Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11426
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:PHPMYADMIN : phpMyAdmin 3.4
 KUENA : Kunena 1.5
 KUENA : Kunena 1.6
 ZOHO : ManageEngine ADSelfService Plus 4.4
CVE:CVE-2011-0987 (The PMA_Bookmark_get function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's execution of a SQL query by creating a bookmark.)
 CVE-2011-0986 (phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file.)
 CVE-2010-3274 (Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allow remote attackers to inject arbitrary web script or HTML via the searchString parameter in a (1) showList or (2) Search action.)
 CVE-2010-3273 (ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows remote attackers to reset user passwords, and consequently obtain access to arbitrary user accounts, by providing a user id to accounts/ValidateUser, and then providing a new password to accounts/ResetResult.)
 CVE-2010-3272 (accounts/ValidateAnswers in the security-questions implementation in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 makes it easier for remote attackers to reset user passwords, and consequently obtain access to arbitrary user accounts, via a modified (1) Hide_Captcha or (2) quesList parameter in a validateAll action.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2011:026 ] phpmyadmin (14.02.2011)
 documentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2011-0103 - ZOHO ManageEngine ADSelfService multiple vulnerabilities (14.02.2011)
 documentRed Matter, Kunena SQL Injection Vulnerability & Information Leakage (14.02.2011)

DoS против Novell eDirectory
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11429
Тип:удаленная
Уровень опасности:
5/10
Описание:Отказ при разборе запросов NCP (TCP/524)
Затронутые продукты:NOVELL : eDirectory 8.8
CVE:CVE-2010-4327 (Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524.)
Оригинальный текстdocumentZDI, ZDI-11-060: Novell eDirectory Malformed NCP Request Denial of Service Vulnerability (14.02.2011)

Целочисленное переполнение в CA ETrust Secure Content Manager
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11430
Тип:удаленная
Уровень опасности:
6/10
Описание:Целочисленное переполнение в сервисе на порту TCP/1882 не устранено в течении более чем 180 дней.
CVE:CVE-2011-0758 (The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow.)
Оригинальный текстdocumentZDI, ZDI-11-059: CA ETrust Secure Content Manager Common Services Transport Remote Code Execution Vulnerability (14.02.2011)

Несанкционированный доступ к HP StorageWorks X9000
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11434
Тип:удаленная
Уровень опасности:
5/10
CVE:CVE-2010-0833 (The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234, uses "SetPassword logic" when running as part of a root service, which allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired.)
Оригинальный текстdocumentHP, [security bulletin] HPSBST02630 SSRT1000385 rev.1 - HP StorageWorks X9000 Network Storage Systems, Remote Unauthenticated Access (14.02.2011)

