Информационная безопасность
[RU] switch to English


Переполнение буфера в модуле controls ProFTPD
Опубликовано:19 февраля 2007 г.
Источник:
SecurityVulns ID:7261
Тип:локальная
Уровень опасности:
5/10
Описание:Переполнение буфера в модуле Controls.
Затронутые продукты:PROFTPD : ProFTPD 1.3
CVE:CVE-2006-6563 (Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.)
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2006-1127: ProFTPD Controls Buffer Overflow (19.02.2007)
Файлы:Exploits ProFTPD 1.3.0/1.3.0a Controls Buffer Overflow (2.6 kernel exploitation against gcc 4.x with canary)
 Exploits ProFTPD 1.3.0/1.3.0a Controls Buffer Overflow (2.4 kernel)
 ProFTPD 1.3.0/1.3.0a Controls Buffer Overflow

Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
дополнено с 19 февраля 2007 г.
Опубликовано:19 февраля 2007 г.
Источник:
SecurityVulns ID:7262
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:MEDIAWIKI : MediaWiki 1.9
 POWERSCHOOL : Powerschool 4.3
 PHPNUKE : Php-Nuke Module Emporium 2.3
 SGASTEBUCH : S-Gastebuch 1.5
 VSNEWSSYSTEM : VS-News-System 1.2
 VSLINKPARTNER : VS-Link-Partner 2.1
 XNEWS : Xpression News 1.0
 XLATUNES : XLAtunes 0.1
CVE:CVE-2007-1044 (Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder via a URI composed of the admin/ directory name and an arbitrary filename ending in ".js.")
 CVE-2007-1042 (Directory traversal vulnerability in news.php in Xpression News (X-News) 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)
 CVE-2007-1040 (Directory traversal vulnerability in archives.php in Xpression News (X-News) 1.0.1 allows remote attackers to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter.)
 CVE-2007-1034 (SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter.)
 CVE-2007-1026 (SQL injection vulnerability in view.php in XLAtunes 0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the album parameter in view mode. NOTE: some of these details are obtained from third party information.)
 CVE-2007-1025 (PHP remote file inclusion vulnerability in inc/functions_inc.php in VS-Link-Partner 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad, or possibly script_pfad, parameter.)
 CVE-2007-1018 (PHP remote file inclusion vulnerability in tpl/header.php in VirtualSystem VS-News-System 1.2.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)
 CVE-2007-1017 (PHP remote file inclusion vulnerability in show_news_inc.php in VirtualSystem VS-News-System 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter.)
 CVE-2007-1011 (PHP remote file inclusion vulnerability in functions_inc.php in VS-Gastebuch 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad parameter.)
Оригинальный текстdocumentx0rax, XLAtunes 0.1 (album) Remote SQL Injection Vulnerability (20.02.2007)
 documentgheetotank_(at)_hotmail.com, Powerschool 404 Admin Exposure (19.02.2007)
 documentBUGSEC, MediaWiki Cross-site Scripting (19.02.2007)
Файлы:Php-Nuke Module Emporium <= 2.3.0 Remote Blind SQL Injection Exploit
 S-Gastebuch <= V.1.5.3 (gb_pfad) Remote File Include Exploit
 VS-News-System <= V1.2.1 (newsordner) Remote File Include Exploit
 VS-Link-Partner <= 2.1 (script_pfad) Remote File Include Exploit
 Xpression News File Disclosure Exploit

DoS против Apple iTunes
Опубликовано:19 февраля 2007 г.
Источник:
SecurityVulns ID:7263
Тип:клиент
Уровень опасности:
4/10
Описание:Обращение по нулевому указателю при разборе XML.
Затронутые продукты:APPLE : iTunes 7.0
CVE:CVE-2007-1008 (Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted XML list of radio stations, which results in memory corruption. NOTE: iTunes retrieves the XML document from a static URL, which requires an attacker to perform DNS spoofing or man-in-the-middle attacks for exploitation.)
Оригинальный текстdocumentpoplix_(at)_papuasia.org, iTunes remote memory corruption vulnerability (19.02.2007)

DoS против библиотеки libevent
Опубликовано:19 февраля 2007 г.
Источник:
SecurityVulns ID:7264
Тип:библиотека
Уровень опасности:
5/10
Описание:Бесконечный цикл при разборе ответа DNS-сервера.
Затронутые продукты:LIBEVENT : libevent 1.2
CVE:CVE-2007-1030 (Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a denial of service (infinite loop) via a DNS response containing a label pointer that references its own offset.)
Оригинальный текстdocumentJon Oberheide, Remote DoS in libevent DNS parsing <= 1.2a (19.02.2007)

Переполнение буфера в VicFTPS (buffer overflow)
Опубликовано:19 февраля 2007 г.
Источник:
SecurityVulns ID:7265
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение буфера в команде CWD.
Затронутые продукты:VICFTPS : VicFTPS 5.0
CVE:CVE-2007-1014 (Stack-based buffer overflow in VicFTPS before 5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long CWD command.)
Файлы:VicFTPs Server CWD Remote Buffer Overflow Vulnerability DoS Proof of concept

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород