Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		27.11.2008
Source:		BUGTRAQ
SecurityVulns ID:		9467
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CoBreeder: Crossite scripting.

Affected:		WHMCS : WHM Complete Solution Version 3.7
		IMPRESSCMS : Social Impress CMS 1.1

Original document		office_(at)_hackattack.at, [HACKATTACK Advisory 20081127]Social Impress CMS 1.1 - Session Fixation (27.11.2008)
		julianrdz91_(at)_gmail.com, WHMCS V3.7.1 Sensible Information Disclosure (27.11.2008)

Discuss:

Read or add your comments to this news (0 comments)

SAMBA information disclosure
Published:		27.11.2008
Source:		BUGTRAQ
SecurityVulns ID:		9468
Type:		remote
Level:		6/10
Description:		Kernel memory disclosure on processing of few SMB request types.

Affected:		SAMBA : Samba 2.3
CVE:		CVE-2008-4314 (smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) trans, (2) trans2, and (3) nttrans requests, related to a "cut&paste error" that causes an improper bounds check to be performed.)

Original document

UBUNTU, [USN-680-1] Samba vulnerability (27.11.2008)

Discuss:

Read or add your comments to this news (0 comments)