 |
|
|
|
rssh restricted shell protection bypass
updated since 27.12.2005 | | Published: |  | 30.12.2005 | | Source: |  | FULL-DISCLOSURE | | SecurityVulns ID: |  | 5576 | | Type: |  | local | | Level: |  | 5/10 | | Description: |  | With rssh_chroot_helper it's possible to chroot behind restricted directory. |
| Affected: |  | RSSH : rssh 2.3 |
| Original document |  | Derek Martin, rssh: root privilege escalation flaw (30.12.2005) |
| | | GENTOO, [Full-disclosure] [ GLSA 200512-15 ] rssh: Privilege escalation (27.12.2005) |
| TUGZip archiver buffer overflow | | Published: | | 30.12.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5585 | | Type: | | local | | Level: | | 5/10 | | Description: | | Buffer overflow on ARJ archives parsing. |
| Affected: | | TUGZIP : TUGZip 3.4 |
| Original document | | SECUNIA, Secunia Research: TUGZip ARJ Archive Handling Buffer Overflow Vulnerability (30.12.2005) |
| ImageMagic graphic utilities shell characters problem | | Published: | | 30.12.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5587 | | Type: | | local | | Level: | | 5/10 | | Description: | | Shell characters problem with image filenames. |
| Affected: | | IMAGEMAGICK : ImageMagick 6.2 |
| Original document | | SECUNIA, [SA18261] ImageMagick Utilities Image Filename Shell Command Injection (30.12.2005) |
Web applications security vulnerabilities (PHP, ASP, JSP, CGI, Perl)
updated since 30.12.2005 | | Published: | | 31.12.2005 | | Source: | | | | SecurityVulns ID: | | 5584 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: | | PHPBB : phpBB 2.0 | | | | MYBB : MyBB 1.0 | | | | ECARDMAX : eCardMAX | | | | KAYAKO : Kayako SupportSuite 3.0 | | | | EPISTREAM : iPei Guestbook 1.7 | | | | OOAPP : OoApp Guestbook 2.1 | | | | ADESDESIGN : AdesGuestbook 2.0 | | | | MOXIECODE : TinyMCE Compressor 1.0 | | | | WORDPRESS : WordPress 2.0 | | | | WEBWIZ : Webwiz Site News 3.06 | | | | WEBWIZ : Webwiz Journal 1.0 | | | | WEBWIZ : Webwiz Weekly Poll 3.06 | | | | GFHOST : GFHost 0.4 | | | | GMAILSITE : GmailSite 1.0 | | | | PHPDOC : PHPDocumentor .2 | | | | PHPDOC : PHPDocumentor 1.2 | | | | PHPDOC : PHPDocumentor 1.3 | | | | BUGPORT : BugPort 1.147 |
| Original document | | imei, MyBB 1.0 SQL injection in uploading file (31.12.2005) |
| | | imei, MyBB XSS cross-site scripting (31.12.2005) |
| | | r0t, BugPort Multiple vuln. (31.12.2005) |
| | | zeus olimpusklan, PHPDocumentor Cross-Site Scripting (31.12.2005) |
| | | SECUNIA, [SA18155] GFHost / GmailSite "lng" Local File Inclusion Vulnerability (30.12.2005) |
| | | advisory_(at)_kapda.ir, [KAPDA::#18] - WebWiz Products SQL Injection (30.12.2005) |
| | | retrogod_(at)_aliceposta.it, PhpDocumentor <= 1.3.0 rc4 Arbitrary remote/local inclusion (30.12.2005) |
| | | Stefan Esser, Advisory 26/2005: TinyMCE Compressor Vulnerabilities (30.12.2005) |
| | | Paul Laudanski, phpbb2.0.19 fixes security issues (30.12.2005) |
| | | r0t, iPei Guestbook XSS vuln. (30.12.2005) |
| | | r0t, OoApp Guestbook XSS vuln. (30.12.2005) |
| | | r0t, AdesGuestbook XSS vuln. (30.12.2005) |
| | | r0t, Kayako SupportSuite multiple vuln. (30.12.2005) |
| | | durito, Re[2]: новые уязвимости (30.12.2005) |
NView / XNView multimedia viewer / browser privilege escalation
updated since 30.12.2005 | | Published: | | 03.01.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 5586 | | Type: | | local | | Level: | | 5/10 | | Description: | | Dynamic libraries from current directory are loaded on startup. |
|
|
|
|
|
| |
|
| |
