Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:23 апреля 2012 г.
Источник:
SecurityVulns ID:12336
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:NETJUKE : Netjuke 1.0
 XOOPS : XOOPS 2.5
 WORDPRESS : Register Plus Redux 3.7
 TYPO3 : typo3 4.5
 BUGZILLA : Bugzilla 4.2
 WORDPRESS : WordPress 3.3
 KASSEYA : Kaseya 6.2
 LIFERAY : Liferay 6.0
 LIFERAY : Liferay 6.1
 NEWSCOOP : Newscoop 3.5
 OWNCLOUD : ownCloud 3.0
 DOKUWIKI : DokuWiki 20120125
 SICHESEARCH : Siche search 0.5
 APACHE : OFBiz 10.04
 JIVESOFTWARE : Fastpath WebChat 4.0
 ACCSCRIPTS : ACC PHP eMail 1.1
 DHTMLXSUITE : DHTMLX Suite 3.0
 WORDPRESS : Organizer 1.2
 WORDPRESS : Register Plus Redux 3.8
 T3 : T3 DB Tools 1.6
 SEDITIO : sfquickban 1.0
 SEDITIO : Seditio 170
 INVISION : Invision Power Board 3.3
 WORDPRESS : All-in-One Event Calendar 1.4
 EPESIBIM : epesiBIM CRM 1.2
 MATTERDADDY : Matterdaddy Market 1.1
 APACHE : Cloudera 1.0
 WORDPRESS : Uploadify Integration 0.9
 IDEVSPOT : idev Game Site CMS 1.0
 OSCMAX : osCmax Shop CMS 2.5
 CSFORUM : CsForum 0.8
 PHPMYBIBLE : phpMyBible 0.5
 HAVALITE : Havalite CMS 1.0
 EXPONENTCMS : ExponentCMS 2.0
CVE:CVE-2012-2270 (Open redirect vulnerability in index.php (aka the Login Page) in ownCloud before 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.)
 CVE-2012-2269 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary field to apps/contacts/ajax/addcard.php, (2) the parameter parameter to apps/contacts/ajax/addproperty.php, (3) the name parameter to apps/contacts/ajax/createaddressbook, (4) the file parameter to files/download.php, or the (5) name, (6) user, or (7) redirect_url parameter to files/index.php.)
 CVE-2012-2226
 CVE-2012-2112 (Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote attackers to inject arbitrary web script or HTML via exception messages.)
 CVE-2012-1935 (Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4.x before 4 RC4 allow remote attackers to inject arbitrary web script or HTML via the (1) Back parameter to admin/ad.php, or the (2) token or (3) f_email parameter to admin/password_check_token.php.)
 CVE-2012-1934 (SQL injection vulnerability in admin/country/edit.php in Newscoop before 3.5.5 and 4.x before 4 RC4 allows remote attackers to execute arbitrary SQL commands via the f_country_code parameter.)
 CVE-2012-1933 (Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4 before RC4, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[g_campsiteDir] parameter to (1) include/phorum_load.php, (2) conf/install_conf.php, or (3) conf/liveuser_configuration.php.)
 CVE-2012-1835 (Multiple cross-site scripting (XSS) vulnerabilities in the All-in-One Event Calendar plugin 1.4 and 1.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to app/view/agenda-widget-form.php; (2) args, (3) title, (4) before_title, or (5) after_title parameter to app/view/agenda-widget.php; (6) button_value parameter to app/view/box_publish_button.php; or (7) msg parameter to /app/view/save_successful.php.)
 CVE-2012-1622
 CVE-2012-1621 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.02 allow remote attackers to inject arbitrary web script or HTML via (1) a parameter array in freemarker templates, the (2) contentId or (3) mapKey parameter in a cms event request, which are not properly handled in an error message, or unspecified input in (4) an ajax request to the getServerError function in checkoutProcess.js or (5) a Webslinger component request. NOTE: some of these details are obtained from third party information.)
 CVE-2012-1574 (The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.)
 CVE-2012-0984 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) to_userid parameter to modules/pm/pmlite.php or the (2) current_file, (3) imgcat_id, or (4) target parameter to class/xoopseditor/tinymce/tinymce/jscripts/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php.)
 CVE-2012-0465 (Bugzilla 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1, when the inbound_proxies option is enabled, does not properly validate the X-Forwarded-For HTTP header, which allows remote attackers to bypass the lockout policy via a series of authentication requests with (1) different IP address strings in this header or (2) a long string in this header.)
Оригинальный текстdocumentNetsparker Advisories, XSS and Blind SQL Injection Vulnerabilities in ExponentCMS (23.04.2012)
 documentVulnerability Lab, Chengdu Bureau of Commerce - SQL Injection Vulnerability (23.04.2012)
 documentVulnerability Lab, Havalite CMS v1.0.4 - Multiple Web Vulnerabilities (23.04.2012)
 documentVulnerability Lab, IPhone TreasonSMS - HTML Inject & File Include Vulnerability (23.04.2012)
 documentThomas Richards, phpMyBible 0.5.1 Mutiple XSS (23.04.2012)
 documentDEBIAN, [SECURITY] [DSA 2455-1] typo3-src security update (23.04.2012)
 documentVulnerability Lab, idev Game Site CMS v1.0 - Multiple Web Vulnerabilites (23.04.2012)
 documentVulnerability Lab, osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities (23.04.2012)
 documentVulnerability Lab, CsForum v0.8 - Cross Site Scripting Vulnerability (23.04.2012)
 documentMichal Blaszczak, CitrusDB 2.4.1 - LFI/SQLi Vulnerability (23.04.2012)
 documentJanek Vind, [waraxe-2012-SA#085] - Reflected XSS in Uploadify Integration Wordpress plugin (23.04.2012)
 documentJanek Vind, [waraxe-2012-SA#084] - Multiple Vulnerabilities in OpenCart 1.5.2.1 (23.04.2012)
 documentAaron T. Myers, [CVE-2012-1574] Apache Hadoop user impersonation vulnerability (23.04.2012)
 documentCrAzY_CrAcKeR_(at)_phx1-ss-2-lb.cnet.com, PHPNuke Module's Name Download SQL Injection Vulnerabilities (23.04.2012)
 documentVulnerability Lab, Matterdaddy Market v1.1 - SQL Injection Vulnerabilities (23.04.2012)
 documentVulnerability Lab, GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities (23.04.2012)
 documentHigh-Tech Bridge Security Research, Multiple XSS vulnerabilities in All-in-One Event Calendar Plugin for WordPress (23.04.2012)
 documentCrAzY_CrAcKeR_(at)_phx1-ss-2-lb.cnet.com, online newspaper university"newsdesc.php" SQL Injection Vulnerabilities (23.04.2012)
 documentJanek Vind, [waraxe-2012-SA#086] - Local File Inclusion in Invision Power Board 3.3.0 (23.04.2012)
 documentchin4b0y, t3_dbtools_seditio_plugin_CSRF (23.04.2012)
 documentchin4b0y, seditio_PmOS_plugin_XSS_vuln (23.04.2012)
 documentchin4b0y, sfquickban_plugin_CSRF (23.04.2012)
 documentchin4b0y, seditio-build170.20120302_sql_injection_CSRF_info_disclosure_XSS.txt (23.04.2012)
 documentMustLive, New XSS vulnerabilities in Register Plus Redux for WordPress (23.04.2012)
 documentMustLive, DoS vulnerability in WordPress (23.04.2012)
 documentMustLive, XSS and FPD vulnerabilities in Organizer for WordPress (23.04.2012)
 documentVulnerability Lab, DHTMLX Suite v.3.0 - Multiple Web Vulnerabilities (23.04.2012)
 documentVulnerability Lab, Netjuke 1.0 RC1 - SQL Injection Vulnerabilities (23.04.2012)
 documentVulnerability Lab, ACC PHP eMail v1.1 - Multiple Web Vulnerabilites (23.04.2012)
 documentYGN Ethical Hacker Group, FastPath Webchat | Multiple Cross Site Scripting Vulnerabilities (23.04.2012)
 documentAPACHE, [CVE-2012-1622] Apache OFBiz information disclosure vulnerability (23.04.2012)
 documentAPACHE, [CVE-2012-1621] Apache OFBiz information disclosure vulnerability (23.04.2012)
 documentVulnerability Lab, Siche Search v.0.5 Zerboard - Multiple Web Vulnerabilities (23.04.2012)
 documentCrAzY_CrAcKeR_(at)_phx1-ss-2-lb.cnet.com, Total Quality Machines (productdetail.php) SQL Injection Vulnerabilities (23.04.2012)
 documentYGN Ethical Hacker Group, Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities (23.04.2012)
 documentYGN Ethical Hacker Group, Acuity CMS 2.6.x <= Cross Site Scripting (23.04.2012)
 documentirancrash_(at)_gmail.com, DokuWiki Ver.2012/01/25 CSRF Add User Exploit (23.04.2012)
 documentTobias Glemser, TC-SA-2012-01: Multiple web-vulnerabilities in ownCloud 3.0.0 (23.04.2012)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in Newscoop (23.04.2012)
 documentHigh-Tech Bridge Security Research, Multiple XSS vulnerabilities in XOOPS (23.04.2012)
 documentLpSolit_(at)_gmail.com, Security advisory for Bugzilla 4.2.1, 4.0.6 and 3.6.9 (23.04.2012)
 documentJelmer Kuperus, Specially crafted Json service request allows full control over a Liferay portal instance (23.04.2012)
 documentJelmer Kuperus, Liferay 6.1 can be compromised in its default configuration (23.04.2012)
 documentJelmer Kuperus, Specially crafted webdav request allows reading of local files on liferay 6.0.x (23.04.2012)
 documentbede_(at)_foofus.net, XSS in Kaseya version 6.2.0.0 web interface (23.04.2012)

Уязвимости безопасности в EMC Data Protection Advisor
Опубликовано:23 апреля 2012 г.
Источник:
SecurityVulns ID:12337
Тип:удаленная
Уровень опасности:
5/10
Описание:Целочисленное переполнение, обращение по нулевому указателю.
Затронутые продукты:EMC : EMC Data Protection Advisor 5.8
CVE:CVE-2012-0407 (Integer overflow in the DPA_Utilities library in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (infinite loop) via a negative 64-bit value in a certain size field.)
 CVE-2012-0406 (The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an AUTHENTICATECONNECTION command that (1) lacks a password field or (2) has an empty password.)
Оригинальный текстdocumentEMC, ESA-2012-018: EMC Data Protection Advisor Multiple Vulnerabilities (23.04.2012)

Уязвимости безопасности в Cyberoam Unified Threat Management
дополнено с 26 марта 2012 г.
Опубликовано:23 апреля 2012 г.
Источник:
SecurityVulns ID:12290
Тип:удаленная
Уровень опасности:
5/10
Описание:Выполнение команд, утечка данных.
Затронутые продукты:CYBEROAM : Cyberoam CR50ia
 CYBEROAM : Cyberoam vCR300i
Оригинальный текстdocumentVulnerability Lab, Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities (23.04.2012)
 documentSaurabh Harit, Cyberoam Unified Threat Management: OS Command Execution (26.03.2012)
 documentSaurabh Harit, Cyberoam Unified Threat Management: Insecure Password Handling (26.03.2012)

Многочисленные уязвимости безопасности в Microsoft Windows
дополнено с 11 апреля 2012 г.
Опубликовано:23 апреля 2012 г.
Источник:
SecurityVulns ID:12320
Тип:библиотека
Уровень опасности:
7/10
Описание:Проблемы с проверкой цифровой подписи WinVerifyTrust, выполнение кода в .Net, выполнение кода в MSCOMCTL.OCX
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2012-0163 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka ".NET Framework Parameter Validation Vulnerability.")
 CVE-2012-0158 (The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0 Runtime allow remote attackers to execute arbitrary code via a crafted (a) web site, (b) Office document, or (c) .rtf file that triggers "system state" corruption, as exploited in the wild in April 2012, aka "MSCOMCTL.OCX RCE Vulnerability.")
 CVE-2012-0151 (The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability.")
Оригинальный текстdocumentAkita Software Security, .NET Framework EncoderParameter integer overflow vulnerability (23.04.2012)
Файлы:Microsoft Security Bulletin MS12-024 - Critical Vulnerability in Windows Could Allow Remote Code Execution (2653956)
 Microsoft Security Bulletin MS12-025 - Critical Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
 Microsoft Security Bulletin MS12-027 - Critical Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород