Computer Security
[EN] securityvulns.ru no-pyccku


Asterisk IAX2 VoIP PBX and multiple IAX clients DoS
updated since 07.06.2006
Published:30.06.2006
Source:
SecurityVulns ID:6225
Type:remote
Threat Level:
5/10
Description:DoS on IAX2 channel processing.
Affected:ASTERISK : Asterisk 1.2
 KIAX : kiax 0.8
Original documentdocumentDEBIAN, [Full-disclosure] [ GLSA 200606-30 ] Kiax: Arbitrary code execution (30.06.2006)
 documentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2006-0327: IAXclient truncated frames vulnerabilities (10.06.2006)
 documentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2006-0330: Asterisk PBX truncated video frame vulnerability (10.06.2006)
 documentMatt Riddell (IT), Asterisk 1.2.9 and Asterisk 1.0.11 Released - Security Fix (07.06.2006)

mutt mail agent buffer overflow
Published:30.06.2006
Source:
SecurityVulns ID:6318
Type:client
Threat Level:
5/10
Description:Buffer overflow on parsing IMAP server reply.
Affected:MUTT : mutt 1.5
Original documentdocumentGENTOO, [ GLSA 200606-27 ] Mutt: Buffer overflow (30.06.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 30.06.2006
Published:30.06.2006
Source:
SecurityVulns ID:6319
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:NUKEDKLAN : Nuked-Klan 1.7
 MYBB : MyBB 1.1
 PHPRAID : phpRaid 3.0
 AZDG : AzDGDatingPlatinum 1.1
 NUKEDKLANSOFTBIZ : Softbiz Banner Exchange Network 1.0
Original documentdocumentSECUNIA, Secunia Research: phpRaid SQL Injection and File Inclusion Vulnerabilities (30.06.2006)
 documentsecurityconnection_(at)_gmail.com, Softbiz Banner Exchange 1.0 XSS (30.06.2006)
 documentluny_(at)_youfucktard.com, CSRF in Nuked Klan 1.7 SP4.2 (30.06.2006)
 documentluny_(at)_youfucktard.com, PHPClassifieds General (30.06.2006)
 documentimei, [KAPDA]http://myimei.com/security/2006-06-24/mybb104archive-modelight-parameter-extractionvarable-overwriting.html (30.06.2006)
 documentbotan_(at)_linuxmail.org, PHP iCalendar Cross Site Scripting (30.06.2006)
 documentCrAzY.CrAcKeR_(at)_hotmail.com, AzDGDatingPlatinum<<--v1.1.0 "view.php" SQL Injection (30.06.2006)

lipbng buffer overflow
Published:30.06.2006
Source:
SecurityVulns ID:6320
Type:library
Threat Level:
6/10
Affected:libpng : libpng 1.2
Original documentdocumentOPENPKG, [OpenPKG-SA-2006.011] OpenPKG Security Advisory (png) (30.06.2006)

Novell GroupWise unauthorized access
Published:30.06.2006
Source:
SecurityVulns ID:6321
Type:remote
Threat Level:
6/10
Description:Windows Client API allows non-authorized email access within the same authenticated post office.
Affected:NOVELL : GroupWise 6.0
 NOVELL : GroupWise 6.5
 NOVELL : GroupWise 7
Original documentdocumentNOVELL, Novell Security Announcement NOVELL-SA:2006:001 (30.06.2006)

Cisco wireless access points unauthorized access
Published:30.06.2006
Source:
SecurityVulns ID:6322
Type:remote
Threat Level:
6/10
Description:It's possible reset access point security settings to defaults.
Affected:CISCO : Cisco 1200
 CISCO : Cisco 1240
 CISCO : Cisco 350
 CISCO : Cisco 1100
 CISCO : Cisco 1130
 CISCO : Cisco 1310
 CISCO : Cisco 1410
Original documentdocumentCISCO, Cisco Security Advisory: Access Point Web-Browser Interface Vulnerability (30.06.2006)

MacOS X launchd formatstring vulnerabilitiy
Published:30.06.2006
Source:
SecurityVulns ID:6323
Type:local
Threat Level:
7/10
Description:Format string vulnerability on syslog() call.
Affected:APPLE : Mac OS X 10.4
Original documentdocumentKevin Finisterre, DMA[2006-0628a] - 'Apple OSX launchd unformatted syslog() vulnerability' (30.06.2006)
Files:Apple OSX launchd unformatted syslog() vulnerability exploit

Siemens Speedstream wireless routers unauthorized access
Published:30.06.2006
Source:
SecurityVulns ID:6324
Type:remote
Threat Level:
5/10
Description:UPnP unauthorized access.
Affected:SIEMENS : Speedstream 2624
Original documentdocumentinfo_(at)_digitalarmaments.com, Digital Armaments Security Advisory 29.06.2006: Siemens Speedstream Wireless Router Password Protection Bypass Vulnerability (30.06.2006)

PatchLink Update Server / Novell ZenWorks multiple security vulnerabilities
Published:30.06.2006
Source:
SecurityVulns ID:6325
Type:remote
Threat Level:
6/10
Description:SQL injections, unauthorized access.
Affected:NOVELL : PatchLink Update Server 6.2
 NOVELL : PatchLink Update Server 6.1
 NOVELL : ZENworks Patch Management 6.2
Original documentdocumentChris Steipp, Multiple Vulnerabilities in PatchLink Update Server 6 (30.06.2006)

Apple OpenDirectory DoS
Published:30.06.2006
Source:
SecurityVulns ID:6326
Type:remote
Threat Level:
5/10
Description:slapd assert() on malformed bind request.
Affected:APPLE : Mac OS X 10.4
Original documentdocumentnoreply_(at)_musecurity.com, [Full-disclosure] [MU-200606-02] Apple Open Directory Pre-Authentication Denial of Service (30.06.2006)

Multiple OpenOffice security vulnerabilities
Published:30.06.2006
Source:
SecurityVulns ID:6327
Type:client
Threat Level:
8/10
Description:BASIC macro auto launch without user intercation, Java applet sandbox protection bypass, XML parsing buffer overflow.
Affected:OPENOFFICE : OpenOffice 1.1
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1104-1] New OpenOffice.org packages fix several vulnerabilities (30.06.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod