Search:Vulnerability:27.01.2006 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Microsoft Windows MS-DOS applications uninitilized memory access information leak
Published: 27.01.2006
Source: BUGTRAQ
SecurityVulns ID: 5702
Type: local
Level: 5/10
Description: Memory is not initialized then allocated for MS-DOS virtual machine. It allows to read data from physical memory.

Affected: MICROSOFT : Windows 2000 Server
MICROSOFT : Windows 2000 Professional
MICROSOFT : Windows XP
MICROSOFT : Windows 2003 Server

Original document endrazine_(at)_pulltheplug.org, Windows mem leakage (27.01.2006)

Files: Dump first 1 Mo of memory under any MS product, exploits NTVDM uninitialized memory
Discuss: Read or add your comments to this news (0 comments)

Weak Net::SSLeay perl module encryption
Published: 27.01.2006
Source: FULL-DISCLOSURE
SecurityVulns ID: 5703
Type: local
Level: 5/10
Description: /tmp/entropy file is used for entropy gathering if no entropy source is specified with EGD_PATH envoronment variable. Attacker can fille file with known data.

Affected: PERL : Net::SSLeay 1.25

Original document MANDRIVA, [Full-disclosure] [ MDKSA-2006:023 ] - Updated perl-Net_SSLeay packages fix vulnerability (27.01.2006)

Discuss: Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 27.01.2006
Source:
SecurityVulns ID: 5701
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: 123FLASHCHAT : 123flaschat server 5.1
ANDONET : AndoNET Blog 2004
MYLITTLEHOMEPAGE : my little homepage 2004

Original document ISecAuditors Security Advisories, [ISecAuditors Advisories] Arbitrary flash code remote execution in 123flashchat (27.01.2006)

spher3_(at)_hackerscenter.com, [HSC] Multiple transversal bug in vis (27.01.2006)

Aliaksandr Hartsuyeu, [eVuln] "my little homepage" products [link] BBCode XSS Vulnerability (27.01.2006)

document Aliaksandr Hartsuyeu, [eVuln] AndoNET Blog SQL Injection Vulnerability (27.01.2006)

Discuss: Read or add your comments to this news (0 comments)

net-snmp SNMP package fixproc utility symbolic link problem
Published: 27.01.2006
Source: FULL-DISCLOSURE
SecurityVulns ID: 5704
Type: remote
Level: 5/10
Description: Symbolic links problem on temporary files creation.

Affected: NETSNMP : Net-SNMP 5.2

Original document MANDRIVA, [Full-disclosure] [ MDKSA-2006:025 ] - Updated net-snmp packages fix vulnerabilities (27.01.2006)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server