Computer Security
[EN] securityvulns.ru no-pyccku


rsync memory corruption
updated since 06.04.2011
Published:27.04.2011
Source:
SecurityVulns ID:11565
Type:client
Threat Level:
5/10
Description:Memory corruption on server reply parsing.
Affected:RSYNC : rsync 3.0
CVE:CVE-2011-1097 (rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.)
Original documentdocumentMANDRIVA, [ MDVSA-2011:066 ] rsync (06.04.2011)

Asterisk security vulnerabilities
updated since 26.04.2011
Published:27.04.2011
Source:
SecurityVulns ID:11621
Type:remote
Threat Level:
6/10
Description:Privilege escalation DoS via resources exhaustion.
Affected:DIGIUM : Asterisk 1.4
 ASTERISK : Asterisk 1.6
 ASTERISK : Asterisk 1.8
CVE:CVE-2011-1507 (Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 do not restrict the number of unauthenticated sessions to certain interfaces, which allows remote attackers to cause a denial of service (file descriptor exhaustion and disk space exhaustion) via a series of TCP connections.)
Original documentdocumentASTERISK, AST-2011-005: File Descriptor Resource Exhaustion (27.04.2011)
 documentASTERISK, AST-2011-006: Asterisk Manager User Shell Access (26.04.2011)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 26.04.2011
Published:27.04.2011
Source:
SecurityVulns ID:11622
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPLIST : phpList 2.10
 TIMTHUMB : TimThumb 1.24
 WEBMIN : Webmin 1.540
 AFFINITY : BuddyPress 1.2
 COTONI : Cotonti 0.9
 WORDPRESS : WP-Ajax-Recent-Posts 1.0
 Noah's Classifieds 5.0
CVE:CVE-2011-1727 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an "HTML injection" issue.)
 CVE-2011-1726 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentMustLive, Code Execution в WordPress 2.5 - 3.1.1 (27.04.2011)
 documentJavier Bassi, XSS in Webmin 1.540 + exploit for privilege escalation (27.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22956: XSS vulnerabilities in phpList (26.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22957: XSRF (CSRF) in phpList (26.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22951: XSS in WP-Ajax-Recent-Posts wordpress plugin (26.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22952: XSS vulnerabilities in Noah's Classifieds (26.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22953: XSS in Max's PHP Photo Album (26.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22954: Path disclousure in yappa-ng Photo Gallery (26.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22948: Path disclosure in Cotonti (26.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22955: Path disclosure in BuddyPress WordPress plugin (26.04.2011)
 documentHP, [security bulletin] HPSBMA02667 SSRT100464 rev.1 - HP SiteScope, Cross Site Scripting (XSS) and HTML Injection (26.04.2011)
 documentMustLive, Уязвимости во многих темах и компонентвх для Joomla (26.04.2011)
 documentJavier Bassi, XSS in Webmin 1.540 + exploit for privilege escalation (26.04.2011)

HP OpenView Storage Data Protector code execution
Published:27.04.2011
Source:
SecurityVulns ID:11629
Type:remote
Threat Level:
5/10
Affected:HP : OpenView Storage Data Protector 6.10
 HP : OpenView Storage Data Protector 6.11
Original documentdocumentHP, [security bulletin] HPSBMA02654 SSRT100441 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code (27.04.2011)

CA Arcot WebFort Versatile Authentication Server security vulnerabilities
Published:27.04.2011
Source:
SecurityVulns ID:11630
Type:remote
Threat Level:
5/10
Description:Crossite scripting, request spoofing.
Affected:CA : Arcot WebFort Versatile Authentication Server 6.2
CVE:CVE-2011-1826 (Open redirect vulnerability in the Administrative Console in CA Arcot WebFort Versatile Authentication Server (VAS) before 6.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.)
 CVE-2011-1825 (Multiple cross-site scripting (XSS) vulnerabilities in the Administrative Console in CA Arcot WebFort Versatile Authentication Server (VAS) before 6.2.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentCA, CA20110426-01: Security Notice for CA Arcot WebFort Versatile Authentication Server (27.04.2011)

Cisco Unified Communications Manager multiple security vulnerabilities
updated since 27.04.2011
Published:01.05.2011
Source:
SecurityVulns ID:11632
Type:remote
Threat Level:
6/10
Description:DoS via SIP, directory traversal, SQL injection.
Affected:CISCO : Unified Communications Manager 6.1
 CISCO : Unified Communications Manager 7.1
 CISCO : Unified Communications Manager 8.0
 CISCO : Unified Communications Manager 8.5
CVE:CVE-2011-1610 (Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064.)
 CVE-2011-1607 (Directory traversal vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote authenticated users to upload files to arbitrary directories via a modified pathname in an upload request, aka Bug ID CSCti81603.)
 CVE-2011-1606 (Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtg62855.)
 CVE-2011-1605 (Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su2, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCth39586.)
 CVE-2011-1604 (Memory leak in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (memory consumption and process failure) via a malformed SIP message, aka Bug ID CSCti42904.)
Original documentdocumentZDI, ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability (01.05.2011)
 documentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager (27.04.2011)

LibAVCodec / FFMpeg / VLC index array overflow
updated since 27.04.2011
Published:03.08.2011
Source:
SecurityVulns ID:11631
Type:library
Threat Level:
6/10
Description:Index array overflow on AMV files parsing.
Affected:VLC : VLC media player 1.1
CVE:CVE-2011-1931 (sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.)
Original documentdocument[email protected], NGS00068 Technical Advisory - LibAVCodec AMV Out of Array Write (03.08.2011)
 document[email protected], NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write (27.04.2011)
 document[email protected], NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write (27.04.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod