Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows MS-DOS applications uninitilized memory access information leak
Published:27.01.2006
Source:
SecurityVulns ID:5702
Type:local
Threat Level:
5/10
Description:Memory is not initialized then allocated for MS-DOS virtual machine. It allows to read data from physical memory.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentendrazine_(at)_pulltheplug.org, Windows mem leakage (27.01.2006)
Files:Dump first 1 Mo of memory under any MS product, exploits NTVDM uninitialized memory

Weak Net::SSLeay perl module encryption
Published:27.01.2006
Source:
SecurityVulns ID:5703
Type:local
Threat Level:
5/10
Description:/tmp/entropy file is used for entropy gathering if no entropy source is specified with EGD_PATH envoronment variable. Attacker can fille file with known data.
Affected:PERL : Net::SSLeay 1.25
Original documentdocumentMANDRIVA, [Full-disclosure] [ MDKSA-2006:023 ] - Updated perl-Net_SSLeay packages fix vulnerability (27.01.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:27.01.2006
Source:
SecurityVulns ID:5701
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:123FLASHCHAT : 123flaschat server 5.1
 ANDONET : AndoNET Blog 2004
 MYLITTLEHOMEPAGE : my little homepage 2004
Original documentdocumentISecAuditors Security Advisories, [ISecAuditors Advisories] Arbitrary flash code remote execution in 123flashchat (27.01.2006)
 documentspher3_(at)_hackerscenter.com, [HSC] Multiple transversal bug in vis (27.01.2006)
 documentAliaksandr Hartsuyeu, [eVuln] "my little homepage" products [link] BBCode XSS Vulnerability (27.01.2006)
 documentAliaksandr Hartsuyeu, [eVuln] AndoNET Blog SQL Injection Vulnerability (27.01.2006)

net-snmp SNMP package fixproc utility symbolic link problem
Published:27.01.2006
Source:
SecurityVulns ID:5704
Type:remote
Threat Level:
5/10
Description:Symbolic links problem on temporary files creation.
Affected:NETSNMP : Net-SNMP 5.2
Original documentdocumentMANDRIVA, [Full-disclosure] [ MDKSA-2006:025 ] - Updated net-snmp packages fix vulnerabilities (27.01.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod