Информационная безопасность
[RU] switch to English


Многочисленные уязвимости в Mozilla Firefox, Thunderbird, Seamonkey (multiple bugs)
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7941
Тип:клиент
Уровень опасности:
8/10
Описание:Выполнение кода, повреждение памяти, подмена содержимого, межсайтовый скриптинг, DoS.
Затронутые продукты:MOZILLA : Firefox 2.0
 MOZILLA : Thunderbird 2.0
 XULRUNNER : xulrunner 1.8
 ICEWEASEL : iceweasel 2.0
CVE:CVE-2007-3738 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper.)
 CVE-2007-3737 (Mozilla Firefox before 2.0.0.5 allows remote attackers to execute arbitrary code with chrome privileges by calling an event handler from an unspecified "element outside of a document.")
 CVE-2007-3736 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed.)
 CVE-2007-3735 (Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.)
 CVE-2007-3734 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.)
 CVE-2007-3285 (Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extension, which causes Firefox to treat the requested file differently than Windows would.)
 CVE-2007-3089 (Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the "promiscuous IFRAME access bug," a related issue to CVE-2006-4568.)
Оригинальный текстdocumentMOZILLA, Mozilla Foundation Security Advisory 2007-25 (19.07.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-22 (19.07.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-21 (19.07.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-20 (19.07.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-19 (19.07.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-18 (19.07.2007)
 documentCERT, US-CERT Technical Cyber Security Alert TA07-199A -- Mozilla Updates for Multiple Vulnerabilities (19.07.2007)

Многочисленные уязвимости в голосовом сервере Asterisk (multiple bugs)
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7943
Тип:удаленная
Уровень опасности:
7/10
Описание:Переполнение буфера и DoS при разборе IAX2, DoS при разборе протоколов Skinny и STUN.
Затронутые продукты:ASTERISK : Asterisk 1.2
 DIGIUM : Asterisk 1.4
 ASTERISK : Asterisk s800i
CVE:CVE-2007-3765 (The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port.)
 CVE-2007-3764 (The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a certain data length value in a crafted packet, which results in an "overly large memcpy.")
 CVE-2007-3763 (The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable.)
 CVE-2007-3762 (Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame.)
Оригинальный текстdocumentASTERISK, ASA-2007-017: Remote Crash Vulnerability in STUN implementation (19.07.2007)
 documentASTERISK, ASA-2007-016: Remote crash vulnerability in Skinny channel driver (19.07.2007)
 documentASTERISK, ASA-2007-015: Remote Crash Vulnerability in IAX2 channel driver (19.07.2007)
 documentASTERISK, ASA-2007-014: Stack buffer overflow in IAX2 channel driver (19.07.2007)

Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
дополнено с 19 июля 2007 г.
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7944
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:SIMPLEMACHINES : Simple Machines Forum 1.0
 LEDGERSMB : LedgerSMB 1.2
 INSANELYSIMPLE : Insanely Simple Blog 0.5
 MAILMARSHAL : MailMarshal SMTP 6.2
 GEOBLOG : Geoblog 1
 DOKUWIKI : DokuWiki 2007-06-26
CVE:CVE-2007-3796 (The password reset feature in the Spam Quarantine HTTP interface for MailMarshal SMTP 6.2.0.x before 6.2.1 allows remote attackers to modify arbitrary account information via a UserId variable with a large amount of trailing whitespace followed by a malicious value, which triggers SQL buffer truncation due to length inconsistencies between variables.)
 CVE-2007-2231 (Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.)
Оригинальный текстdocumentCyrill Brunschwiler, DokuWiki suffers XSS (19.07.2007)
 documentjoseph.giron13_(at)_gmail.com, Geoblog v1 administrator bypass (19.07.2007)
 documentGary O'leary-Steele, [Full-disclosure] [Sec-1 Ltd] Advisory: MailMarshal Spam Quarantine Password Retrieval Vulnerability (19.07.2007)
 documentChris Travers, Security Advisory: Login bypass in LedgerSMB 1.2.0 through 1.2.6 (19.07.2007)
 documentChris Travers, Clarifications on LedgerSMB vulnerability with Bugtraq ID:24940 (19.07.2007)
 documentUBUNTU, [USN-487-1] Dovecot vulnerability (19.07.2007)
 documentjoseph.giron13_(at)_gmail.com, Insanely simple blog - Multiple vulnerabilities (19.07.2007)
 documentsirn0n_(at)_yahoo.com, LFI On SMF 1.1.3 (19.07.2007)
 documentMatthew Cook, ExLibris Aleph and Metalib Cross Site Scripting Attack (19.07.2007)

