Computer Security

Search:Vulnerability:28.08.2005
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Nokia Affix Bluetooth multiple vulnerabilities
updated since 25.04.2005
Published:28.08.2005
Source:FULL-DISCLOSURE
SecurityVulns ID:4726
Type:remote
Level:5/10
Description:Integer overflow on socket creation. Buffer overflow in btftp client. btsrv/btobex unfiltered shell characters problem. popen() unfiltered shell characters.
Affected:NOKIA : Affix 2.1
 NOKIA : Affix 3.2
Original documentdocumentKevin Finisterre, DMA[2005-0826a] - 'Nokia Affix Bluetooth btsrv poor use of popen()' (28.08.2005)
 documentKevin Finisterre, [Full-disclosure] MA[2005-0712b] - 'Nokia Affix Bluetooth btsrv/btobex poor use of system()' (12.07.2005)
 documentKevin Finisterre, [Full-disclosure] DMA[2005-0712a] - 'Nokia Affix Bluetooth btftp client buffer overflow' (12.07.2005)
 documentKevin Finisterre, [Full-disclosure] DMA[2005-0423a] - 'Nokia Affix Bluetooth Integer Underflow' (25.04.2005)
Files:Remote Nokia Affix btftp client exploit
Discuss:Read or add your comments to this news (0 comments)

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 22.08.2005
Published:28.08.2005
Source:
SecurityVulns ID:5129
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPBB : phpBB 2.0
 PAFILEDB : paFileDB 3.1
 VBULLETIN : vBulletin 3.0
 PHPKIT : PHPKIT 1.6
 POSTNUKE : PostNuke 0.760
 COPPERMINE : Coppermine Gallery 1.3
 MANTIS : Mantis 1.0
 NEPHP : Nephp Publisher Enterprise 3.04
 RUNCMS : Runcms 1.2
 AREAEDIT : AreaEdit 0.4
 NETQUERY : Netquery 3.11
 SAVEWEBPORTAL : SaveWebPortal 3.4
 COURIER : SqWebMail 5.0
 FOOJAN : Foojan PHP Weblog
 PHPGRAPHY : phpGraphy 0.9
 GALLERY : Gallery 1.5.1
 YAPIG : YaPiG 0.95
 SIMPLEPHP : Simple PHP Blog 0.4
 PHOTOPOST : PhotoPost PHP Pro 5.1
 AWSTATS : awstats 6.4
 PHPWEBNOTES : phpWebNotes 2.0
 DE-NEEF : Looking Glass 20040427
Original documentdocumentretrogod_(at)_aliceposta.it, Looking Glass v20040427 arbitrary commands execution / cross site scripting (28.08.2005)
 documentCedric Cochin, Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities (28.08.2005)
 documentScott Dewey, Simple PHP Blog File Upload and User Credentials Exposure Vulnerabilities (28.08.2005)
 documentnf2, XSS security hole in phpwebnotes. (28.08.2005)
 documentfournaux_(at)_khmerdev.com, AWstats Path Disclosure Vulnerability (28.08.2005)
 documentSECUNIA, [SA16597] PhotoPost PHP Pro EXIF Data Script Insertion Vulnerability (26.08.2005)
 documentSECUNIA, [SA16598] Simple PHP Blog Image File Upload Vulnerability (26.08.2005)
 documentSECUNIA, [SA16594] Gallery EXIF Data Script Insertion Vulnerability (26.08.2005)
 documentSECUNIA, [SA16596] YaPig EXIF Data Script Insertion Vulnerability (26.08.2005)
 documentSECUNIA, [SA16595] phpGraphy EXIF Data Script Insertion Vulnerability (26.08.2005)
 documentSECUNIA, [SA16516] vBulletin BBCode IMG Tag Cross-Site Request Forgery (26.08.2005)
 documentastovidatu_(at)_security-project.org, PaFileDB 3.1 - SQL-Injection (26.08.2005)
 documentSECUNIA, [Full-disclosure] Secunia Research: SqWebMail Attached File Script Insertion Vulnerability (24.08.2005)
 documentSECUNIA, [SA16522] SaveWebPortal Multiple Vulnerabilities (24.08.2005)
 documentSECUNIA, [SA16523] Netquery "host" Parameter Arbitrary Command Execution (24.08.2005)
 documentSECUNIA, [SA16511] AreaEdit SpellChecker Plugin Code Execution Vulnerability (23.08.2005)
 documentSECUNIA, [SA16514] RunCMS SQL Injection and Arbitrary Variable Overwrite Vulnerability (23.08.2005)
 documentMaksymilian Arciemowicz, [SECURITYREASON.COM] Multiple vulnerabilities in PostNuke 0.760-RC4b=>x cXIb8O3.15 (23.08.2005)
 documentphuket, SQL Injection and PHP Code Injection Vulnerabilities in PHPKit 1.6.1 (23.08.2005)
 documentbl2k_(at)_shabgard.org, Nephp Publisher Enterprise 3.04 Cross Site Scripting (22.08.2005)
 documentSECUNIA, [SA16506] Mantis Cross-Site Scripting and SQL Injection Vulnerabilities (22.08.2005)
 documentSECUNIA, [SA16499] Coppermine Photo Gallery EXIF Data Script Insertion (22.08.2005)
 documenth4cky0u, [Full-disclosure] BBCode [IMG] [/IMG ] Tag Vulnerability (22.08.2005)
Discuss:Read or add your comments to this news (0 comments)

HP OpenView unfiltered shell characters
updated since 26.08.2005
Published:28.08.2005
Source:BUGTRAQ
SecurityVulns ID:5148
Type:remote
Level:6/10
Description:It's possible to execute code with request like http://[host]:3443/OvCgi/connectedNodes.ovpl?node=a| [your command] |
Affected:HP : OpenView Network Node Manager 6.41
 HP : OpenView Network Node Manager 7.5
Original documentdocumentHP, [security bulletin] SSRT051023 rev.0 - HP Openview Network Node Manager (OV NNM) Remote Unauthorized Access (28.08.2005)
 documentPaul J Docherty, Portcullis Security Advisory 05-014 HP Openview Remote Command Execution Vulnerability (26.08.2005)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server