Computer Security
[EN] securityvulns.ru no-pyccku


perl Mail::Audit library symbolic links problem
Published:31.01.2006
Source:
SecurityVulns ID:5718
Type:local
Threat Level:
5/10
Description:Insecure creation of log file.
Affected:PERL : Mail::Audit 2.0
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 960-1] New libmail-audit-perl packages fix insecure temporary file use (31.01.2006)

git content tracker buffer overflow
Published:31.01.2006
Source:
SecurityVulns ID:5719
Type:local
Threat Level:
5/10
Description:Buffer overflow on oversized symbolic link name.
Affected:GIT : git 1.1
Original documentdocumentSECUNIA, [SA18643] GIT "git-checkout-index" Symbolic Link Handling Buffer Overflow (31.01.2006)

NetDSL-1000 DSL router telnet server DoS
Published:31.01.2006
Source:
SecurityVulns ID:5715
Type:remote
Threat Level:
4/10
Description:Request flood causes telnet service to hang
Affected:ARESCOM : Arescom NetDSL-1000
Files:Exploit Arescom NetDSL-1000

bzip2 bzgrep and gzip zgrep shell characters problem
Published:31.01.2006
Source:
SecurityVulns ID:5717
Type:local
Threat Level:
5/10
Description:Unfiltered characters in filename allow code execution.
Affected:BZIP : bzip2 1.0
 gzip : gzip 1.3
 ZGREP : zgrep 1.3
Original documentdocumentMANDRIVA, [ MDKSA-2006:027 ] - Updated gzip packages fix zgrep vulnerabilities (31.01.2006)
 documentMANDRIVA, [ MDKSA-2006:026 ] - Updated bzip2 packages fix bzgrep vulnerabilities (31.01.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:31.01.2006
Source:
SecurityVulns ID:5716
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:NUKEDKLAN : Nuked-Klan 1.7
 MG2 : MG2 Image Gallery 0.5
 MYBB : MyBB 1.2
 ETOMITE : Etomite CMS 0.6
Original documentdocumentPreben Nylokken, Cerberus Helpdesk vulnerable to XSS (31.01.2006)
 documentPreben Nylokken, BrowserCRM vulnerable for XSS (31.01.2006)
 documentSECUNIA, [SA18672] sPaiz-Nuke "query" Cross-Site Scripting Vulnerability (31.01.2006)
 documentsecurity curmudgeon, Etomite followup information (31.01.2006)
 documentLuca Ercoli, Etomite CMS "Backdoored" (31.01.2006)
 documento.y.6_(at)_hotmail.com, MyBB 1.2 Local File Incusion (31.01.2006)
 documentPreben Nylokken, XSS flaw in MG2 Image Gallery (v.0.5.1) (31.01.2006)
 documentnight_warrior771_(at)_securityfocus.com, Nuked-klaN Cross-Site Scripting Vulnerability (31.01.2006)

unalz archiver buffer overflow
updated since 28.11.2005
Published:31.01.2006
Source:
SecurityVulns ID:5486
Type:remote
Threat Level:
5/10
Description:Buffer overflow on oversized archived file name.
Affected:UNALZ : unalz 0.52
Original documentdocumentDEBIAN, [SECURITY] [DSA 959-1] New unalz packages fix arbitrary code execution (31.01.2006)
 documentSECUNIA, [SA17774] unalz Filename Handling Buffer Overflow Vulnerability (28.11.2005)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod