Search:Vulnerability:26.09.2007 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

PHP disable_functions function aliases protection bypass
Published: 26.09.2007
Source: ANTICHAT
SecurityVulns ID: 8188
Type: local
Level: 5/10
Description: Function, disabled with disable_functions, may be invoked by it's alias.

Affected: PHP : PHP 4.4
PHP : PHP 5.2

Original document elektronic_(at)_antichat.ru, PHP-alias vulnerable: disable_functions bypass (26.09.2007)

Discuss: Read or add your comments to this news (0 comments)

PostgreSQL dblink library multiple security vulnerabilities
Published: 26.09.2007
Source: CVE
SecurityVulns ID: 8191
Type: library
Level: 6/10
Description: Privilege escalation.

Affected: POSTGRESQL : PostgreSQL 8.1
CVE: CVE-2007-3280 (The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system function in libc.so.6 to gain shell access.)
CVE-2007-3279 (PostgreSQL 8.1 and probably later versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and execute functions, as demonstrated by functions that perform local brute-force password guessing attacks, which may evade intrusion detection.)
CVE-2007-3278 (PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1.)

Original document MANDRIVA, [ MDKSA-2007:188 ] - Updated postgresql packages prevent access abuse using dblink (26.09.2007)

Discuss: Read or add your comments to this news (0 comments)

Linux kernel ALSA information leak
Published: 26.09.2007
Source: BUGTRAQ
SecurityVulns ID: 8193
Type: local
Level: 5/10
Description: snd_proc_mem_read returns uninitialized kernel memory data.

Affected: LINUX : kernel 2.6

Original document IDEFENSE, iDefense Security Advisory 09.25.07: Linux Kernel ALSA snd_mem_proc_read Information Disclosure Vulnerability (26.09.2007)

Discuss: Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 26.09.2007
Source:
SecurityVulns ID: 8189
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: SIMPLEPHPBLOG : SimplePHPBlog 0.4
NUKESENTINEL : NukeSentinel 2.5
SIMPGB : SimpGB 1.46
PROSEARCH : PRO-search 0.17
SIMPLEPHPBLOG : simplePHPBlog 0.5
SIMPNEWS : SimpNews 2.41
CVE: CVE-2007-4874
CVE-2007-4873
CVE-2007-4872

Original document securityresearch_(at)_netvigilance.com, SimpGB version 1.46.02 Information Disclosure Vulnerability (26.09.2007)

securityresearch_(at)_netvigilance.com, SimpNews version 2.41.03 Multiple Path Disclosure Vulnerabilities (26.09.2007)

securityresearch_(at)_netvigilance.com, SimpGB version 1.46.02 Multiple Path Disclosure Vulnerabilities (26.09.2007)

document securityresearch_(at)_netvigilance.com, SimpGB version 1.46.02 Multiple XSS Attack Vulnerabilities (26.09.2007)

securityresearch_(at)_netvigilance.com, SimpGB version 1.46.02 File Content Disclosure Vulnerability (26.09.2007)

securityresearch_(at)_netvigilance.com, SimpNews version 2.41.03 Multiple XSS Attack Vulnerabilities (26.09.2007)

document securityresearch_(at)_netvigilance.com, SimpNews version 2.41.03 File Content Disclosure Vulnerability (26.09.2007)

Janek Vind, [waraxe-2007-SA#054] - Local File Inclusion in Dance Music module for phpNuke (26.09.2007)

Janek Vind, [waraxe-2007-SA#053] - Critical Sql Injection in NukeSentinel 2.5.11 (26.09.2007)

document luca.carettoni_(at)_securenetwork.it, Simple PHP Blog Multiple Vulnerabilities (26.09.2007)

MustLive, Vulnerability in PRO-search (26.09.2007)

Discuss: Read or add your comments to this news (0 comments)

Microsoft Windows Explorer PNG DoS
Published: 26.09.2007
Source: BUGTRAQ
SecurityVulns ID: 8190
Type: local
Level: 5/10
Description: Infinite loop on invalid PNG file parsing.

Affected: MICROSOFT : Windows XP
MICROSOFT : Windows 2003 Server
MICROSOFT : Windows Vista

Original document rocheml_(at)_httrack.com, Possible Windows Explorer bad PNG file preview integer overflow handling (26.09.2007)

Files: Exploits Microsoft Windows Explorer infinite loop
Discuss: Read or add your comments to this news (0 comments)

AOL Instant messenger code execution
updated since 26.09.2007
Published: 24.12.2007
Source: BUGTRAQ
SecurityVulns ID: 8192
Type: remote
Level: 9/10
Description: Microsoft Internet Explorer control is used for HTML content rendering without limiting zone access.

Affected: AOL : Instant Messenger 6.1
AOL : Instant Messenger 6.2
CVE: CVE-2007-4901 (Unspecified vulnerability in AOL Instant Messenger (AIM) 6.1.41.2 allows remote attackers to write arbitrary HTML to a notification window via unspecified vectors in circumstances "when the window of origin is not the main focus.")

Original document evanchik_(at)_gmail.com, America Online AOL Instant Messenger AIM6.0 or 6.5 or higher XSS remote execution (24.12.2007)

CORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2007-0817: Remote Command execution, HTML and JavaScript injection vulnerabilities in AOL's Instant Messaging software (26.09.2007)

Discuss: Read or add your comments to this news (0 comments)