM AIX xlock Buffer Overflow Vulnerability (26.09.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod