Section: .. / 0610-advisories /
| /// File Name: |
adv10-xeobook.txt |
Description:
|
Xeobook versions 0.93 and below suffer from multiple SQL injection vulnerabilities.
| | Author: | Tamriel | | File Size: | 2071 | | Last Modified: | Oct 18 19:34:03 2006 |
| MD5 Checksum: | 134a56a30d02e79eb2d1ef1ece014153 |
|
| /// File Name: |
adv11-xeoport.txt |
Description:
|
XeoPort versions 0.81 and below suffer from a SQL injection vulnerability.
| | Author: | Tamriel | | File Size: | 1961 | | Last Modified: | Oct 18 19:33:05 2006 |
| MD5 Checksum: | 9b4eb2f933ea52295fa23a038d511609 |
|
| /// File Name: |
advisory_082006.132.txt |
Description:
|
Hardened-PHP Project Security Advisory - PHP's open_basedir feature is meant to disallow scripts to access files outside a set of configured base directories. The checks for this are placed within PHP functions dealing with files before the actual open call is performed. Obviously there is a little span of time between the check and the actual open call. During this time span the checked path could have been altered and point to a file that is forbidden to be accessed due to open_basedir restrictions. PHP versions 4 and 5 are affected by this.
| | Author: | Stefan Esser | | Homepage: | http://www.hardened-php.net/ | | File Size: | 5594 | | Last Modified: | Oct 8 22:19:30 2006 |
| MD5 Checksum: | 2cb900474805e78b77ed508b99ef68e4 |
|
| /// File Name: |
advisory_092006.133.txt |
Description:
|
Hardened-PHP Project Security Advisory - The PHP 5 branch of the PHP source code lacks the protection against possible integer overflows inside ecalloc() that is present in the PHP 4 branch and also for several years part of our Hardening-Patch and our new Suhosin-Patch. It was discovered that such an integer overflow can be triggered when user input is passed to the unserialize() function. Earlier vulnerabilities in PHP's unserialize() that were also discovered by one of our audits in December 2004 are unrelated to the newly discovered flaw, but they have shown, that the unserialize() function is exposed to user-input in many popular PHP applications. Examples for applications that use the content of COOKIE variables with unserialize() are phpBB and Serendipity. The successful exploitation of this integer overflow will result in arbitrary code execution. PHP versions below 4.3.0 and versions below or equal to 5.1.6 are affected.
| | Author: | Stefan Esser | | Homepage: | http://www.hardened-php.net/ | | File Size: | 6704 | | Last Modified: | Oct 12 04:14:30 2006 |
| MD5 Checksum: | e179df9a8badbdc246d4a3c33f86142d |
|
| /// File Name: |
Airmagnet-vuln.txt |
Description:
|
The management interface of AirMagnet Enterprise contains several middle-risk vulnerabilities. Vulnerabilities ranges from reflected and stored Cross-Site scripting to remote code execution and protection bypass.
| | Author: | ptsecurity | | File Size: | 1514 | | Last Modified: | Oct 20 20:22:01 2006 |
| MD5 Checksum: | 5c91553da46667262c51fc245724ada0 |
|
| /// File Name: |
Armorize-ADV-2006-0002.txt |
Description:
|
Armorize-ADV-2006-0002 discloses multiple cross-site scripting vulnerabilities that are found in Red Mombin, which is a +quick and easy-to-use web-base task manager. It's powered by AJAX, PHP, and MySQL and works in all major browsers.
| | Author: | Armorize | | Homepage: | http://www.armorize.com | | File Size: | 2089 | | Last Modified: | Oct 3 20:42:40 2006 |
| MD5 Checksum: | 898efdbdc671a9b4fb31b437c65501bb |
|
| /// File Name: |
Armorize-ADV-2006-0003.txt |
Description:
|
Armorize-ADV-2006-0003 discloses multiple cross-site scripting vulnerabilities that are found in Zen Cart, which is a PHP e-commerce shopping program and is Built on a foundation of OScommerce GPL code. It provides an easy-to-setup and run online store.
| | Author: | Armorize | | Homepage: | http://www.armorize.com | | File Size: | 2263 | | Last Modified: | Oct 20 17:32:22 2006 |
| MD5 Checksum: | 3f431164425f059247d2ce46ba3fda1c |
|
| /// File Name: |
Armorize-ADV-2006-0004.txt |
Description:
|
Armorize-ADV-2006-0004 discloses a special case of directory traversal vulnerability found in Goop Gallery, which is is a directory based photo gallery and does not require database installation
| | Author: | Armorize | | Homepage: | http://www.armorize.com | | File Size: | 2571 | | Last Modified: | Oct 13 20:58:56 2006 |
| MD5 Checksum: | 47af47fcbc70ff85546ce7183b08e277 |
|
| /// File Name: |
Armorize-ADV-2006-0005.txt |
Description:
|
Armorize-ADV-2006-0005 discloses multiple cross-site scripting vulnerabilities that are found in Gcontact, which is a Web based address book written in Ajax/PHP offering multi-user, multi-contacts (email,phone,icq,msn,...) & multi-address for each person, birthday reminder by email, mailing-list management, Excel export, etc.
| | Author: | Armorize | | Homepage: | http://www.armorize.com | | File Size: | 1904 | | Last Modified: | Oct 20 17:32:46 2006 |
| MD5 Checksum: | 872cee9929c7a8de21cbecd0789861f8 |
|
| /// File Name: |
Armorize-ADV-2006-0006.txt |
Description:
|
Armorize-ADV-2006-0006 discloses multiple cross-site scripting vulnerabilities that are found in KnowledgeBank (http://sourceforge.net/projects/knowledgebank/), which is a is a PHP/mySQL web app that allows you to create a searchable database application with categories, subcategories, and screenshots.
| | Author: | Armorize | | Homepage: | http://www.armorize.com | | File Size: | 1825 | | Last Modified: | Oct 20 21:21:10 2006 |
| MD5 Checksum: | 0a875d0ec46acf7cdf20e6b10603f35a |
|
| /// File Name: |
AsbruHardCore.txt |
Description:
|
Asbru HardCore Web Content Editor is vulnerable to a command injection attack vulnerability.
| | Author: | n.runs GmbH | | Homepage: | http://www.nruns.com/ | | File Size: | 3235 | | Last Modified: | Oct 20 18:24:00 2006 |
| MD5 Checksum: | b1b10c6dd09ed0642b39a6c420e53e4e |
|
| /// File Name: |
ast-chan_skinny.txt |
Description:
|
The Asterisk Skinny channel driver for Cisco SCCP phones chan_skinny.so) incorrectly validates a length value in the packet header. An integer wrap-around leads to heap overwrite, and arbitrary remote code execution as root.
| | Homepage: | http://Security-Assessment.com | | File Size: | 5687 | | Last Modified: | Oct 20 20:32:30 2006 |
| MD5 Checksum: | 6539162e8216133abe7d9d33f9a2327d |
|
| /// File Name: |
asterisk-1.2.13.txt |
Description:
|
Asterisk Open Source PBX versions prior to 1.2.13 are vulnerable to local and remote denial of service attacks via a sequence of malformed packets.
| | Author: | J. Oquendo | | Homepage: | http://www.infiltrated.net/asteroid | | File Size: | 2764 | | Last Modified: | Oct 30 18:19:53 2006 |
| MD5 Checksum: | a014b9cf99e6da2aba8214779169fd77 |
|
| /// File Name: |
AxaltoProtiva.txt |
Description:
|
Axalto Protiva 1.1 stores sensitive information in plaintext world readable files.
| | Author: | nnposter | | File Size: | 1057 | | Last Modified: | Oct 30 17:06:53 2006 |
| MD5 Checksum: | 6e841670bcbfdd2e02db12fe0211fc4e |
|
| /// File Name: |
bSpeak1.10.txt |
Description:
|
bSpeak 1.10 suffers from a cross site scripting vulnerability.
| | Author: | Prohibited | | File Size: | 573 | | Last Modified: | Oct 4 15:32:14 2006 |
| MD5 Checksum: | 363569bfba3a984cf3dd98ae7f89885e |
|
| /// File Name: |
Bugzilla-multiple.txt |
Description:
|
Security Advisory for Bugzilla 2.18.5, 2.20.2, 2.22, and 2.23.2: This advisory covers six security issues that have recently been fixed in the Bugzilla code.
| | Homepage: | http://www.bugzilla.org/ | | File Size: | 7448 | | Last Modified: | Oct 20 17:48:07 2006 |
| MD5 Checksum: | 79040ad91bd42ebe730fd28aea31b4d3 |
|
| /// File Name: |
CAID-34693-34694.txt |
Description:
|
[CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities (UPDATED)
| | Author: | Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 5199 | | Last Modified: | Oct 24 16:25:26 2006 |
| MD5 Checksum: | 832aef7ff74fdb00a8fed686f67404d8 |
|
| /// File Name: |
CAID-34693_34694.txt |
Description:
|
[CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities (UPDATED): Summary: CA BrightStor ARCserve Backup contains multiple buffer overflow conditions that allow remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. These issues affect the BrightStor Backup Agent Service, the Job Engine Service, and the Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.
| | Author: | Ken Williams | | Homepage: | http://ca.com/ | | Related File: | CAID-34693-34694.txt | | File Size: | 5199 | | Last Modified: | Oct 20 20:33:56 2006 |
| MD5 Checksum: | 832aef7ff74fdb00a8fed686f67404d8 |
|
| /// File Name: |
CAID34661.txt |
Description:
|
CAID 34661: CA Unicenter WSDM File System Read Access Vulnerability: Unicenter Web Services Distributed Management 3.1 uses a known vulnerable version of Jetty WebServer, an open source java web server. An advisory describing the Jetty WebServer vulnerability can be found at http://www.securityfocus.com/bid/11330. The vulnerability allows a remote attacker to gain full read access on the install partitions file system of the Unicenter WSDM host system through a directory traversal attack
| | Author: | CA Vulnerability Research | | Homepage: | http://supportconnect.ca.com/ | | File Size: | 3088 | | Last Modified: | Oct 4 18:16:16 2006 |
| MD5 Checksum: | 0e0db4898090d2e7cec643c43de02026 |
|
| /// File Name: |
cisco-sa-20061012-wla.txt |
Description:
|
Cisco Security Advisory cisco-sa-20061012-wla: Default Password in Wireless Location Appliance
| | Homepage: | http://www.cisco.com | | File Size: | 11746 | | Last Modified: | Oct 17 15:02:27 2006 |
| MD5 Checksum: | 38992dc86571b1e0971b52b6e12577ed |
|
| /// File Name: |
cisco-sa-20061025-csa.txt |
Description:
|
Cisco Security Advisory ID: cisco-sa-20061025-csa - Cisco Security Agent for Linux Port Scan Denial of Service
| | Homepage: | http://www.cisco.com | | File Size: | 12112 | | Last Modified: | Oct 27 19:42:21 2006 |
| MD5 Checksum: | 4bfd99402bacb7bde6a7e810a0895cbb |
|
| /// File Name: |
cmd.exe.txt |
Description:
|
It is possible to crash CMD.EXE in windows via a buffer overflow.
| | Author: | napa | | File Size: | 1524 | | Last Modified: | Oct 27 15:39:21 2006 |
| MD5 Checksum: | 4e9b8017ca827552a8a355a9331e83d7 |
|
| /// File Name: |
CruiseWorks.txt |
Description:
|
Two vulnerabilities have been found in CruiseWorks. When exploited, the vulnerabilities allow an authenticated user to retrieve arbitrary files accessible to the web server process and to execute arbitrary code with privileges of the IIS IUSR_MACHINE account.
| | Author: | TAN Chew Keong | | Homepage: | http://vuln.sg/cruiseworks109d-en.html | | File Size: | 809 | | Last Modified: | Oct 27 16:46:55 2006 |
| MD5 Checksum: | 2ab742debc13449fdee056d54da5c558 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