Многочисленные уязвимости безопасности в Adobe Reader / Acrobat
дополнено с 11 февраля 2011 г.
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11419
Тип:клиент
Уровень опасности:
9/10
Описание:Выполнение кода, многочисленные повреждения памяти.
Затронутые продукты:ADOBE : Reader 10.0
 ADOBE : Reader 9.4
CVE:CVE-2011-0606 (Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a crafted length value, a different vulnerability than CVE-2011-0563 and CVE-2011-0589.)
 CVE-2011-0605 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.)
 CVE-2011-0604 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0587.)
 CVE-2011-0603 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0566 and CVE-2011-0567.)
 CVE-2011-0602 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via crafted JP2K record types in a JPEG2000 image in a PDF file, which causes heap corruption, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0599.)
 CVE-2011-0600 (The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file with an invalid Parent Node count that triggers an incorrect size calculation and memory corruption, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0595.)
 CVE-2011-0599 (The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted image that causes an invalid pointer calculation related to 4/8-bit RLE compression, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0602.)
 CVE-2011-0598 (Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code via crafted ICC data, a different vulnerability than CVE-2011-0596, CVE-2011-0599, and CVE-2011-0602.)
 CVE-2011-0596 (The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted (1) height and (2) width values for an RLE_8 compressed bitmap, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-0598, CVE-2011-0599, and CVE-2011-0602.)
 CVE-2011-0595 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600.)
 CVE-2011-0594 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font.)
 CVE-2011-0593 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0595, and CVE-2011-0600.)
 CVE-2011-0592 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to "Texture bmp," a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.)
 CVE-2011-0591 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to Texture and rgba, a different vulnerability than CVE-2011-0590, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.)
 CVE-2011-0590 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file, a different vulnerability than CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.)
 CVE-2011-0589 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606.)
 CVE-2011-0588 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0570.)
 CVE-2011-0587 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0604.)
 CVE-2011-0586 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X do not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.)
 CVE-2011-0585 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0565.)
 CVE-2011-0570 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0588.)
 CVE-2011-0568 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.)
 CVE-2011-0567 (AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image that triggers an incorrect pointer calculation, leading to heap memory corruption, a different vulnerability than CVE-2011-0566 and CVE-2011-0603.)
 CVE-2011-0566 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603.)
 CVE-2011-0565 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0585.)
 CVE-2011-0564 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows use weak permissions for unspecified files, which allows attackers to gain privileges via unknown vectors.)
 CVE-2011-0563 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0589 and CVE-2011-0606.)
 CVE-2011-0562 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0570 and CVE-2011-0588.)
 CVE-2010-4091 (The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.)
Оригинальный текстdocumentACROS Security, ASPR #2011-02-11-1: Remote Binary Planting in Adobe Reader (14.02.2011)
 documentIDEFENSE, iDefense Security Advisory 02.08.11: Adobe Reader and Acrobat JP2K Invalid Indexing Vulnerability (11.02.2011)
 documentZDI, ZDI-11-077: Adobe Acrobat Reader U3D Texture Parser ILBM Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-075: Adobe Acrobat Reader rt3d.dll Multimedia Playing Arbitrary Memory Overwite Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-074: Adobe Reader u3d Parent Node Count Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-073: Adobe Reader ICC Parsing Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-072: Adobe Reader BMP ColorData Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-071: Adobe Reader BMP RLE_8 Decompression Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-065: Adobe Reader Controlled memset Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-070: Adobe Acrobat Reader U3D Texture .fli RLE Decompression Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-069: Adobe Acrobat Reader U3D Texture psd RLE Decompression Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-068: Adobe Acrobat Reader U3D Texture bmp RLE Decompression Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-067: Adobe Acrobat Reader U3D Texture rgba RLE Decompression Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-066: Adobe Acrobat Reader U3D Texture .iff RLE Decompression Remote Code Execution Vulnerability (11.02.2011)
 documentADOBE, Security updates available for Adobe Reader and Acrobat (11.02.2011)

Доступ без аутентификации в Overland Storage SnapServer
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11424
Тип:удаленная
Уровень опасности:
5/10
Описание:Возможен доступ без аутентификации к данным резервного копирования через веб-интерфейс.
Затронутые продукты:OVERLANDSTORAGE : SnapServer N2000
Оригинальный текстdocumentSee Me, Multiple Snap Appliance (SnapServer) Bypass Vulnerabilities (14.02.2011)

Повреждение памяти в проигрывателе VLC
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11425
Тип:локальная
Уровень опасности:
5/10
Описание:Повреждение памяти при разборе контейнеров Matroska/WebM
Затронутые продукты:VLC : vlc 1.1
CVE:CVE-2011-0531 (demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2159-1] vlc security update (14.02.2011)

Подмена запроса в HP Power Manager
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11427
Тип:удаленная
Уровень опасности:
5/10
CVE:CVE-2010-0277 (slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMA02629 SSRT100381 rev.1 - HP Power Manager (HPPM) Running on Linux and Windows, Cross Site Request Forgery (CSRF) (14.02.2011)

Повышение привилегий в DESLock+
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11433
Тип:локальная
Уровень опасности:
5/10
Описание:Повышение привилегий через IOCTL.
Затронутые продукты:DESLOCK : DESLock+ 4.1
Оригинальный текстdocumentDigit Security Research, Data Encryption Systems - DESLock+ - Local Kernel Code Execution/Denial of Service (14.02.2011)
Файлы:DESlock+ <= 4.1.10 local kernel ring0 SYSTEM exploit

Многочисленные уязвимости безопасности в Adobe Flash Player
дополнено с 11 февраля 2011 г.
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11418
Тип:удаленная
Уровень опасности:
9/10
Описание:Целочисленные переполнения, повреждения памяти.
Затронутые продукты:ADOBE : Flash Player 10.1
CVE:CVE-2011-0608 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607.)
 CVE-2011-0607 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608.)
 CVE-2011-0578 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608.)
 CVE-2011-0577 (Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font.)
 CVE-2011-0575 (Untrusted search path vulnerability in Adobe Flash Player before 10.2.152.26 allows local users to gain privileges via a Trojan horse DLL in the current working directory.)
 CVE-2011-0574 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.)
 CVE-2011-0573 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.)
 CVE-2011-0572 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.)
 CVE-2011-0571 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.)
 CVE-2011-0561 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.)
 CVE-2011-0560 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.)
 CVE-2011-0559 (Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.)
 CVE-2011-0558 (Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class.)
Оригинальный текстdocumentACROS Security, ASPR #2011-02-11-2: Remote Binary Planting in Adobe Flash Player (14.02.2011)
 documentIDEFENSE, iDefense Security Advisory 02.08.11: Adobe Flash Player ActionScript Memory Corruption Vulnerability (11.02.2011)
 documentIDEFENSE, iDefense Security Advisory 02.08.11: Adobe Flash Player ActionScript Integer Overflow Vulnerability (11.02.2011)
 documentZDI, ZDI-11-081: Adobe Flash Player Point Object Remote Code Execution Vulnerability (11.02.2011)
 documentADOBE, Security update available for Adobe Flash Player (11.02.2011)

Многочисленные уязвимости безопасности в Microsoft Internet Explorer
дополнено с 8 февраля 2011 г.
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11410
Тип:клиент
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти, небезопасная подгрузка библиотек.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2011-0038 (Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability.")
 CVE-2011-0036 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, relagted to a "dangling pointer," aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2010-2556 and CVE-2011-0035.)
 CVE-2011-0035 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2010-2556 and CVE-2011-0036.)
 CVE-2010-3971 (Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a self-referential @import rule in a stylesheet, aka "CSS Memory Corruption Vulnerability.")
Оригинальный текстdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Internet Explorer "mshtml.dll" Dangling Pointer Vulnerability (CVE-2011-0036) (14.02.2011)
Файлы:Microsoft Security Bulletin MS11-003 - Critical Cumulative Security Update for Internet Explorer (2482017)

Переполнение буфера в IMAP-сервере SCO OpenServer
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11431
Тип:удаленная
Уровень опасности:
7/10
Описание:Переполнение буфера при разборе команд IMAP не устранено в течении более чем 180 дней.
Оригинальный текстdocumentZDI, ZDI-11-058: SCO Openserver IMAP Daemon Long Verb Parsing Remote Code Execution Vulnerability (14.02.2011)

Многочисленные уязвимости безопасности в Microsoft Windows
дополнено с 8 февраля 2011 г.
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11413
Тип:библиотека
Уровень опасности:
8/10
Описание:Переполнение буфера в shell при показе изображений, повреждение памяти при разборе шрифтов OpenType Compact Font Format, повышение привилегий через CSRSS, LSA, ядро и различные драйверы, подмена ответов сервера Kerberos, утечка данных в JScript/VBScript.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2011-0091 (Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does not prevent a session from changing from strong encryption to DES encryption, which allows man-in-the-middle attackers to spoof network traffic and obtain sensitive information via a DES downgrade, aka "Kerberos Spoofing Vulnerability.")
 CVE-2011-0090 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability.")
 CVE-2011-0089 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Window Class Improper Pointer Validation Vulnerability.")
 CVE-2011-0088 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Window Class Pointer Confusion Vulnerability.")
 CVE-2011-0087 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient User Input Validation Vulnerability.")
 CVE-2011-0086 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Improper User Input Validation Vulnerability.")
 CVE-2011-0045 (The Trace Events functionality in the kernel in Microsoft Windows XP SP3 does not properly perform type conversion, which causes integer truncation and insufficient memory allocation and triggers a buffer overflow, which allows local users to gain privileges via a crafted application, related to WmiTraceMessageVa, aka "Windows Kernel Integer Truncation Vulnerability.")
 CVE-2011-0043 (Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Kerberos Unkeyed Checksum Vulnerability.")
 CVE-2011-0039 (The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly process authentication requests, which allows local users to gain privileges via a request with a crafted length, aka "LSASS Length Validation Vulnerability.")
 CVE-2011-0033 (The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts, which allows remote attackers to execute arbitrary code via a crafted font, aka "OpenType Font Encoded Character Vulnerability.")
 CVE-2011-0031 (The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in Microsoft Windows Server 2008 R2 and Windows 7 do not properly load decoded scripts obtained from web pages, which allows remote attackers to trigger memory corruption and consequently obtain sensitive information via a crafted web site, aka "Scripting Engines Information Disclosure Vulnerability.")
 CVE-2011-0030 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive information or gain privileges via a crafted application that continues to execute throughout the logout of one user and the login session of the next user, aka "CSRSS Elevation of Privilege Vulnerability," a different vulnerability than CVE-2010-0023.)
 CVE-2010-4398 (Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key, aka "Driver Improper Interaction with Windows Kernel Vulnerability.")
 CVE-2010-3970 (Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor (aka graphics rendering engine) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted .MIC or unspecified Office document containing a thumbnail bitmap with a negative biClrUsed value, as reported by Moti and Xu Hao, aka "Windows Shell Graphics Processing Overrun Vulnerability.")
 CVE-2010-3970 (Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor (aka graphics rendering engine) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted .MIC or unspecified Office document containing a thumbnail bitmap with a negative biClrUsed value, as reported by Moti and Xu Hao, aka "Windows Shell Graphics Processing Overrun Vulnerability.")
Оригинальный текстdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Windows Shell Graphics biCompression Buffer Overflow Vulnerability (14.02.2011)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Windows Shell Graphics BMP "height" Integer Overflow Vulnerability (14.02.2011)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Windows Shell Graphics BMP "width" Integer Overflow Vulnerability (14.02.2011)
 documentIDEFENSE, iDefense Security Advisory 02.08.11: Microsoft Windows Picture and Fax Viewer Library (11.02.2011)
 documentZDI, ZDI-11-064: Microsoft Windows WmiTraceMessageVa Local Kernel Vulnerability (09.02.2011)
Файлы:Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)
 Microsoft Security Bulletin MS11-011 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802)
 Microsoft Security Bulletin MS11-013 - Important Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)
 Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2476687)
 Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)
 Microsoft Security Bulletin MS11-006 - Critical Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)
 Microsoft Security Bulletin MS11-012 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628)
 Microsoft Security Bulletin MS11-014 - Important Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478960)

Многочисленные уязвимости безопасаности в Adobe Shockwave Player
дополнено с 11 февраля 2011 г.
Опубликовано:14 февраля 2011 г.
Источник:
SecurityVulns ID:11417
Тип:клиент
Уровень опасности:
9/10
Описание:Многочисленные повреждения памяти.
Затронутые продукты:ADOBE : Shockwave Player 11.5
CVE:CVE-2011-0569 (The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PFR1 chunk containing an invalid size value that leads to an unexpected sign extension and a buffer overflow, a different vulnerability than CVE-2011-0556.)
 CVE-2011-0557 (Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code via a Director movie with a large count value in 3D assets type 0xFFFFFF45 record, which triggers a "faulty allocation" and memory corruption.)
 CVE-2011-0556 (The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PFR1 chunk that leads to an unexpected sign extension and an invalid pointer dereference, a different vulnerability than CVE-2011-0569.)
 CVE-2011-0555 (The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a Director file with a crafted DEMX RIFF chunk that triggers incorrect buffer allocation, a different vulnerability than CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.)
 CVE-2010-4307 (Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2010-4306 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4192.)
 CVE-2010-4306 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4192.)
 CVE-2010-4196 (The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.)
 CVE-2010-4195 (The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.)
 CVE-2010-4194 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.)
 CVE-2010-4193 (Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.)
 CVE-2010-4192 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted 3D Assets 0xFFFFFF88 type record that triggers an incorrect memory allocation, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4306.)
 CVE-2010-4191 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4192, and CVE-2010-4306.)
 CVE-2010-4190 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, wihch causes an out-of-bounds "seek" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.)
 CVE-2010-4189 (The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie containing a GIF image with a crafted global color table size value, which causes an out-of-range pointer offset.)
 CVE-2010-4188 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with an IFWV chunk with a size field of 0, which is used in the calculation of a file offset and causes invalid data to be used as a loop counter, triggering a heap-based buffer overflow, a different vulnerability than CVE-2010-2587 and CVE-2010-2588.)
 CVE-2010-4187 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed chunk in a Director file, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.)
 CVE-2010-4093 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.)
 CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allows user-assisted remote attackers to execute arbitrary code via a crafted web site, related to the Shockwave Settings window and an unloaded library. NOTE: some of these details are obtained from third party information.)
 CVE-2010-2589 (Integer overflow in the dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2010-2588 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2587 and CVE-2010-4188.)
 CVE-2010-2587 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2588 and CVE-2010-4188.)
Оригинальный текстdocumentVUPEN Security Research, VUPEN Security Research - Adobe Shockwave DIRAPI LCTX Chunck Memory Corruption Vulnerability (APSB11-01) (14.02.2011)
 documentZDI, ZDI-11-080: Adobe Shockwave CSWV Chunk Substructure Offset Value Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-079: Adobe Shockwave Player 0xFFFFFF45 Record Count Element Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, ZDI-11-078: Adobe Shockwave Player FFFFFF88 Record Count Element Remote Code Execution Vulnerability (11.02.2011)
 documentIDEFENSE, iDefense Security Advisory 02.08.11: Adobe Shockwave Player Memory Corruption Vulnerability (11.02.2011)
 documentZDI, TPTI-11-05: Adobe Shockwave PFR1 Font Chunk Parsing Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, TPTI-11-04: Adobe Shockwave GIF Logical Screen Descriptor Parsing Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, TPTI-11-03: Adobe Shockwave Font Xtra String Decoding Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, TPTI-11-02: Adobe Shockwave TextXtra Invalid Seek Remote Code Execution Vulnerability (11.02.2011)
 documentZDI, TPTI-11-01: Adobe Shockwave dirapi.dll IFWV Trusted Offset Remote Code Execution Vulnerability (11.02.2011)
 documentADOBE, Security update available for Shockwave Player (11.02.2011)

Выполнение кода в EMC Replication Manager
дополнено с 14 февраля 2011 г.
Опубликовано:31 марта 2011 г.
Источник:
SecurityVulns ID:11428
Тип:удаленная
Уровень опасности:
7/10
Описание:Выполнение команда через сервис на порту TCP/6542
Затронутые продукты:EMC : EMC Replication Manager 5.2
 EMC : EMC NetWorker Module for Microsoft Applications 2.3
CVE:CVE-2011-0647 (The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542.)
Оригинальный текстdocumentEMC, ESA-2011-012: Security update for EMC NetWorker Module for Microsoft Applications (31.03.2011)
 documentZDI, ZDI-11-061: EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability (14.02.2011)
 documentEMC, ESA-2011-004: EMC Replication Manager remote code execution vulnerability (14.02.2011)

Многочисленные уязвимости безопасности в HP Data Protector
дополнено с 14 февраля 2011 г.
Опубликовано:1 мая 2011 г.
Источник:
SecurityVulns ID:11432
Тип:удаленная
Уровень опасности:
7/10
Описание:Многочисленные уязвимости не устранены в течении более 180 дней.
CVE:CVE-2011-1736 (Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message.)
 CVE-2011-1735 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message.)
 CVE-2011-1734 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed omniiaputil message.)
 CVE-2011-1733 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message.)
 CVE-2011-1732 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message.)
 CVE-2011-1731 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message.)
 CVE-2011-1730 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message.)
 CVE-2011-1729 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message.)
 CVE-2011-1728 (Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_BAR message.)
Оригинальный текстdocumentZDI, ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability (01.05.2011)
 documentZDI, ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability (01.05.2011)
 documentZDI, ZDI-11-150: HP Data Protector Backup Client Service omniiaputil Message Processing Remote Code Execution Vulnerability (01.05.2011)
 documentZDI, ZDI-11-149: HP Data Protector Backup Client Service HPFGConfig Remote Code Execution Vulnerability (01.05.2011)
 documentZDI, ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability (01.05.2011)
 documentZDI, ZDI-11-147: HP Data Protector Backup Client Service EXEC_INTEGUTIL Remote Code Execution Vulnerability (01.05.2011)
 documentZDI, ZDI-11-146: HP Data Protector Backup Client Service EXEC_SCRIPT Remote Code Execution Vulnerability (01.05.2011)
 documentZDI, ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability (01.05.2011)
 documentZDI, ZDI-11-144: HP Data Protector Backup Client Service EXEC_BAR Remote Code Execution Vulnerability (01.05.2011)
 documentZDI, ZDI-11-057: Hewlett-Packard Data Protector Cell Manager Service Authentication Bypass Vulnerability (14.02.2011)
 documentZDI, ZDI-11-056: Hewlett-Packard Data Protector Client EXEC_SETUP Remote Code Execution Vulnerability (14.02.2011)
 documentZDI, ZDI-11-055: Hewlett-Packard Data Protector Client EXEC_CMD Perl Remote Code Execution Vulnerability (14.02.2011)
 documentZDI, ZDI-11-054: Hewlett-Packard Data Protector Client EXEC_CMD omni_chk_ds.sh Remote Code Execution Vulnerability (14.02.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород