Информационная безопасность
[RU] switch to English


DoS против Microsoft Active Directory
Опубликовано:11 ноября 2009 г.
Источник:
SecurityVulns ID:10393
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение стека (исчерпание стековой памяти) в LSASS.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-1928 (Stack consumption vulnerability in the LDAP service in Active Directory on Microsoft Windows 2000 SP4, Server 2003 SP2, and Server 2008 Gold and SP2; Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2; and Active Directory Lightweight Directory Service (AD LDS) on Windows Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via a malformed (1) LDAP or (2) LDAPS request, aka "LSASS Recursive Stack Overflow Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS09-066 - Important Vulnerability in Active Directory Could Allow Denial of Service (973309) (11.11.2009)
Файлы:Microsoft Security Bulletin MS09-066 - Important Vulnerability in Active Directory Could Allow Denial of Service (973309)

Повреждение памяти в Microsoft Word
Опубликовано:11 ноября 2009 г.
Источник:
SecurityVulns ID:10395
Тип:клиент
Уровень опасности:
7/10
Описание:Повреждение памяти при разборе файла Microsoft Word.
Затронутые продукты:MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2004 for Mac
 MICROSOFT : Office 2008 for Mac
CVE:CVE-2009-3135 (Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a malformed File Information Block (FIB) structure, aka "Microsoft Office Word File Information Memory Corruption Vulnerability.")
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 11.10.09: Microsoft Word FIB Processing Stack Buffer Overflow Vulnerability (11.11.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-068 - Important Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307) (11.11.2009)
Файлы:Microsoft Security Bulletin MS09-068 - Important Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307)

Переполнение буфера в беспроводных точках доступа на чипе Marvell
Опубликовано:11 ноября 2009 г.
Источник:
SecurityVulns ID:10397
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение буфера при разборе запроса на установку связи.
Затронутые продукты:Marvell : MARVELL 88W8361P-BEM1
 CISCO : Linksys WAP4400N
CVE:CVE-2007-5475
Оригинальный текстdocumentLaurent Butti, Marvell Driver Multiple Information Element Overflows (11.11.2009)

Повреждение памяти в Web Services on Devices Application Programming Interface API
Опубликовано:11 ноября 2009 г.
Источник:
SecurityVulns ID:10390
Тип:библиотека
Уровень опасности:
8/10
Описание:Повреждение памяти при разборе сетевого пакета WSD (TCP/5357, TCP/5358, UDP/3702).
Затронутые продукты:MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-2512 (The Web Services on Devices API (WSDAPI) in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly process the headers of WSD messages, which allows remote attackers to execute arbitrary code via a crafted (1) message or (2) response, aka "Web Services on Devices API Memory Corruption Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS09-063 - Critical Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565) (11.11.2009)
Файлы:Microsoft Security Bulletin MS09-063 - Critical Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565)

Переполнение буфера в License Logging Server на Microsoft Windows 2000
Опубликовано:11 ноября 2009 г.
Источник:
SecurityVulns ID:10391
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера при разборе вызова RPC.
Затронутые продукты:MICROSOFT : Windows 2000 Server
CVE:CVE-2009-2523 (The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRequestW method, aka "License Logging Server Heap Overflow Vulnerability.")
Оригинальный текстdocumentDVLabs, TPTI-09-07: Microsoft Windows License Logging Service Heap Corruption Vulnerability (11.11.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-064 - Critical Vulnerability in License Logging Server Could Allow Remote Code Execution (974783) (11.11.2009)
Файлы:Microsoft Security Bulletin MS09-064 - Critical Vulnerability in License Logging Server Could Allow Remote Code Execution (974783)

Выполнение кода в режиме ядра в GDI Microsoft Windows
Опубликовано:11 ноября 2009 г.
Источник:
SecurityVulns ID:10392
Тип:библиотека
Уровень опасности:
8/10
Описание:Повреждение памяти при разборе шрифта EOT (Embedded Open Type), повышение привилегий, DoS.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-2514 (win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not correctly parse font code during construction of a directory-entry table, which allows remote attackers to execute arbitrary code via a crafted Embedded OpenType (EOT) font, aka "Win32k EOT Parsing Vulnerability.")
 CVE-2009-2513 (The Graphics Device Interface (GDI) in win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient Data Validation Vulnerability.")
 CVE-2009-1127 (win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not correctly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka "Win32k NULL Pointer Dereferencing Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS09-065 - Critical Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947) (11.11.2009)
Файлы:Microsoft Security Bulletin MS09-065 - Critical Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)

DoS против еспроводных точек на чипсете Atheros
Опубликовано:11 ноября 2009 г.
Источник:
SecurityVulns ID:10396
Тип:удаленная
Уровень опасности:
5/10
Описание:Повреждение памяти при разборе фрейма.
Затронутые продукты:NETGEAR : Netgear WNDAP330
 ATHEROS : ATHEROS AR9160-BC1A
CVE:CVE-2009-0052 (The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame.)
Оригинальный текстdocumentLaurent Butti, Atheros Driver Reserved Frame Vulnerability (11.11.2009)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:11 ноября 2009 г.
Источник:
SecurityVulns ID:10398
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:CUTENEWS : Cute News 1.4
 WORDPRESS : WP-Cumulus 1.20
Оригинальный текстdocumentMustLive, Vulnerabilities in WP-Cumulus for WordPress (11.11.2009)
 documentAndrew Horton, [MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News (11.11.2009)

Многочисленные уязвимости безопасности в Microsoft Excel
дополнено с 11 ноября 2009 г.
Опубликовано:12 ноября 2009 г.
Источник:
SecurityVulns ID:10394
Тип:клиент
Уровень опасности:
7/10
Описание:Многочисленные повреждения памяти.
Затронутые продукты:MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2004 for Mac
 MICROSOFT : Office 2007
 MICROSOFT : Office 2008 for Mac
CVE:CVE-2009-3134 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a spreadsheet with a malformed record object, aka "Excel Field Sanitization Vulnerability.")
 CVE-2009-3133 (Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a spreadsheet containing a malformed object that triggers memory corruption, related to "loading Excel records," aka "Excel Document Parsing Memory Corruption Vulnerability.")
 CVE-2009-3132 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a spreadsheet containing a malformed formula, related to a "pointer corruption" issue, aka "Excel Index Parsing Vulnerability.")
 CVE-2009-3131 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a spreadsheet with a crafted formula embedded in a cell, aka "Excel Formula Parsing Memory Corruption Vulnerability.")
 CVE-2009-3130 (Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a spreadsheet containing a malformed Binary File Format (aka BIFF) record that triggers memory corruption, aka "Excel Document Parsing Heap Overflow Vulnerability.")
 CVE-2009-3129 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka "Excel Featheader Record Memory Corruption Vulnerability.")
 CVE-2009-3128 (Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer 2003 SP3, does not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a spreadsheet with a malformed record object, aka "Excel SxView Memory Corruption Vulnerability.")
 CVE-2009-3127 (Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer 2003 SP3 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Cache Memory Corruption Vulnerability.")
Оригинальный текстdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel Code Execution Vulnerabilities (12.11.2009)
 documentZDI, ZDI-09-082: Microsoft Office Excel PivotTable Cache Record Parsing Memory Corruption Vulnerability (11.11.2009)
 documentZDI, ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability (11.11.2009)
 documentIDEFENSE, ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability (11.11.2009)
 documentIDEFENSE, iDefense Security Advisory 11.10.09: Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability (11.11.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-067 - Important Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652) (11.11.2009)
Файлы:Microsoft Security Bulletin MS09-067 - Important Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)

DoS против DXMSoft XM Easy Personal FTP Server
дополнено с 11 ноября 2009 г.
Опубликовано:25 ноября 2009 г.
Источник:
SecurityVulns ID:10399
Тип:удаленная
Уровень опасности:
5/10
Описание:Отказ при получении команды LIST до PASV или POST.
Затронутые продукты:DXMSOFT : XM Easy Personal FTP Server 5.8
Оригинальный текстdocumentleinakesi_(at)_gmail.com, XM Easy Personal FTP Server Remote DoS Vulnerability (25.11.2009)
 documentzhangmc_(at)_mail.ustc.edu.cn, XM Easy Personal FTP Server 'APPE' and 'DELE' Command Remote Denial of Service Vulnerability (14.11.2009)
 documentzhangmc_(at)_mail.ustc.edu.cn, XM Easy Personal FTP Server 'LIST' Command Remote DoS Vulnerability (11.11.2009)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород