Computer Security
[EN] securityvulns.ru no-pyccku


OpenEdge buffer overflow
Published:28.06.2007
Source:
SecurityVulns ID:7862
Type:remote
Threat Level:
6/10
Description:Buffer overflow on parsing TCP/IP message.
Affected:PROGRESS : Progress 9.1
 OPENEDGE : OpenEdge 10.1
Original documentdocumentsuresync_(at)_gmail.com, Openedge _mprosrv buffer overflow (28.06.2007)

Internet Communication Framework multiple security vulnerabilities
Published:28.06.2007
Source:
SecurityVulns ID:7865
Type:remote
Threat Level:
5/10
Description:Multiple crossite cripting vulnerabilities.
Affected:SAP : SAP ИС 6ю40
Original documentdocumentIvan Buetler, SAP Internet Communication Framework (BC-MID-ICF) Vulnerability (28.06.2007)

KVIrc IRC client buffer overflow
Published:28.06.2007
Source:
SecurityVulns ID:7868
Type:client
Threat Level:
6/10
Description:Buffer overflow in irc:// URL handler.
Affected:KVIRC : KVIrc 3.2
CVE:CVE-2007-2951 (The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI.)
Original documentdocumentSECUNIA, [Full-disclosure] Secunia Research: KVIrc irc:// URI Handler Command Execution Vulnerability (28.06.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:28.06.2007
Source:
SecurityVulns ID:7869
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:DIRECTADMIN : DirectAdmin 1.30
 ETICKET : eTicket 1.5
CVE:CVE-2007-2801 (Multiple cross-site scripting (XSS) vulnerabilities in open.php in eTicket 1.5.5 and 1.5.5.1, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) err and (2) warn parameters. NOTE: the vendor disputes the significance of the issue, stating that "eTicket is not designed to work with register_globals On.")
 CVE-2007-2800 (index.php in eTicket 1.5.5.1 and earlier allows remote attackers to obtain sensitive information via the (1) name[], (2) email[], (3) phone[], or (4) subject[] parameters, which reveals the installation path in the resulting error messages.)
Original documentdocumentfirewall1954_(at)_hotmail.com, XEForum Cookie Modification Privilege Escalation Vulnerability (28.06.2007)
 documentsecurityresearch_(at)_netvigilance.com, [Full-disclosure] eTicket version 1.5.5 XSS Attack Vulnerability (28.06.2007)
 documentsecurityresearch_(at)_netvigilance.com, [Full-disclosure] eTicket version 1.5.5 Path Disclosure Vulnerability (28.06.2007)
 documentr0t, DirectAdmin XSS vuln. (28.06.2007)

Conti FTP Server DoS
Published:28.06.2007
Source:
SecurityVulns ID:7860
Type:remote
Threat Level:
5/10
Description:LIST //A: request causes server to hang.
Affected:CONTI : Conti FTP Server 1.0
Original documentdocumentesc6_(at)_hush.com, Conti FTP Server v1.0 DoS (28.06.2007)
Files:Conti FTP Server v1.0 Denial of Service

Juniper Steel Belted RADIUS CRL access problem
Published:28.06.2007
Source:
SecurityVulns ID:7863
Type:remote
Threat Level:
5/10
Description:Certificates revocation list download ffeature doesn't work.
Affected:JUNIPER : Steel Belted RADIUS 6.0
Original documentdocumentUSprotte_(at)_web.de, Juniper SBR V 6.0.1 CRL-Checking problem (28.06.2007)

Symantec Mail Security for SMTP buffer overflow
Published:28.06.2007
Source:
SecurityVulns ID:7867
Type:remote
Threat Level:
8/10
Description:Buffer overflow on packed executables parsing.
Affected:SYMANTEC : Symantec Mail Security for SMTP 5.0
CVE:CVE-2007-1792 (libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail, involving the detection of "PE-Shield v0.2" and "ASPack v1.00-1.08.02".)
Original documentdocumentSECUNIA, [Full-disclosure] Secunia Research: Symantec Mail Security for SMTP Boundary Errors (28.06.2007)

HP Photo Digital Imaging ActiveX unauthorized access
Published:28.06.2007
Source:
SecurityVulns ID:7861
Type:client
Threat Level:
6/10
Description:Unsafe saveXMLAsFile method in hpqxml.dll.
Original documentdocumentGOODFELLAS SRT, [GOODFELLAS - VULN] hpqxml.dll 2.0.0.133 from HP Digital Imaging Arbitary Data Write. (28.06.2007)

SAP NetWeaver / Web Dynpro Java multiple security vulnerabilities
Published:28.06.2007
Source:
SecurityVulns ID:7864
Type:remote
Threat Level:
5/10
Description:Multiple crossite scripting conditions.
Affected:SAP : NetWeaver 04
 SAP : SAP BC 6.40
 SAP : SAP BC 7.00
Original documentdocumentIvan Buetler, SAP Web Dynpro Java (BC-WD-JAV) Vulnerability (28.06.2007)

Avahi DBUS DoS
Published:28.06.2007
Source:
SecurityVulns ID:7870
Type:local
Threat Level:
5/10
Description:Empty TXT record causes daemon to crash.
Affected:AVAHI : Avahi 0.6
CVE:CVE-2007-3372 (The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error.)

Wireshark DoS
updated since 28.06.2007
Published:17.08.2007
Source:
SecurityVulns ID:7866
Type:remote
Threat Level:
5/10
Description:Endless loop on MMS and SSL parsing, off-by-one on iSeries and DHCP/BOOTP parsing.
Affected:WIRESHARK : wireshark 0.99
CVE:CVE-2007-3393 (Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via crafted DHCP-over-DOCSIS packets.)
 CVE-2007-3392 (Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop.)
 CVE-2007-3391 (Wireshark 0.99.5 allows remote attackers to cause a denial of service (memory consumption) via a malformed DCP ETSI packet that triggers an infinite loop.)
 CVE-2007-3390 (Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, allows remote attackers to cause a denial of service (crash) via crafted iSeries capture files that trigger a SIGTRAP.)
 CVE-2007-3389 (Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload.)
Original documentdocumentzwell_(at)_sohu.com, WireShark MMS Remote Denial of Service vulnerability (15.08.2007)
 documentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1322-1] New wireshark packages fix denial of service (28.06.2007)
Files:WireShark<0.99.6 MMS protocol DOS PoC

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod