Computer Security

Search:Vulnerability:26.12.2008
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



FreeBSD protosw privilege escalation
Published:26.12.2008
Source:FREEBSD
SecurityVulns ID:9543
Type:local
Level:7/10
Description:Uninitialized bluetooth and netgraph sockets.
Affected:FREEBSD : FreeBSD 6.3
 FREEBSD : FreeBSD 7.1
 FREEBSD : FreeBSD 6.4
 FREEBSD : FreeBSD7.0
Original documentdocumentdon bailey, FreeBSD 7/6x protosw kernel exploit (26.12.2008)
 documentFREEBSD, FreeBSD netgraph / bluetooth privilege escalation (26.12.2008)
Files:Exploit for the FreeBSD protosw vulnerability
Discuss:Read or add your comments to this news (0 comments)

Microsoft Windows Media Player integer overflow
Published:26.12.2008
Source:BUGTRAQ
SecurityVulns ID:9544
Type:client
Level:9/10
Description:Integer overflow on WAV parsing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
Original documentdocumentlaurent gaffie, MS Windows Media Player * (.WAV) Remote Integrer Overflow (26.12.2008)
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:26.12.2008
Source:
SecurityVulns ID:9546
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:VBULLETIN : Personal Sticky Threads 1.0
 NAGIOS : nagios 2.11
CVE:CVE-2008-5028 (Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagios 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote attackers to send commands to the Nagios process, and trigger execution of arbitrary programs by this process, via unspecified HTTP requests.)
 CVE-2008-5027 (The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form or a (b) browser addon.)
Original documentdocumentxl4nothing_(at)_gmail.com, Personal Sticky Threads v1.0.3c vbulletin Add-on problem (26.12.2008)
 documentlovebug_(at)_hotmail.it, joomla com_lowcosthotels sql injection (26.12.2008)
 documentr3d.w0rm_(at)_yahoo.com, PHP-Fusion Mod TI - Blog System Sql Injection (26.12.2008)
Files:Exploits joomla com_lowcosthotels sql injection
Discuss:Read or add your comments to this news (0 comments)

Citrix Broadcast Server SQL injection
Published:26.12.2008
Source:BUGTRAQ
SecurityVulns ID:9547
Type:remote
Level:6/10
Description:login.asp SQL injection.
Affected:CITRIX : Citrix Broadcast Server 6.0
Original documentdocumentvulnerabilityresearch_(at)_ddifrontline.com, DDIVRT-2008-16 Citrix Broadcast Server 6.0 login.asp SQL Injection --- Update for BID 32832 (26.12.2008)
Discuss:Read or add your comments to this news (0 comments)

PSI jabber client integer overflow
Published:26.12.2008
Source:BUGTRAQ
SecurityVulns ID:9548
Type:remote
Level:5/10
Description:Integer overflow on file transfer port (TCP/8010 by default) data parsing.
Affected:PSI : PSI 0.12
Original documentdocumentISecAuditors Security Advisories, [ISecAuditors Security Advisories] PSI remote integer overflow DoS (26.12.2008)
Files:PSI remote integer overflow DoS
Discuss:Read or add your comments to this news (0 comments)

PGP Desktop DoS
Published:26.12.2008
Source:BUGTRAQ
SecurityVulns ID:9549
Type:local
Level:5/10
Description:PGPweded.sys driver crashes the system on IOCTL processing.
Affected:PGP : PGP Desktop 9.0
Original documentdocumentcontact.fingers_(at)_gmail.com, PGP Desktop 9.0.6 Denial Of Service - ZeroDay (26.12.2008)
Discuss:Read or add your comments to this news (0 comments)

Mozilla Firefox, Microsoft Internet Explorer, Opera and Google Chrome DoS
Published:26.12.2008
Source:MustLive
SecurityVulns ID:9545
Type:client
Level:4/10
Description:Printing <irame> in endless loop from javascript causes resources exhaustion and leads to browser hang.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MOZILLA : Firefox 3.0
 OPERA : Opera 9.52
 GOOGLE : Chrome 1.0
Original documentdocumentMustLive, DoS vulnerabilities in Firefox, Internet Explorer, Opera and Chrome (26.12.2008)
Files:Firefox, Internet Explorer, Opera & Google Chrome DoS Exploit
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server