 |
|
|
|
| ISS RealSecure / BlackICE DoS | | Published: |  | 28.07.2006 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 6419 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | Bug in SMB_MailSlot_Heap_Overflow
(MS06-035/KB917159) vulnerability attack detection leads to 100% CPU usage. |
| InterActual Player ActiveX buffer overflow | | Published: | | 28.07.2006 | | Source: | | SECUNIA | | SecurityVulns ID: | | 6424 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overflow in ITIRecorder.MicRecorder control. |
| Symantec Brightmail AntiSpam multiple security vulnerabilities | | Published: | | 28.07.2006 | | Source: | | SECUNIA | | SecurityVulns ID: | | 6425 | | Type: | | remote | | Level: | | 5/10 | | Description: | | It's possible to DoS system and access system files if control center access is enabled from any computer. |
Yahoo Messenger instant messenger agent DoS
updated since 22.06.2006 | | Published: | | 28.07.2006 | | Source: | | IVANIVAN | | SecurityVulns ID: | | 6281 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Application crashes on message with malformed link. Vulnerability is known to be used in-the-wild. |
Cisco VPN client for Windows privilege escalation
updated since 25.05.2006 | | Published: | | 28.07.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 6183 | | Type: | | local | | Level: | | 6/10 | | Description: | | Privilege escalation with help subsystem. |
| Winlpd buffer overflow | | Published: | | 28.07.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 6422 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Buffer overflow on LPR (TCP/515) request handling. |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 28.07.2006 | | Source: | | | | SecurityVulns ID: | | 6423 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
Apache mod_rewrite buffer overflow
updated since 28.07.2006 | | Published: | | 21.08.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 6420 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Off-by-one overflow on mod_rewrite LDAP schema if "RewriteEngine on". |
Heartbeat claster software multiple DoS conditions
updated since 28.07.2006 | | Published: | | 31.07.2007 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 6421 | | Type: | | remote | | Level: | | 5/10 | | Description: | | shmget shared memory section call weak permissions. remote DoS on heartbeat network messages parsing. |
| Affected: |  | HEARTBEAT : Heartbeat 1.2 | | | | HEARTBEAT : Heartbeat 2.0 | | | | BLUECATNETWORKS : Adonis 5.0 | | CVE: |  | CVE-2006-3815 (heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, which allows local users to cause an unspecified denial of service via unknown vectors, possibly during a short time window on startup.) | | | | CVE-2006-3121 (The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux before 1.2.5, and 2.0 before 2.0.7, allows remote attackers to cause a denial of service (crash) via the length parameter in a heartbeat message.) |
|
|
|
|
|
|
|
|
