Search:Vulnerability:27.06.2005 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

IA eMailServer IMAP format string vulnerability
Published: 27.06.2005
Source: FULL-DISCLOSURE
SecurityVulns ID: 4935
Type: remote
Level: 5/10
Description: IMAP mail server LIST command format strinb vulnerability.

Affected: TRUENORTH : IA eMailServer 5.2

Original document Reed Arvin, [Full-disclosure] Denial of Service Vulnerability in True North Software, Inc. IA eMailServer Corporate Edition Version: 5.2.2. Build: 1051. (27.06.2005)

Discuss: Read or add your comments to this news (0 comments)

PHP calendar functions buffer overflow
Published: 27.06.2005
Source: FULL-DISCLOSURE
SecurityVulns ID: 4933
Type: library
Level: 6/10
Description: Buffer overflow in calendar functions, e.g. JDToGregorian() on large integer.

Affected: PHP : PHP 4.3

Original document FistFucker, [Full-disclosure] PHP: Calendar Buffer Overflow (27.06.2005)

Discuss: Read or add your comments to this news (0 comments)

TCP-IP Datalook socket sniffer buffer overflow
Published: 27.06.2005
Source: BUGTRAQ
SecurityVulns ID: 4934
Type: remote
Level: 5/10
Description: Buffer overflow on malformed request.

Affected: TCPIPDATALOOK : TCP-IP Datalook 1.3

Original document SECURITEAM, [EXPL] TCP-IP Datalook DoS Vulnerability (Exploit) (27.06.2005)

Files: IP-DATALOOK Local DoS Exploit
Discuss: Read or add your comments to this news (0 comments)

PHP, ASP, CGI web applications security vulnerabilities
updated since 27.06.2005
Published: 02.07.2005
Source:
SecurityVulns ID: 4936
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, etc.

Affected: WEBCALENDAR : WebCalendar 0.9
PHPBB : phpBB 2.0
XOOPS : xoops 2.0
PHPMYFAQ : phpMyFAQ 1.4
HOSTINGCONTROLLE : Hosting Controller 6.1
PHPADSNEW : phpAdsNew 2.0
PHPOPENADS : phpPgAds 2.0
DRUPAL : Drupal 4.5
POSTNUKE : PostNuke 0.760
WORDPRESS : WordPress 1.5
PLANSCALENDAR : Plans 6.7
S9Y : Serendipity 0.8
DRUPAL : Drupal 4.6
CACTI : Cacti 0.8
ASPNUKE : ASP-Nuke 1.2
PHPFUSION : PHP-Fusion 6.0
STADTAUS : Form Mail Script 2.0
SUKRU : Sukru Alatas Guestbook 3.0
DYNAMICBIZ : Dynamic Biz Website Builder
CSVDB : CSV_DB 1.0
IDB : i_DB 1.0
COMMUNITY : Community Forum
COMMUNITYLINK : Community Link Pro Web Editor
CGICLUB : imTRBBS 1.02
PAVSTA : Auto Site
COMDEV : eCommerce 3.1
NATEON : NateOn Messenger 3.0
PHPMYFAQ : phpMyFAQ 1.5
NUCLEUS : Nucleus 3.20
OSTICKET : osTicket 1.3
PEAR : XML_RPC 1.3

Original document Stefan Esser, [Full-disclosure] Advisory 05/2005: Cacti Authentification/Addslashes Bypass Vulnerability (02.07.2005)

Stefan Esser, [Full-disclosure] Advisory 04/2005: Cacti Remote Command Execution Vulnerability (02.07.2005)

Stefan Esser, [Full-disclosure] Advisory 03/2005: Cacti Multiple SQL Injection Vulnerabilities [FIXED] (02.07.2005)

document JeiAr, PHPXMLRPC Remote Code Execution (02.07.2005)

ghc_(at)_ghc.ru, [SECURITY ALERT] osTicket bugs (02.07.2005)

JeiAr, PEAR XML_RPC Remote Code Execution Vulnerability (01.07.2005)

SECUNIA, [SA15884] phpPgAds XML-RPC PHP Code Execution Vulnerability (01.07.2005)

document SECUNIA, [SA15895] Nucleus XML-RPC PHP Code Execution Vulnerability (01.07.2005)

SECUNIA, [SA15883] phpAdsNew XML-RPC PHP Code Execution Vulnerability (01.07.2005)

Christopher Kunz, Advisory 02/2005: Remote code execution in Serendipity (01.07.2005)

SECUNIA, [SA15810] phpMyFAQ XML-RPC PHP Code Execution Vulnerability (01.07.2005)

document SECUNIA, [SA15862] Serendipity XML-RPC Unspecified PHP Code Execution Vulnerability (01.07.2005)

SECUNIA, [SA15819] NateOn Messenger Directory Listing Disclosure Vulnerability (30.06.2005)

SECUNIA, [SA15864] Comdev News Publisher Cross-Site Scripting and PHP Code Execution (30.06.2005)

document SECUNIA, [SA15865] Comdev eCommerce Review Script Insertion Vulnerability (30.06.2005)

SECUNIA, [SA15873] Pavsta Auto Site "sitepath" File Inclusion Vulnerability (30.06.2005)

SECUNIA, [SA15861] PEAR XML_RPC Unspecified PHP Code Execution Vulnerability (30.06.2005)

SECUNIA, [SA15855] PostNuke XML-RPC Library PHP Code Execution Vulnerability (30.06.2005)

document SECUNIA, [SA15852] XML-RPC for PHP Unspecified PHP Code Execution Vulnerability (30.06.2005)

Uwe Hermann, [Full-disclosure] [DRUPAL-SA-2005-003] Drupal 4.6.2 / 4.5.4 fixes critical XML-RPC issue (30.06.2005)

Uwe Hermann, [Full-disclosure] [DRUPAL-SA-2005-002] Drupal 4.6.2 / 4.5.4 fixes input validation issue (30.06.2005)

document JeiAr, WordPress 1.5.1.2 && Earlier Multiple Vulnerabilities (30.06.2005)

blahplok_(at)_yahoo.com, Original imTRBBS(ver1.02) and prior remote command execution (30.06.2005)

mozako, [badroot security] Community link pro web editor: Remote command Execution (30.06.2005)

Christopher Kunz, Advisory 02/2005: Remote code execution in Serendipity (30.06.2005)

document SECURITEAM, [EXPL] PHP-Fusion Accessible Database Backups Download (Exploit) (30.06.2005)

SECURITEAM, [EXPL] phpBB Remote PHP Code Execution (viewtopic.php 2) (30.06.2005)

JeiAr, XOOPS 2.0.11 && Earlier Multiple Vulnerabilities (30.06.2005)

Andrew Farmer, Re: [Full-disclosure] Security Advisory - phpBB 2.0.15 PHP-code injection bug (29.06.2005)

document ronvdaal, Security Advisory - phpBB 2.0.15 PHP-code injection bug (29.06.2005)

SECUNIA, [SA15854] Plans "evt_id" SQL Injection Vulnerability (29.06.2005)

abducter_minds_(at)_yahoo.com, XSS IN Community forum (28.06.2005)

PHPBB, phpBB 2.0.16 released (28.06.2005)

ActionSpider_(at)_linuxmail.org, Cross-Site Scripting (CSS) in Hosting Controller All Version and hot fix it hehe ;) (28.06.2005)

document SECUNIA, [SA15842] CSV_DB / i_DB Arbitrary Command Execution Vulnerability (28.06.2005)

SECUNIA, [SA15818] Dynamic Biz Website Builder Admin Login SQL Injection (28.06.2005)

SECUNIA, [SA15832] Sukru Alatas Guestbook Exposure of User Credentials (28.06.2005)

Pot Kettle Industries, [Full-disclosure] multihtml exploit vulnerability advisory (28.06.2005)

document Alberto Trivero, M4DR007-07SA (security advisory): Multiple vulnerabilities in ASP Nuke 0.80 (28.06.2005)

shervin khaleghjou, aspnuke is vulnerable to sql injection (28.06.2005)

patr0n, Php �� Form Mail Script (28.06.2005)

SECUNIA, [SA15830] PHP-Fusion Two Vulnerabilities (27.06.2005)

document SECUNIA, [SA15788] WebCalendar "assistant_edit.php" Security Bypass (27.06.2005)

SECURITEAM, [EXPL] ASPNuke SQL Injection Vulnerability (Exploit) (27.06.2005)

Files: Metasploit exploit for PHP XMLRPC
XMLRPC Exploit Code written in Python
SQL Injection Exploit for ASPNuke <= 0.80
phpBB Remote PHP Code Execution (viewtopic.php 2)
PHP-Fusion Accessible Database Backups Download Exploit
xmlrpc exploit
XMLRPC remote commands execute exploit
ASPNuke SQL Injection Vulnerability Exploit
Drupal exploit [DRUPAL-SA-2005-002]
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin