Computer Security
[EN] securityvulns.ru no-pyccku


MLDonkey backdoor access
Published:26.10.2007
Source:
SecurityVulns ID:8293
Type:remote
Threat Level:
5/10
Description:'p2p' account with empty password and valid shell is created during installation.
Original documentdocumentGENTOO, [ GLSA 200710-25 ] MLDonkey: Privilege escalation (26.10.2007)

TrendMicro antivirus privilege escalation
Published:26.10.2007
Source:
SecurityVulns ID:8294
Type:local
Threat Level:
5/10
Description:Buffer overflows and \\.\Tmfilter device insecure access permissions.
Affected:TM : PC-Cillin Internet Security 2007
CVE:CVE-2007-4277
Original documentdocumentIDEFENSE, iDefense Security Advisory 10.25.07: Trend Micro Tmxpflt.sys IOCTL 0xa0284403 Buffer Overflow Vulnerability (26.10.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:26.10.2007
Source:
SecurityVulns ID:8295
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:TIKIWIKI : tikiwiki 1.9
 IGALLERY : i-Gallery 3.4
Original documentdocumentkingoftheworld92_(at)_fastwebnet.it, [Trick] VigileCMS All Versions DataMining Remote Hash Disclosure (26.10.2007)
 documentkingoftheworld92_(at)_fastwebnet.it, Multi Host Forum Pro phpbb & ipb Multiple Sql Injection (26.10.2007)
 documentL4teral, TikiWiki <= 1.9.8.1 Cross Site Scripting / Local File Inclusion (26.10.2007)
 documentjoseph.giron13_(at)_gmail.com, usd250 helpdesk XSS vulnerabily. (26.10.2007)
 documenthackerbinhphuoc_(at)_yahoo.com, i-Gallery 3.4 bug crack password! (26.10.2007)
 documentkingoftheworld92_(at)_fastwebnet.it, Flatnuke3 Remote Cookie Manipoulation / Privilege Escalation (26.10.2007)

Serverkit shttp web server directory traversal
Published:26.10.2007
Source:
SecurityVulns ID:8296
Type:remote
Threat Level:
5/10
Description:Directory traversal with HEAD request is possible.
Affected:SERVERKIT : shttp 0.0
Original documentdocumentdigineo Advisories, Directory traversal flaw in shttp (26.10.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod