Информационная безопасность
[RU] switch to English


Ежедневная сводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:1 апреля 2009 г.
Источник:
SecurityVulns ID:9781
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:ZABBIX : Zabbix 1.6
 SUN : Calendar Server 6.0
 SUN : Calendar Server 6.3
 WEVEDITION : webEdition 6.0
 JOBHUT : JobHut 1.2
 COMMUNITYCMS : Community CMS 0.5
 FAMILYCMS : Family Connection 1.8
 GLFUSION : glFusion 1.1
 MAPSERVER : MapServer 5.2
 MAPSERVER : MapServer 4.10
CVE:CVE-2009-0843 (The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to determine the existence of arbitrary files via a full pathname in the queryfile parameter, which triggers different error messages depending on whether this pathname exists.)
 CVE-2009-0842 (mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to read arbitrary invalid .map files via a full pathname in the map parameter, which triggers the display of partial file contents within an error message, as demonstrated by a /tmp/sekrut.map symlink.)
 CVE-2009-0841 (Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter.)
 CVE-2009-0840 (Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header.)
 CVE-2009-0839 (Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action.)
Оригинальный текстdocumentPositron Security, Positron Security Advisory #2009-000: Multiple Vulnerabilities in MapServer v5.2.1 and v4.10.3 (01.04.2009)
 documentrgod, glFusion <= 1.1.2 COM_applyFilter()/order sql injection exploit (01.04.2009)
 documentSalvatore "drosophila" Fresta, Family Connections 1.8.1 Multiple Remote Vulnerabilities (01.04.2009)
 documentSalvatore "drosophila" Fresta, Community CMS 0.5 Multiple SQL Injection Vulnerabilities (01.04.2009)
 documentAdam Baldwin, Zabbix Multiple Frontend CSRF (Password reset & command execution) (01.04.2009)
 documentvuln_(at)_e-rdc.org, [ECHO_ADV_108$2009] JobHut <= 1.2 (pk) Remote Sql Injection Vulnerability (01.04.2009)
 documentjoseph.giron13_(at)_gmail.com, aspWebCalendar Free Edition bug (01.04.2009)
 documentSalvatore "drosophila" Fresta, webEdition 6.0.0.4 Local File Inclusion (01.04.2009)
 documentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server (01.04.2009)
 documentMustLive, New vulnerabilities in RotaBanner (01.04.2009)
Файлы:glFusion <= 1.1.2 COM_applyFilter()/order sql injection exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород