Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 27.06.2011
Published:28.06.2011
Source:
SecurityVulns ID:11748
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MAMBO : Mambo 4.6
 DRUPAL : Drupal 6.22
 FANUPDATE : FanUpdate 3.0
Original documentdocumentHigh-Tech Bridge Security Research, HTB23017: XSS in FanUpdate (28.06.2011)
 documentYGN Ethical Hacker Group, Mambo CMS 4.6.x (4.6.5) | Multiple Cross Site Scripting Vulnerabilities (27.06.2011)
 documentMustLive, XSS и AoF уязвимости в Drupal (27.06.2011)

libcurl GSSAPI security vulnerability
Published:28.06.2011
Source:
SecurityVulns ID:11749
Type:library
Threat Level:
5/10
Description:Client's security credentials are unconditionally delegated.
Affected:CURL : libcurl 7.21
CVE:CVE-2011-2192 (The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.)
Original documentdocumentUBUNTU, [USN-1158-1] curl vulnerabilities (28.06.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod