Computer Security
[EN] securityvulns.ru no-pyccku


SAP-DB / MaxDB database WebDBM buffer overflow
Published:30.08.2006
Source:
SecurityVulns ID:6554
Type:remote
Threat Level:
6/10
Description:Buffer overflow on oversized database name.
Affected:SAP : MaxDB 7.6
Original documentdocumentSYMANTEC, SYMSA-2006-009 (30.08.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:30.08.2006
Source:
SecurityVulns ID:6555
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPGROUPWARE : phpGroupWare 0.9
 GONAFISH : LinksCaffe 2.0
 B2EVOLUTION : b2evolution 1.8
 JETSTAT : JS ASP Faq Manager 1.10
 PORTAILPHP : Portail PHP mod_phpalbum 2.15
 MINIBILL : MiniBill 1.22
 EXBB : ExBB Italian 2.0
 PHPECARD : phpECard 2.1
 MODERNGIGABYTE : ModernBill 5.0
Original documentdocumentJUSTINSAMUEL, Vulnerability: ModernBill Insecure CURL Settings (30.08.2006)
 documentMustLive, Уязвимости в CMS WebDirector (30.08.2006)
 documentEscape_LeAk_(at)_yahoo.com, phpECard (functions.php) Remote File Inclusion Exploit (30.08.2006)
 documentSHiKaA-_(at)_hotmail.com, ExBB Italian version <= v2.0 (home_path) Remote File Inclusion Exploit (30.08.2006)
 documentMILW0RM, MiniBill <= 1.22b config[plugin_dir] Remote File Inclusion Vulnerabilities (30.08.2006)
 documentx0r0n_(at)_hotmail.com, Portail PHP mod_phpalbum 2.15 Modules Remote File Inclusion (30.08.2006)
 documentali_(at)_hackerz.ir, JS ASP Faq Manager v1.10 sql injection (30.08.2006)
 documenth4ck3riran_(at)_yahoo.com, Submit ( ToendaCMS<= ( Remote File Include Vulnerabilities ) (30.08.2006)
 documenthoangyenxinhdep_(at)_yahoo.com, Submit ( b2evolution<= 1.8 Remote File Include Vulnerabilities ) (30.08.2006)
 documenthoangyenxinhdep_(at)_yahoo.com, LinksCaffe no checker at admin (30.08.2006)
Files:phpGroupWare <= 0.9.16.010 GLOBALS[] Remote Code Execution Exploit
 phpECard function.php exploit

gtetrinet game array index overflow
Published:30.08.2006
Source:
SecurityVulns ID:6556
Type:remote
Threat Level:
5/10
Description:Multiple index overflows.
Affected:GTETRINET : gtetrinet 0.7
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1163-1] New gtetrinet packages fix arbitrary code execution (30.08.2006)

Weak xbiff 2 file permissions
Published:30.08.2006
Source:
SecurityVulns ID:6557
Type:remote
Threat Level:
5/10
Description:.xbiff2rc is world-readable, making it's possible to retrieve POP3 / IMAP account password.
Affected:XBIFF2 : xbiff2 1.9
Original documentdocumentSECUNIA, [SA21686] xbiff2 Insecure File Permissions (30.08.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod