Search:Vulnerability:29.11.2007 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 29.11.2007
Published: 29.11.2007
Source:
SecurityVulns ID: 8384
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Captcha! wordpress plugin: CAPTCHA protection bypass and XSS.

Affected: PHPKIT : PHPKIT 1.6
LIFERAY : Liferay Enterprise Portal 4.3
PHPSLIDESHOW : PHPSlideShow 0.9
GEKKOWARE : Gekko 0.8

Original document Jose Luis Góngora Fernández, Gekko <=0.8.2 (temp directory) Path Disclosure (29.11.2007)

morin.josh_(at)_gmail.com, PHPSlideShow XSS Update (29.11.2007)

morin.josh_(at)_gmail.com, Liferay Enterprise Portal multiple XSS (29.11.2007)

Jose Luis Góngora Fernández, PHPkit 1.6.1 (include.php?path=) Remote File Inclusion (29.11.2007)

document kingoftheworld92_(at)_fastwebnet.it, Eurologon CMS Multiple SQL Injection (29.11.2007)

kingoftheworld92_(at)_fastwebnet.it, Eurologon CMS Db credentials disclosure / files download (29.11.2007)

MustLive, MoBiC-26 Bonus: XSS in Captcha! (29.11.2007)

MustLive, Captcha! CAPTCHA bypass (29.11.2007)

Discuss: Read or add your comments to this news (0 comments)

IBM Lotus Notes buffer overflow
Published: 29.11.2007
Source: BUGTRAQ
SecurityVulns ID: 8387
Type: client
Level: 6/10
Description: Buffer overflow on Lotus WorkSheet files processing.

Affected: IBM : Lotus Notes 6.5
IBM : Lotus Notes 7.0
IBM : Lotus Notes 8.0

Original document CORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor (29.11.2007)

Files: Lotus Notes buffer overflow in the Lotus WorkSheet file processor PoC
Discuss: Read or add your comments to this news (0 comments)

Linux multiple security vulnerabilities
Published: 29.11.2007
Source: BUGTRAQ
SecurityVulns ID: 8389
Type: remote
Level: 5/10
Description: Integer overflow on IEEE 802.11 frame, DoS with minix filesystem.

Affected: LINUX : kernel 2.6
CVE: CVE-2007-4997
CVE-2006-6058 (The minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. NOTE: this issue might be due to an integer overflow or signedness error.)

Original document MANDRIVA, [ MDKSA-2007:232 ] - Updated kernel packages fix multiple vulnerabilities and bugs (29.11.2007)

Discuss: Read or add your comments to this news (0 comments)

RubyGnome2 format string vulnerability
Published: 29.11.2007
Source: BUGTRAQ
SecurityVulns ID: 8385
Type: library
Level: 5/10
Description: Format string vulnerability in Gtk::MessageDialog.new.

Affected: RUBYGNOME : RubyGnome2 0.16
CVE: CVE-2007-6183 (Format string vulnerability in the mdiag_initialize function in gtk/src/rbgtkmessagedialog.c in Ruby-GNOME 2 (aka Ruby/Gnome2) 0.16.0, and SVN versions before 20071127, allows context-dependent attackers to execute arbitrary code via format string specifiers in the message parameter.)

Original document chris.rohlf_(at)_gmail.com, Ruby/Gnome2 0.16.0 Format String Vulnerability (29.11.2007)

Discuss: Read or add your comments to this news (0 comments)

WireShark sniffer multiple security vulnerabilities
Published: 29.11.2007
Source: BUGTRAQ
SecurityVulns ID: 8386
Type: remote
Level: 6/10
Description: Buffer overflow on SSL parsing, DoS on HTTP, MEGACO, Bluetooth SDP, RPC parsing.

Affected: WIRESHARK : wireshark 0.99
CVE: CVE-2007-6121 (Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.)
CVE-2007-6120 (The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.)
CVE-2007-6118 (The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.)
CVE-2007-6117 (Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote attack vectors related to chunked messages.)
CVE-2007-6114 (Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser.)

Original document DEBIAN, [SECURITY] [DSA 1414-1] New wireshark packages fix several vulnerabilities (29.11.2007)

Discuss: Read or add your comments to this news (0 comments)

TK Toolkit buffer overflow
Published: 29.11.2007
Source: BUGTRAQ
SecurityVulns ID: 8388
Type: remote
Level: 5/10
Description: Buffer overflow on animated GIF loading.

Affected: TK : Tk Toolkit 8.4
TK : Tk Toolkit 8.3
CVE: CVE-2007-5378 (Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is smaller than a subsequent subimage, which triggers the overflow in the ReadImage function, a different vulnerability than CVE-2007-5137.)

Original document DEBIAN, [SECURITY] [DSA 1416-1] New tk8.3 packages fix arbitrary code execution (29.11.2007)

Discuss: Read or add your comments to this news (0 comments)

Symantec Backup Exec DoS
Published: 29.11.2007
Source: BUGTRAQ
SecurityVulns ID: 8390
Type: remote
Level: 5/10
Description: bengine.exe (TCP/5633) integer overflows and NULL pointer dereference.

Affected: SYMANTEC : Backup Exec 11.0
CVE: CVE-2007-4347
CVE-2007-4346

Original document SYMANTEC, SYM07-029 Symantec BEWS Multiple DoS in Job Engine (29.11.2007)

SECUNIA, Secunia Research: Symantec Backup Exec Job Engine Denial of Service (29.11.2007)

Discuss: Read or add your comments to this news (0 comments)