Подмена сертификатов TLS в curl (protection bypass)
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7945
Тип:библиотека
Уровень опасности:
5/10
Описание:При использовании метода проверки GnuTLS, не проверяется срок действия сертификата.
Затронутые продукты:CURL : curl 7.15
CVE:CVE-2007-3564 (libcurl 7.14.0 through 7.16.3, when built with GnuTLS support, does not check SSL/TLS certificate expiration or activation dates, which allows remote attackers to bypass certain access restrictions.)

Многочисленные уязвимости в антивирусе Trend Micro OfficeScan (multiple bugs)
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7946
Тип:удаленная
Уровень опасности:
7/10
Описание:Переполнение буфера при разборе сеансового куки, несанкционированный доступ к интерфейсу администрирования.
Затронутые продукты:TM : OfficeScan 7.3
 TM : Trend Micro Client Server Messaging Security 3.6
 TM : OfficeScan 8.0
CVE:CVE-2007-3455 (cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to bypass the password requirement and gain access to the Management Console via an empty hash and empty encrypted password string, related to "stored decrypted user logon information.")
 CVE-2007-3454 (Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI programs that use this library.)
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 07.16.07: Trend Micro OfficeScan Management Console Authorization Bypass Vulnerability (19.07.2007)
 documentIDEFENSE, iDefense Security Advisory 07.16.07: Trend Micro OfficeScan Session Cookie Buffer Overflow Vulnerability (19.07.2007)

DoS против TFTP в IBM Tivoli Provisioning Manager for OS Deployment
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7947
Тип:удаленная
Уровень опасности:
5/10
Описание:Деление на ноль при некорректном значении blksize.
Затронутые продукты:IBM : Tivoli Provisioning Manager for OS Deployment 5.1
CVE:CVE-2007-3268 (The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error.)
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 07.17.07: IBM Tivoli Provisioning Manager for OS Deployment TFTP Blocksize DoS Vulnerability (19.07.2007)

Многочисленные переполнения буфера в CA eTrust Integrated Threat Management (buffer overflow)
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7948
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение буфера в RPC-интерфейсе Alert Notification Server
Затронутые продукты:CA : eTrust Integrated Threat Management 8
CVE:CVE-2007-3825 (Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.)
Оригинальный текстdocumentCA, [CAID 35515]: CA Products Alert Service RPC Procedure Buffer Overflow Vulnerabilities (19.07.2007)
 documentIDEFENSE, iDefense Security Advisory 07.17.07: Computer Associates Alert Notification Server Multiple Buffer Overflow Vulnerabilities (19.07.2007)

DoS против Cisco Wide Area Application Services
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7949
Тип:удаленная
Уровень опасности:
5/10
Описание:SYN-флуд по портам TCP/139 и TCP/445 приводит к отказу устройства.
Затронутые продукты:CISCO : NM-WAE-502
 CISCO : WAE appliance
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Denial of Service Vulnerability in Cisco Wide Area Application Services (WAAS) Software (19.07.2007)

Переполнение буфера в Microsoft DirectX (buffer overflow)
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7951
Тип:библиотека
Уровень опасности:
5/10
Описание:Переполнение буфера при разборе сжатых изображений TGA.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : DirectX 9.0
 MICROSOFT : Windows Vista
CVE:CVE-2006-4183 (Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding (RLE) compression that produces more data than expected when decoding.)
Оригинальный текстdocumentReversemode, [Reversemode Advisory] Microsoft DirectX RLE Compressed Targa Image File Heap Overflow (19.07.2007)
 documentIDEFENSE, iDefense Security Advisory 07.18.07: Microsoft DirectX RLE Compressed Targa Image File Heap Overflow (19.07.2007)

Многочисленные уязвимости в Trillian (multiple bugs)
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7952
Тип:клиент
Уровень опасности:
6/10
Описание:Переполнение буфера и проблема шел-символов при разборе URL aim://
Оригинальный текстdocumentBilly Rios, [Full-disclosure] Cross Application Scripting (IE pwns Trillian, Trillian pwns YOU!) (19.07.2007)

Использвоание памяти после освобождения в Opera (use-after-free)
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7953
Тип:клиент
Уровень опасности:
6/10
Описание:Освобожденная область памяти продолжает использоваться при обработке протокола BitTorrent.
Затронутые продукты:OPERA : Opera 9.21
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 07.19.07: Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability (19.07.2007)

Многочисленные уязвимости в ядре Linux
дополнено с 19 июля 2007 г.
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7954
Тип:удаленная
Уровень опасности:
6/10
Описание:DoS через cluster manager, DoS через драйвер usblcd, DoS через IOCTL VFAT, DoS через SCTP netfilter, целочисленное переполнение в файловой системе cpuset, повреждение памяти в PPPoE,
Затронутые продукты:LINUX : kernel 2.6
CVE:CVE-2007-3513 (The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel before 2.6.22-rc7 does not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption).)
 CVE-2007-3380 (The Distributed Lock Manager (DLM) in the cluster manager for Linux kernel 2.6.15 allows remote attackers to cause a denial of service (loss of lock services) by connecting to the DLM port, which probably prevents other processes from accessing the service.)
 CVE-2007-2878 (The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run on a 64-bit system, allow local users to corrupt a kernel_dirent struct and cause a denial of service (system crash) via unknown vectors.)
 CVE-2007-2876 (The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.)
 CVE-2007-2875 (Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.)
 CVE-2007-2525 (Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.)
Оригинальный текстdocumentUBUNTU, [USN-489-1] Linux kernel vulnerabilities (19.07.2007)

Утечка информации в IBM Lotus Notes (information leak)
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7955
Тип:локальная
Уровень опасности:
3/10
Описание:Администратор может включить функцию отладки, при которой все пароли пользователей будут записываться в файл.
Оригинальный текстdocumentJuergen Schmidt, [Full-disclosure] heise Security: Password exposure in Lotus Notes (19.07.2007)

0day-уязвимость в Microsoft Internet Explorer
дополнено с 10 июля 2007 г.
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7904
Тип:клиент
Уровень опасности:
6/10
Описание:Нефильтруемые шел-символы при вызове приложения, отвечающего за поддержку протокола URL:.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
CVE:CVE-2007-3670 (Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a (1) FirefoxURL or (2) FirefoxHTML URI, which are inserted into the command line that is created when invoking firefox.exe. NOTE: it has been debated as to whether the issue is in Internet Explorer or Firefox. As of 20070711, it is CVE's opinion that IE appears to be failing to properly delimit the URL argument when invoking Firefox, and this issue could arise with other protocol handlers in IE as well. However, Mozilla has stated that it will address the issue with a "defense in depth" fix that will "prevent IE from sending Firefox malicious data.")
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 07.19.07: Multiple Vendor Multiple Product URI Handler Input Validation Vulnerability (19.07.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-23 (19.07.2007)
 documentThor Larholm, [Full-disclosure] Internet Explorer 0day exploit (10.07.2007)
Файлы: Internet Explorer 0day Exploit

Межсайтовый доступ к кэшу в Mozilla Firefox (crossite access)
дополнено с 10 июля 2007 г.
Опубликовано:19 июля 2007 г.
Источник:
SecurityVulns ID:7906
Тип:клиент
Уровень опасности:
7/10
Описание:URL wyciwyg:// в сочетании с перенаправлением через ответ 302 позволяет получить доступ к содержимому кэша некоторых страниц.
Затронутые продукты:MOZILLA : Firefox 2.0
 XULRUNNER : xulrunner 1.8
 ICEWEASEL : iceweasel 2.0
CVE:CVE-2007-3656 (Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs.)
Оригинальный текстdocumentMOZILLA, Mozilla Foundation Security Advisory 2007-24 (19.07.2007)
 documentMichal Zalewski, Firefox wyciwyg:// cache zone bypass (10.07.2007)

Многочисленные уязвимости в Oracle
дополнено с 19 июля 2007 г.
Опубликовано:24 июля 2007 г.
Источник:
SecurityVulns ID:7942
Тип:удаленная
Уровень опасности:
7/10
Описание:Очередной квартальный пакет обновлений: переполнение буфера в DBMS_DRS.GET_PROPERTY, переполнение буфера в MDSYS.MD, межсайтовый скриптинг, повышение привилегий.
Затронутые продукты:ORACLE : Oracle 9i
 ORACLE : Oracle 8i
 ORACLE : Oracle 10g
CVE:CVE-2007-3867 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and attack vectors, related to (1) APPS04, (2) APPS05, and (3) APPS06 in (a) Oracle Application Object Library, (4) APPS07 in Oracle Customer Intelligence, (5) APPS08 in Oracle Payments, (7) APPS10 in Oracle Human Resources, and (8) APPS11 in iRecruitment.)
 CVE-2007-3866 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 allow remote attackers to have an unknown impact via (a) Oracle Configurator (APPS02), (b) Oracle iExpenses (APPS03), (c) Oracle Application Object Library (APPS09), and (1) APPS12, (2) APPS13, and (3) APPS14 in (d) Oracle Payables.)
 CVE-2007-3865 (Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 12.0.1 has unknown impact and remote attack vectors, aka APPS01.)
 CVE-2007-3855 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to have an unknown impact via (1) SYS.DBMS_DRS in the DataGuard component (DB03), (2) SYS.DBMS_STANDARD in the PL/SQL component (DB10), (3) MDSYS.RTREE_IDX in the Spatial component (DB16), and (4) SQL Compiler (DB17). NOTE: a reliable researcher claims that DB17 is for using Views to perform unauthorized insert, update, or delete actions.)
 CVE-2007-0272 (Unspecified vulnerability in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and attack vectors related to the Oracle Spatial component and mdsys.md privileges, aka DB05. NOTE: Oracle has not disputed a reliable researcher report that claims this is for multiple buffer overflows and other issues in unspecified public procedures.)
 CVE-2007-0270 (Unspecified vulnerability in Oracle Database 9.2.0.7 and 10.1.0.4 has unknown impact and attack vectors related to the Data Guard and sys.dbms_drs privileges, aka DB03. NOTE: Oracle has not disputed a reliable researcher claim that this is a buffer overflow in the GET_PROPERTY function in SYS.DBMS_DRS, which can be exploited for arbitrary code execution or a denial of service.)
Оригинальный текстdocumentIntegrigy Security Alerts, Oracle E-Business Suite - Multiple Vulnerabilities (24.07.2007)
 documentCERT, US-CERT Technical Cyber Security Alert TA07-200A -- Oracle Releases Patches for Multiple Vulnerabilities (21.07.2007)
 documentSHATTER, Oracle Database Buffer overflow vulnerabilities in procedure DBMS_DRS.GET_PROPERTY (DB03) (19.07.2007)
 documentSHATTER, Oracle Database Buffer overflows and Denial of service vulnerabilities in public procedures of MDSYS.MD (DB12) (19.07.2007)
 documentKornbrust, Alexander, Oracle Security: SQL Injection in APEX CHECK_DB_PASSWORD (19.07.2007)
 documentKornbrust, Alexander, Oracle Security: SQL Injection in package DBMS_PRVTAQIS (19.07.2007)
 documentKornbrust, Alexander, Oracle Security: Insert / Update / Delete Data via Views (19.07.2007)
Файлы:Oracle 9i/10g - evil view exploit (CVE-2007-3855)

Переполнение буфера в IMAP-сервере IPSwitch IMAIL (buffer overflow)
дополнено с 19 июля 2007 г.
Опубликовано:25 июля 2007 г.
Источник:
SecurityVulns ID:7950
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера в команде SEARCH и SUBSCRIBE a так же в процессе авторизации.
Затронутые продукты:IPSWITCH : IMail 2006.2
CVE:CVE-2007-2795
Оригинальный текстdocumentZDI, ZDI-07-042: Ipswitch IMail Server GetIMailHostEntry Memory Corruption Vulnerability (25.07.2007)
 document3COM, ZDI-07-043: Ipswitch IMail IMAP Daemon SUBSCRIBE Stack Overflow Vulnerability (25.07.2007)
 documentIDEFENSE, iDefense Security Advisory 07.18.07: Ipswitch IMail Server 2006 IMAP Search Command Buffer Overflow Vulnerability (19.07.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород