Computer Security
[EN] securityvulns.ru no-pyccku


PHP safe mode protection bypass with htaccess
updated since 27.06.2007
Published:26.11.2007
Source:
SecurityVulns ID:7859
Type:local
Threat Level:
5/10
Description:It's possible to manipulate function ini_set() and session_save_path() with htaccess settings.
Affected:PHP : PHP 4.4
 PHP : PHP 5.2
CVE:CVE-2007-3378 (The (1) session_save_path, (2) ini_set, and (3) error_log functions in PHP 4.4.7 and earlier, and PHP 5 5.2.3 and earlier, when invoked from a .htaccess file, allow remote attackers to bypass safe_mode and open_basedir restrictions and possibly execute arbitrary commands via php_value directives in .htaccess.)
Original documentdocumentMaksymilian Arciemowicz, PHP 5.2.4 mail.force_extra_parameters unsecure (26.11.2007)
 documentMaksymilian Arciemowicz, [Full-disclosure] PHP 5.2.3 PHP 4.4.7, htaccess safemode and open_basedir Bypass Vulnerability (27.06.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:26.11.2007
Source:
SecurityVulns ID:8376
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Math Comment Spam Protection: Crossite scripting.
Affected:BYTEHOARD : bytehoard 2.1
 PROVERBS : Calendar Proverbs 1.1
 MESSAGINGARCHITE : GWExtranet 3.0
Original documentdocumentHackers Center Security Group, GWExtranet Script Injections & Privilege Escalation Vulnerability (26.11.2007)
 documentJose Luis Góngora Fernández, Calendar Proverbs <=1.1 (caladmin.php) Remote SQL Injection (26.11.2007)
 documentErnesto Alvarez, two bytehoard 2.1 bugs (26.11.2007)
 documentJose Luis Góngora Fernández, PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerability (26.11.2007)
 documentnoreply_(at)_aria-security.net, Aria-Security.Net: Gouae DWD Realty SQL Injection (26.11.2007)
 documentMustLive, MoBiC-23 Bonus: XSS in Math Comment Spam Protection (26.11.2007)

nss_ldap information leak
Published:26.11.2007
Source:
SecurityVulns ID:8377
Type:library
Threat Level:
5/10
Description:Race conditions in multithread applications.
Affected:NSSLDAP : nss_ldap 257
CVE:CVE-2007-5794 (Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.)
Original documentdocumentGENTOO, [ GLSA 200711-33 ] nss_ldap: Information disclosure (26.11.2007)

DoS with skype URL handler
Published:26.11.2007
Source:
SecurityVulns ID:8378
Type:client
Threat Level:
5/10
Description:It's possible to start unlimiteed number of application instances with skype: URL.
Affected:SKYPE : Skype 3.6
Original documentdocumentmail_(at)_me.not, Skype DoS (26.11.2007)

Citrix NetScaler weak cryptography
Published:26.11.2007
Source:
SecurityVulns ID:8379
Type:remote
Threat Level:
5/10
Description:Username/password are stored as a part of cookie with encryption (XORing with reused key), making it's possible to discover parts of the password.
Affected:CITRIX : NetScaler 8.0
CVE:CVE-2007-6037 (Cross-site scripting (XSS) vulnerability in ws/generic_api_call.pl in Citrix NetScaler 8.0 build 47.8 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter and other unspecified parameters.)
Original documentdocumentnnposter_(at)_disclosed.not, Citrix NetScaler Web Management Cookie Weakness (26.11.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod