Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:30.08.2011
Source:
SecurityVulns ID:11881
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:JOOMLA : JCE Joomla Extension 2.0
 LIFESIZEROOM : LifeSize Room 3.5
 LIFESIZEROOM : LifeSize Room 4.7
 AXWAY : SecureTransport 4.8
 IBM : IBM Open Admin Tool 2.27
CVE:CVE-2011-2763 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php.)
 CVE-2011-2762 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) allows remote attackers to bypass authentication via unspecified data associated with a "true" authentication status, related to AMF data and the LSRoom_Remoting.authenticate function in gateway.php.)
Original documentdocumentEhsan_Hp200_(at)_hotmail.com, webyuss (prodotto.php?id) (quadri.php?id) Remote SQL injection Vulnerability (30.08.2011)
 documentsk, XSS in IBM Open Admin Tool (30.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, bizConsulting (prodotto.php?id) Remote SQL injection Vulnerability (30.08.2011)
 documentJose Carlos de Arriba, [Foreground Security 2011-001]: Casper Suite (JSS 8.1) Cross-Site Scripting (30.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, phpWebSite (publisher) Remote SQL injection Vulnerability (30.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Fabio Rispoli (prodotto.php?id) Remote SQL injection Vulnerability (30.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Marketing & Development (prodotto.php?cat) Remote SQL injection Vulnerability (30.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Datriks Solutions (prodotto.php?id) (dettaglio_socio.php?id) Remote SQL injection Vulnerability (30.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Multimedia Creative (prodotto.php?id) Remote SQL injection Vulnerability (30.08.2011)
 documentddivulnalert_(at)_ddifrontline.com, DDIVRT-2011-32 Axway SecureTransport '/icons/' Directory Traversal (30.08.2011)
 documentsmcintyre_(at)_securestate.net, LifeSize Room Vulnerabilities (30.08.2011)
 documentadmin_(at)_bugreport.ir, JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities (30.08.2011)

Cisco Unified Communications Manager / Cisco Unified Presence Server information leakage
Published:30.08.2011
Source:
SecurityVulns ID:11883
Type:remote
Threat Level:
6/10
Description:OpenQuery information leakage.
Affected:CISCO : Unified Communications Manager 8.5
 CISCO : Unified Presence Server 8.5
CVE:CVE-2011-1643 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833.)
Original documentdocumentCISCO, Cisco Security Advisory: Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server (30.08.2011)

Pidgin code execution
Published:30.08.2011
Source:
SecurityVulns ID:11884
Type:remote
Threat Level:
6/10
Description:It's possible to execute code via file:// URL
Affected:PIDGIN : Pidgin 2.9
CVE:CVE-2011-3185 (gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message.)
 CVE-2011-3184 (The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause a denial of service (incorrect memory access and application crash) via vectors involving a crafted server message.)
 CVE-2011-2943 (The irc_msg_who function in msgs.c in the IRC protocol plugin in libpurple 2.8.0 through 2.9.0 in Pidgin before 2.10.0 does not properly validate characters in nicknames, which allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted nickname that is not properly handled in a WHO response.)
Original documentdocumentInsomnia Security, Insomnia : ISVA-110822.1 - Pidgin IM Insecure URL Handling Remote Code Execution (30.08.2011)

EMC RSA enVision security vulnerabilities
Published:30.08.2011
Source:
SecurityVulns ID:11885
Type:remote
Threat Level:
6/10
Description:Information leakage, unauthorized access.
Affected:EMC : RSA enVision 4
CVE:CVE-2011-2737 (RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to read arbitrary files via unspecified vectors, related to an "arbitrary file retrieval vulnerability.")
 CVE-2011-2736 (RSA enVision 4.x before 4 SP4 P3 places cleartext administrative credentials in Task Escalation e-mail messages, which allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to a recipient mailbox.)
Original documentdocumentEMC, ESA-2011-030: RSA, The Security Division of EMC, announces security fixes for RSA enVision (30.08.2011)

NetSaro information leakage
Published:30.08.2011
Source:
SecurityVulns ID:11886
Type:remote
Threat Level:
5/10
Description:Source code leakage via administration web interface.
Affected:NETSARO : NetSaro Enterprise Messenger Server 2.0
Original documentdocumentrobkraus_(at)_soutionary.com, NetSaro Enterprise Messenger Server Administration Console Source Code Disclosure (30.08.2011)

Microsoft Report Viewer crossite scripting
updated since 10.08.2011
Published:30.08.2011
Source:
SecurityVulns ID:11844
Type:client
Threat Level:
5/10
Description:ActiveX crossite scripting.
Affected:MICROSOFT : Visual Studio 2005
 MICROSOFT : Report Viewer 2005
CVE:CVE-2011-1976 (Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1 allows remote attackers to inject arbitrary web script or HTML via a parameter in a data source, aka "Report Viewer Controls XSS Vulnerability.")
Original documentdocumentinfo_(at)_gdssecurity.com, Cross-Site Scripting (XSS) in Microsoft ReportViewer Controls (30.08.2011)
Files:Microsoft Security Bulletin MS11-067 - Important Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230)

Linux kernel DoS
Published:30.08.2011
Source:
SecurityVulns ID:11887
Type:local
Threat Level:
4/10
Description:Crash on BeFS filesystem parsing.
Affected:LINUX : kernel 2.6
 LINUX : kernel 3.0
CVE:CVE-2011-2928 (The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel before 3.1-rc3 does not validate the length attribute of long symlinks, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) by accessing a long symlink on a malformed Be filesystem.)
Original documentdocumentTimo Warns, [PRE-SA-2011-06] Linux kernel: ZERO_SIZE_PTR dereference for long symlinks in Be FS (30.08.2011)

Apache Tomcat information leakage and unauthorized access
Published:30.08.2011
Source:
SecurityVulns ID:11888
Type:remote
Threat Level:
7/10
Description:A part of AJP message data may be processed as a new AJP message.
CVE:CVE-2011-3190 (Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.)
Original documentdocumentAPACHE, [SECURITY] CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure (30.08.2011)

Cisco Unified Communications Manager / Cisco Intercompany Media Engine / Cisco TelePresence Codecs DoS
updated since 30.08.2011
Published:20.09.2011
Source:
SecurityVulns ID:11882
Type:remote
Threat Level:
6/10
Description:Crash on Service Advertisement Framework (SAF) packet parsing, crash on SIP processing, connection flood DoS.
Affected:CISCO : Unified Communications Manager 6.1
 CISCO : Unified Communications Manager 7.0
 CISCO : Unified Communications Manager 8.5
 CISCO : Intercompany Media Engine 8.0
 CISCO : TelePresence C40
 CISCO : TelePresence C60
 CISCO : TelePresence C90
 CISCO : TelePresence E20
 CISCO : TelePresence EX60
 CISCO : TelePresence EX90
 CISCO : TelePresence 6000 MXP
 CISCO : TelePresence 9000 MXP
CVE:CVE-2011-2577 (Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs, when using software versions before TC 4.0.0 or F9.1, allows remote attackers to cause a denial of service (crash) via a crafted SIP packet to port 5060 or 5061, aka Bug ID CSCtq46500.)
 CVE-2011-2564 (Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth19417.)
 CVE-2011-2563 (Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth26669.)
 CVE-2011-2562 (Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (service outage) via a SIP INVITE message, aka Bug ID CSCth43256.)
 CVE-2011-2561 (The SIP process in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(5b)su4 and 8.x before 8.0(1) does not properly handle SDP data within a SIP call in certain situations related to use of the g729ar8 codec for a Media Termination Point (MTP), which allows remote attackers to cause a denial of service (service outage) via a crafted call, aka Bug ID CSCtc61990.)
 CVE-2011-2560 (The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service (memory consumption and restart) by making many connections, aka Bug ID CSCtf97162.)
 CVE-2011-2544 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco TelePresence System MXP Series F9.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via a crafted Call ID, as demonstrated by resultant cross-site request forgery (CSRF) attacks that change passwords or cause a denial of service, aka Bug ID CSCtq46488.)
 CVE-2011-2543 (Buffer overflow in the cuil component in Cisco Telepresence System Integrator C Series 4.x before TC4.2.0 allows remote authenticated users to cause a denial of service (endpoint reboot or process crash) or possibly execute arbitrary code via a long location parameter to the getxml program, aka Bug ID CSCtq46496.)
Original documentdocumentlists_(at)_senseofsecurity.com, Cisco TelePresence Multiple Vulnerabilities - SOS-11-010 (20.09.2011)
 documentCISCO, Cisco Security Advisory: Denial of Service Vulnerability in Cisco TelePresence Codecs (05.09.2011)
 documentCISCO, Cisco Security Advisory: Denial of Service Vulnerabilities in Cisco Intercompany Media Engine (30.08.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod