Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft IIS protection bypass
Published:29.12.2009
Source:
SecurityVulns ID:10491
Type:remote
Threat Level:
6/10
Description:It's possible to bypass 3rd party upload protection by file extension, because part of filename after semicolon is ingored then detecting file type. E.g. script.asp;.jpg is treated by web server as ASP file.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
Original documentdocumentds.adv.pub_(at)_gmail.com, Code to mitigate IIS semicolon zero-day (29.12.2009)
 documentbugreport_(at)_itguard.info, Microsoft IIS 0Day Vulnerability in Parsing Files (semi-colon bug) (29.12.2009)
Files:Mitigation should help block attempts to exploit the IIS semicolon zero-day

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:29.12.2009
Source:
SecurityVulns ID:10492
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:JOOMLA : Joomulus 2.0
 DRBENHUR : DBHcms 1.1
 LIVEZILLA : LiveZilla 3.1
CVE:CVE-2009-4422 (Multiple cross-site scripting (XSS) vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csim_in_html_ex1.php, and other unspecified vectors.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:340 ] jpgraph (29.12.2009)
 documentadvisories_(at)_intern0t.net, [InterN0T] LiveZilla - XSS Vulnerability (29.12.2009)
 documentinfo_(at)_securitylab.ir, DBHCMS Web Content Management System v1.1.4 RFI Vulnerability (29.12.2009)
 documentfaghani_(at)_nsec.ir, Sheedravi CMS SQL Injection Vulnerability (29.12.2009)
 documentMustLive, Vulnerability in Joomulus for Joomla (29.12.2009)

MIT Kerberos 5 DoS
Published:29.12.2009
Source:
SecurityVulns ID:10493
Type:remote
Threat Level:
5/10
Description:NULL pointer dereference on cross-relarm authentication.
Affected:MIT : krb5 1.7
CVE:CVE-2009-3295 (The prep_reprocess_req function in kdc/do_tgs_req.c in the cross-realm referral implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a ticket request.)
Original documentdocumentMIT, MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing (29.12.2009)

Perl DBD::Pg module buffer overflow
Published:29.12.2009
Source:
SecurityVulns ID:10494
Type:library
Threat Level:
5/10
Description:pg_getline buffer overflow, DoS.
CVE:CVE-2009-1341 (Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service (memory consumption) by fetching data with BYTEA columns.)
 CVE-2009-0663 (Heap-based buffer overflow in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module 1.49 for Perl might allow context-dependent attackers to execute arbitrary code via unspecified input to an application that uses the getline and pg_getline functions to read database rows.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:344 ] perl-DBD-Pg (29.12.2009)

setfacl / getfacl symbolic links vulnerability
Published:29.12.2009
Source:
SecurityVulns ID:10495
Type:local
Threat Level:
4/10
Description:Symbolic links are followed on recursive operation.
CVE:CVE-2009-4411 (The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when running in recursive (-R) mode, follow symbolic links even when the --physical (aka -P) or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink attack.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:345 ] acl (29.12.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod