Search:Vulnerability:27.01.2006 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

net-snmp SNMP package fixproc utility symbolic link problem
Published: 27.01.2006
Source: FULL-DISCLOSURE
SecurityVulns ID: 5704
Type: remote
Level: 5/10
Description: Symbolic links problem on temporary files creation.

Affected: NETSNMP : Net-SNMP 5.2

Original document MANDRIVA, [Full-disclosure] [ MDKSA-2006:025 ] - Updated net-snmp packages fix vulnerabilities (27.01.2006)

Discuss: Read or add your comments to this news (0 comments)

Microsoft Windows MS-DOS applications uninitilized memory access information leak
Published: 27.01.2006
Source: BUGTRAQ
SecurityVulns ID: 5702
Type: local
Level: 5/10
Description: Memory is not initialized then allocated for MS-DOS virtual machine. It allows to read data from physical memory.

Affected: MICROSOFT : Windows 2000 Server
MICROSOFT : Windows 2000 Professional
MICROSOFT : Windows XP
MICROSOFT : Windows 2003 Server

Original document endrazine_(at)_pulltheplug.org, Windows mem leakage (27.01.2006)

Files: Dump first 1 Mo of memory under any MS product, exploits NTVDM uninitialized memory
Discuss: Read or add your comments to this news (0 comments)

Weak Net::SSLeay perl module encryption
Published: 27.01.2006
Source: FULL-DISCLOSURE
SecurityVulns ID: 5703
Type: local
Level: 5/10
Description: /tmp/entropy file is used for entropy gathering if no entropy source is specified with EGD_PATH envoronment variable. Attacker can fille file with known data.

Affected: PERL : Net::SSLeay 1.25

Original document MANDRIVA, [Full-disclosure] [ MDKSA-2006:023 ] - Updated perl-Net_SSLeay packages fix vulnerability (27.01.2006)

Discuss: Read or add your comments to this news (0 comments)