Информационная безопасность
[RU] switch to English


Проблема символьных линков в электронном словаре Lookup (symbolic links)
Опубликовано:18 марта 2007 г.
Источник:
SecurityVulns ID:7424
Тип:локальная
Уровень опасности:
5/10
Описание:Проблема символьных ликнов при создании временного файла.
Затронутые продукты:LOOKUP : lookup 1.4
CVE:CVE-2007-0237 (The ndeb-binary feature in Lookup (lookup-el) allows local users to overwrite arbitrary files via a symlink attack on temporary files.)
Оригинальный текстdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1269-1] New lookup-el packages fix insecure temporary file (18.03.2007)

Многочисленные уязвимости netfilter в Linux (multiple bugs)
Опубликовано:18 марта 2007 г.
Источник:
SecurityVulns ID:7425
Тип:удаленная
Уровень опасности:
6/10
Описание:Обход защиты через фрагментированные пакеты IPv6, отказ в обслуживании.
Затронутые продукты:LINUX : kernel 2.6
CVE:CVE-2007-1497 (nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments.)
 CVE-2007-1496 (nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service (crash) via unspecified vectors involving the (1) nfulnl_recv_config function, (2) using "multiple packets per netlink message", and (3) bridged packets, which trigger a NULL pointer dereference.)

Многочисленные уязвимостив Apple MacOS X (multiple bugs)
Опубликовано:18 марта 2007 г.
Источник:
SecurityVulns ID:7426
Описание:Обновление для Mac OS X закрывает большое количество уязвимостей.
Затронутые продукты:APPLE : MacOS X 10.3
 APPLE : Mac OS X 10.4
 CUPS : cups 1.2
CVE:CVE-2007-0733 (Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RAW image that triggers memory corruption.)
 CVE-2007-0731 (Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL.)
 CVE-2007-0730 (Server Manager (servermgrd) in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently validate authentication credentials, which allows remote attackers to bypass authentication and modify system configuration.)
 CVE-2007-0728 (Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files.)
 CVE-2007-0726 (The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were based on the original keys.)
 CVE-2007-0724 (The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.)
 CVE-2007-0723 (Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote authenticated LDAP users to modify the root password and gain privileges via unknown vectors.)
 CVE-2007-0722 (Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted AppleSingleEncoding disk image.)
 CVE-2007-0721 (Unspecified vulnerability in diskimages-helper in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted compressed disk image that triggers memory corruption.)
 CVE-2007-0720 (The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.)
 CVE-2007-0719 (Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via an image with a crafted ColorSync profile.)
Оригинальный текстdocumentCERT, US-CERT Technical Cyber Security Alert TA07-072A -- Apple Updates for Multiple Vulnerabilities (18.03.2007)

DoS против mud-оболочки PennMUSH
Опубликовано:18 марта 2007 г.
Источник:
SecurityVulns ID:7427
Тип:удаленная
Уровень опасности:
5/10
Описание:Многочисленные DoS-условия при обработке различных команд.
Затронутые продукты:PENNMUSH : PennMUSH 1.8
CVE:CVE-2007-1431 (Multiple unspecified vulnerabilities in PennMUSH 1.8.3 before 1.8.3p1 and 1.8.2 before 1.8.2p3 allow attackers to cause a denial of service (crash) related to the (1) speak and (2) buy functions.)

Повреждение памати в TFTP-сервере D-Link (memory corruption)
Опубликовано:18 марта 2007 г.
Источник:
SecurityVulns ID:7428
Тип:удаленная
Уровень опасности:
5/10
Описание:Повреждение памяти на длинных командах GET/PUT.
Затронутые продукты:DLINK : D-Link TFTP Server 1.0
CVE:CVE-2007-1435 (Buffer overflow in D-Link TFTP Server 1.0 allows remote attackers to cause a denial of service (crash) via a long (1) GET or (2) PUT request, which triggers memory corruption. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)

Проблемы символьных линков в netserver из netperf (symbolic links)
Опубликовано:18 марта 2007 г.
Источник:
SecurityVulns ID:7429
Тип:локальная
Уровень опасности:
5/10
Описание:Проблема символьных линков при создании файла /tmp/netperf.debug.
Затронутые продукты:NETPERF : netperf 2.4
CVE:CVE-2007-1444 (netserver in netperf 2.4.3 allows local users to overwrite arbitrary files via a symlink attack on /tmp/netperf.debug.)

DoS против Adobe JRun / ColdFusion
Опубликовано:18 марта 2007 г.
Источник:
SecurityVulns ID:7430
Тип:удаленная
Уровень опасности:
5/10
Описание:Отказ в обслуживании при работе на IIS при запросе файла в корневой папке JRun.
Затронутые продукты:ADOBE : JRun 4.0
 ADOBE : Macromedia ColdFusion MX 7
 ADOBE : Macromedia ColdFusion MX 6.1
CVE:CVE-2007-1278 (Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 and 7.0 Enterprise, when using Microsoft IIS 6, allows remote attackers to cause a denial of service via unspecified vectors, involving the request of a file in the JRun web root.)

Несанкционированный доступ к Sun Java Web Server (unauthorized access)
Опубликовано:18 марта 2007 г.
Источник:
SecurityVulns ID:7431
Тип:удаленная
Уровень опасности:
6/10
Затронутые продукты:SUN : Sun Java System Web Server 6.1
 SUN : Sun Java System Web Server 6.0
CVE:CVE-2007-1526 (Sun Java System Web Server 6.1 before 20070314 allows remote authenticated users with revoked client certificates to bypass the Certificate Revocation List (CRL) authorization control and access secure web server instances running under an account different from that used for the admin server via unspecified vectors.)
 CVE-2007-1488 (Unspecified vulnerability in Sun Java System Web Server 6.0 and 6.1 before 20070315 allows remote attackers to "gain unauthorized access to data", possibly involving a sample application.)

Многочисленные уязвимости в IRC-клиенте Rhapsody (multiple bugs)
Опубликовано:18 марта 2007 г.
Источник:
SecurityVulns ID:7423
Тип:клиент
Уровень опасности:
5/10
Описание:Многочисленные переполнения буфера и ошибки форматной строки.
Затронутые продукты:RHAPSODY : Rhapsody IRC 0.28
CVE:CVE-2007-1503 (Multiple format string vulnerabilities in comm.c in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via format string specifiers to the create_ctcp_message function using the message argument to the (1) me or (2) ctcp commands, and possibly related vectors involving the (3) whois, (4) mode, and (5) topic commands.)
 CVE-2007-1502 (Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via a (1) long command, (2) long server argument to the (a) connect or (b) server commands, (3) long nick argument to the (c) nick command, or a long (4) nick or (5) message argument to the (d) ctcp, (e) chat, (f) notice, (g) message (msg), or (h) query commands.)
Оригинальный текстdocumentstarcadi starcadi, Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability (18.03.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород