Search:Vulnerability:28.08.2007
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 28.08.2007
Published:
28.08.2007
Source:
SecurityVulns ID:
8099
Type:
remote
Level:
5
/10
Description:
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:
INTERSPIRE
:
ActiveKB 1.5
SUNSHOP
:
Sunshop 4.0
INTERWORX
:
InterWorx-CP 3.0
EPERSONNEL
:
ePersonnel RC 2004
PHPGEDVIEW
:
PhpGedView 4.1
Original document
komarov_(at)_itdefence.ru
,
eyeOS checksum prediction
(
28.08.2007
)
morin.josh_(at)_gmail.com
,
PhpGedView login page multiple XSS
(
28.08.2007
)
system-errrror_(at)_hotmail.com
,
ePersonnel_RC_2004 Remote File Bug
(
28.08.2007
)
s0cratex_(at)_hotmail.com
,
Moonware Software Multiple Vulnerabilities
(
28.08.2007
)
morin.josh_(at)_gmail.com
,
Abledesign Dynamic Picture Frame XSS
(
28.08.2007
)
Hackers Center Security Group
,
InterWorx-CP Multiple HTML Injections Vulnerabilitie
(
28.08.2007
)
auah_(at)_gelap.com
,
Sunshop v4.0 <= Blind SQL Injection exploit
(
28.08.2007
)
durito
,
SQL-инъекция в ActiveKB v1.5
(
28.08.2007
)
Files:
Sunshop v4.0 <= Blind SQL Injection exploit
Discuss:
Read or add your comments to this news (0 comments)
bind weak pseudo-random numbers generator
updated since 24.07.2007
Published:
28.08.2007
Source:
BUGTRAQ
SecurityVulns ID:
7967
Type:
remote
Level:
7
/10
Description:
Weak PRNG creates predictable DNS request IDs and makes high success probability of DNS cache poisoning attack.
Affected:
ISC
:
bind 9.2
BIND
:
bind 9.3
ISC
:
bind 9.4
Original document
Amit Klein
,
BIND 8 EOL and BIND 8 DNS Cache Poisoning (Amit Klein, Trusteer)
(
28.08.2007
)
SECURITEAM
,
[EXPL] DNS Cache Poison (BIND 9)
(
07.08.2007
)
Amit Klein
,
"BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer)
(
24.07.2007
)
Files:
bind DNS Cache Poison v0.3beta
Discuss:
Read or add your comments to this news (0 comments)
Thomson ST 2030 SIP phone DoS
updated since 27.08.2007
Published:
28.08.2007
Source:
FULL-DISCLOSURE
SecurityVulns ID:
8095
Type:
remote
Level:
5
/10
Description:
Crash on invalid INVITE request Via: and To: headers and also on empty message.
Affected:
THOMPSON
:
ST 2030
Original document
Radu State
,
[Full-disclosure] DOS vulnerability on Thomson SIP phone ST 2030 using an empty packet
(
28.08.2007
)
Radu State
,
[Full-disclosure] DOS vulnerability on Thomson SIP phone ST 2030 using the TO Header
(
27.08.2007
)
Radu State
,
[Full-disclosure] DOS vulnerability on Thomson SIP phone ST 2030 using the VIA Header
(
27.08.2007
)
Files:
Exploits vulnerability for Thomson 2030 firmware v1.52.1
Exploits vulnerability for Thomson 2030 firmware v1.52.1 (To:)
Exploits DOS vulnerability on Thomson SIP phone ST 2030 using an empty packet
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Enter your search terms
Web
securityvulns.com
Submit search form
