Computer Security
[EN] securityvulns.ru no-pyccku


Sun Solaris multiple security vulnerabilities
Published:27.05.2010
Source:
SecurityVulns ID:10871
Type:library
Threat Level:
7/10
Description:Crossite scripting in ftpd, DoS against file utilities, buffer overflow in LIBC functions.
Affected:ORACLE : Solaris 10
Original documentdocumentMaksymilian Arciemowicz, Sun Solaris 10 ftpd Cross-site request forgery (27.05.2010)
 documentMaksymilian Arciemowicz, Sun Solaris 10 filesystem rm(1),find(1),etc, Denial-of-service (27.05.2010)
 documentMaksymilian Arciemowicz, Sun Solaris 10 libc/*convert (*cvt) buffer overflow (27.05.2010)

ghostscript code execution
Published:27.05.2010
Source:
SecurityVulns ID:10872
Type:local
Threat Level:
5/10
Description:Application is executed by relative path upon .ps file parsing.
Affected:GHOSTSCRIPT : Ghostscript 8.64
Original documentdocumentne01026_(at)_stegny.2a.pl, Ghostscript 8.64 executes random code at startup (27.05.2010)

Webby Web server buffer overflow
Published:27.05.2010
Source:
SecurityVulns ID:10873
Type:remote
Threat Level:
5/10
Description:Buffer overflow on GET request parsing.
Affected:WEBBY : Webby 1.01
Original documentdocumentmichael.messner_(at)_integralis.com, Webby Webserver v1.01 - Buffer overflow vulnerability with overwritten structured exception handler (SEH) (27.05.2010)

GNU glibc library security vulnerabilities
Published:27.05.2010
Source:
SecurityVulns ID:10874
Type:library
Threat Level:
6/10
Description:Invalid mntent functions string processing, ELF format parsing memory corruption.
Affected:GNU : glibc 2.11
CVE:CVE-2010-0830 (Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.)
 CVE-2010-0296 (The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request.)
Original documentdocumentUBUNTU, [USN-944-1] GNU C Library vulnerabilities (27.05.2010)

Kingsoft WebShield privilege escalation
Published:27.05.2010
Source:
SecurityVulns ID:10875
Type:local
Threat Level:
5/10
Description:Kernel memory overwrite on IOCTL processing.
Affected:KINGSOFT : WebShield 3.5
Original documentdocumentyicong2010_(at)_yahoo.com, Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability (27.05.2010)

Cisco Network Building Mediator multiple security vulnerabilities
Published:27.05.2010
Source:
SecurityVulns ID:10876
Type:remote
Threat Level:
6/10
Description:Default accounts, privilege escalation, unauthorized access.
Affected:CISCO : Mediator Framework 1.5
 CISCO : Mediator Framework 2.2
 CISCO : Mediator Framework 3.0
 CISCO : Mediator Framework 3.1
CVE:CVE-2010-0600 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not properly restrict network access to an unspecified configuration file, which allows remote attackers to read passwords and unspecified other account details via a (1) XML RPC or (2) XML RPC over HTTPS session, aka Bug ID CSCtb83512.)
 CVE-2010-0599 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt XML RPC sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83505.)
 CVE-2010-0598 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt HTTP sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83631.)
 CVE-2010-0597 (Unspecified vulnerability in Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users to read or modify the device configuration, and gain privileges or cause a denial of service (device reload), via a (1) XML RPC or (2) XML RPC over HTTPS request, aka Bug ID CSCtb83618.)
 CVE-2010-0596 (Unspecified vulnerability in Cisco Mediator Framework 2.2 before 2.2.1.dev.1 and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users to read or modify the device configuration, and gain privileges, via a (1) HTTP or (2) HTTPS request, aka Bug ID CSCtb83607.)
 CVE-2010-0595 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 has a default password for the administrative user account and unspecified other accounts, which makes it easier for remote attackers to obtain privileged access, aka Bug ID CSCtb83495.)
Original documentdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco Network Building Mediator (27.05.2010)

MySQL multiple security vulnerabilities
Published:27.05.2010
Source:
SecurityVulns ID:10877
Type:remote
Threat Level:
6/10
Description:Buffer overflow and privilege escalation via COM_FIELD_LIST, DoS because of endless loop on network packet reading.
CVE:CVE-2010-1850 (Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.)
 CVE-2010-1849 (The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.)
 CVE-2010-1848 (Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.)
Original documentdocumentMANDRIVA, [ MDVSA-2010:107 ] mysql (27.05.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod