Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:30.08.2010
Source:
SecurityVulns ID:11100
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPMYADMIN : phpMyAdmin 2.11
 PHPMYADMIN : phpMyAdmin 3.3
 TYPO3 : typo3 4.3
 BTNET : BugTracker.NET 3.4
 WEBMATIC : Webmatic 3.0
CVE:CVE-2010-3056 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.php, (4) js/messages.php, (5) libraries/common.lib.php, (6) libraries/database_interface.lib.php, (7) libraries/dbi/mysql.dbi.lib.php, (8) libraries/dbi/mysqli.dbi.lib.php, (9) libraries/db_info.inc.php, (10) libraries/sanitizing.lib.php, (11) libraries/sqlparser.lib.php, (12) server_databases.php, (13) server_privileges.php, (14) setup/config.php, (15) sql.php, (16) tbl_replace.php, and (17) tbl_sql.php.)
 CVE-2010-3055 (The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request.)
Original documentdocumentHigh-Tech Bridge Security Research, XSS vulnerability in CompuCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Webmatic (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Auto CMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Webmatic (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, Local File Inclusion in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in CompuCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in CompuCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in CompuCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in CompuCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSRF (CSRF) in Webmatic (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, File Content Disclosure in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in CompuCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in CompuCMS (30.08.2010)
 documentMark van Tilburg, BugTracker.net 3.4.3 SQL Injection (30.08.2010)
 documentDEBIAN, [SECURITY] [DSA 2097-1] New phpmyadmin packages fix several vulnerabilities (30.08.2010)
 documentDEBIAN, [SECURITY] [DSA 2098-1] New typo3-src packages fix several vulnerabilities (30.08.2010)

KDE okular buffer overflow
Published:30.08.2010
Source:
SecurityVulns ID:11101
Type:local
Threat Level:
5/10
Description:Dynamic memory overflow on PDB files processing.
Affected:KDE : KDE 4.4
 KDE : KDE 4.2
CVE:CVE-2010-2575 (Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file.)
Original documentdocumentSECUNIA, Secunia Research: KDE Okular PDB Parsing RLE Decompression Buffer Overflow (30.08.2010)
 documentUBUNTU, [USN-979-1] okular vulnerability (30.08.2010)

Multiple browsers certificates validation weakness
Published:30.08.2010
Source:
SecurityVulns ID:11102
Type:m-i-t-m
Threat Level:
3/10
Description:Wildmasks in certificates issued to IP address are enabled.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MOZILLA : Firefox 3.6
 NOKIA : QT 4.7
Original documentdocumentRichard Moore, wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness (30.08.2010)

RealNetworks RealPlayer security vulnerabilities
Published:30.08.2010
Source:
SecurityVulns ID:11103
Type:client
Threat Level:
5/10
Description:Memory corruption on FLV and IVR formats parsing.
CVE:CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY or (2) HX_FLV_META_AMF_TYPE_ARRAY data in an FLV file.)
 CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on Windows allows remote attackers to execute arbitrary code via a malformed header in a RealMedia .IVR file.)
Original documentdocumentZDI, ZDI-10-167: RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities (30.08.2010)
 documentZDI, ZDI-10-166: RealNetworks RealPlayer Malformed IVR Object Index Code Execution Vulnerability (30.08.2010)

Deepin TFTP Server directory traversal
Published:30.08.2010
Source:
SecurityVulns ID:11104
Type:remote
Threat Level:
5/10
Description:Directory traversal on put / get operations.
Affected:DEEPIN : Deepin TFTP Server 1.25
Original documentdocumenthuang_chaoyi_(at)_venustech.com.cn, Deepin TFTP Server Directory Traversal Vulnerability (30.08.2010)

Cisco IOS XR BGP DoS
Published:30.08.2010
Source:
SecurityVulns ID:11106
Type:remote
Threat Level:
5/10
Description:Router may issue invalid announce on receiving prefix with malformed attribute.
Affected:CISCO : IOS XR 3.4
 CISCO : IOS XR 3.5
 CISCO : IOS XR 3.6
 CISCO : IOS XR 3.7
 CISCO : IOS XR 3.8
 CISCO : IOS XR 3.9
CVE:CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability (30.08.2010)

Cisco Unified Presence / Cisco Unified Communications Manager DoS
updated since 30.08.2010
Published:27.09.2010
Source:
SecurityVulns ID:11105
Type:remote
Threat Level:
5/10
Description:Crash on SIP messages parsing.
Affected:CISCO : Unified Communications Manager 6.1
 CISCO : Unified Communications Manager 7.1
 CISCO : Unified Communications Manager 8.0
 CISCO : Unified Presence 6.0
 CISCO : Unified Presence 7.0
CVE:CVE-2010-2840 (The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629.)
 CVE-2010-2839 (SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474.)
 CVE-2010-2838 (The SendCombinedStatusInfo implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.0SU before 7.0(2a)SU3, 7.1 before 7.1(5), and 8.0 before 8.0(3) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REGISTER message, aka Bug ID CSCtf66305.)
 CVE-2010-2837 (The SIPStationInit implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.1SU before 6.1(5)SU1, 7.0SU before 7.0(2a)SU3, 7.1SU before 7.1(3b)SU2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtd17310.)
 CVE-2010-2835 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a SIP REFER request with an invalid Refer-To header, aka Bug IDs CSCta20040 and CSCta31358.)
 CVE-2010-2834 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities (27.09.2010)
 documentCISCO, Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities (30.08.2010)
 documentCISCO, Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities (30.08.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod