Информационная безопасность
[RU] switch to English


Ежедневная сводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:17 марта 2008 г.
Источник:
SecurityVulns ID:8790
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:HORDE : Horde 3.0
 SMARTY : Smarty 2.6
 WML : wml 2.0
 SNEWSCMS : SnewsCMS Rus 2.3
 EASYCALENDAR : EasyCalendar 4.0
 MULTIPLETIMESHEE : Mutiple Timesheets 5.0
CVE:CVE-2008-1284 (Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0.5, and Groupware Webmail Edition before 1.0.6, when running with certain configurations, allows remote authenticated users to read and execute arbitrary files via ".." sequences and a null byte in the theme name.)
 CVE-2008-1066 (The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a '\0' character in a search string.)
 CVE-2008-0666 (Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files used by wml_backend/p3_eperl/eperl_sys.c.)
 CVE-2008-0665 (wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 1520-1] New smarty packages fix arbitrary code execution (17.03.2008)
 documentDEBIAN, [SECURITY] [DSA 1519-1] New horde3 packages fix information disclosure (17.03.2008)
 documentJose Luis Góngora Fernández, Mutiple Timesheets <= 5.0 - Multiple Remote Vulnerabilities (17.03.2008)
 documentJose Luis Góngora Fernández, EasyCalendar <= 4.0tr - Multiple Remote Vulnerabilities (17.03.2008)
 documentGENTOO, [ GLSA 200803-23 ] Website META Language: Insecure temporary file usage (17.03.2008)
 documentno-reply_(at)_aria-security.net, Joomla components com_guide "category" Remote SQL Injection [Aria-Security] (17.03.2008)
 documentСергей Моисеев, new vuln in snewscms rus v 2.3 (17.03.2008)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород