Информационная безопасность
[RU] switch to English


Ошибка форматной строки в XM Ease Personal FTP Server (format string)
Опубликовано:23 декабря 2006 г.
Источник:
SecurityVulns ID:6966
Тип:удаленная
Уровень опасности:
5/10
Описание:Ошибка форматной строки в названии FTP-команды.
Затронутые продукты:XMEASY : XM Easy Personal FTP Server 5.2
CVE:CVE-2007-1195 (Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might overlap CVE-2006-2225, CVE-2006-2226, or CVE-2006-5728.)
 CVE-2006-5728 (XM Easy Personal FTP Server 5.2.1 and earlier allows remote authenticated users to cause a denial of service via a long argument to the NLST command, possibly involving the -al flags.)
Файлы:XM Easy Personal FTP Server 5.2.1 format string Denial of Service

Многочисленные ошибки в Oracle (multiple bugs)
дополнено с 19 апреля 2005 г.
Опубликовано:23 декабря 2006 г.
Источник:
SecurityVulns ID:4707
Тип:удаленная
Уровень опасности:
8/10
Описание:SQL инъекции, DoS, модификация файлов, межсайтовый скриптинг, повышение привилегий, изменение параметров аудита. Передача пароля в открытом виде из JDeveloper в SQLPlus. Пароль JDeveloper хранится в открытом тексте в различных конфигурационных файлах формата XML. Пароль FormBuilder хранится в открытом тексте во временных файлах. Слабые разрешения на временные файлы. Перезапись и чтение любого файла в Oracle Reports. Выполнение любой команды через Oracle Forms и Oracle Reports. А также огромное количество других ошибок, многие из которых давно известны и до сих пор не исправлены, что позволяет говорить о нулевом уровне безопасности всех продуктов. Для обеспечения безопасности продуктов Oracle используйте разработки сторонних производителей.
Затронутые продукты:ORACLE : Oracle 9i
 ORACLE : Oracle E-Business Suite 11.0
 ORACLE : Oracle 10g
 ORACLE : JDeveloper 9.0
 SUN : SunMC 3.5
 ORACLE : Oracle E-Business Suite 11i
 ORACLE : APEX/HTMLDB 2.2
CVE:CVE-2005-4832 (SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197.)
 CVE-2005-1197 (SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure in Oracle Database Server 10g allows remote attackers to execute arbitrary SQL commands via the CHANGE_SET_NAME parameter.)
Оригинальный текстdocumentputosoft softputo, Oracle Applications/Portal 9i/10g Cross Site Scripting (23.12.2006)
 documentputosoft softputo, Oracle Portal 10g HTTP Response Splitting (20.12.2006)
 documentKornbrust, Alexander, Modify Data via Inline Views (26.10.2006)
 documentKornbrust, Alexander, Various Cross-Site-Scripting Vulnerabilities in Oracle Reports (26.10.2006)
 documentKornbrust, Alexander, Cross-Site-Scripting Vulnerabilitiy in Oracle APEX NOTIFICATION_MSG (26.10.2006)
 documentKornbrust, Alexander, Cross-Site-Scripting Vulnerability in Oracle APEX WWV_FLOW_ITEM_HELP (26.10.2006)
 documentKornbrust, Alexander, SQL Injection in Oracle package MDSYS.SDO_LRS (26.10.2006)
 documentKornbrust, Alexander, SQL Injection in package SYS.DBMS_CDC_IMPDP (26.10.2006)
 documentKornbrust, Alexander, SQL Injection in package XDB.DBMS_XDBZ0 (26.10.2006)
 documentKornbrust, Alexander, SQL Injection in package SYS.DBMS_SQLTUNE_INTERNAL (26.10.2006)
 documentputosoft softputo, Oracle 10g R2 and, probably, all previous versions (28.07.2006)
 documentKornbrust, Alexander, Bypassing Oracle dbms_assert (28.07.2006)
 documentKornbrust, Alexander, Oracle Database - SQL Injection in SYS.DBMS_UPGRADE [DB22] (24.07.2006)
 documentKornbrust, Alexander, Oracle Database - SQL Injection in SYS.DBMS_STATS [DB21] (24.07.2006)
 documentKornbrust, Alexander, Oracle Database - SQL Injection in SYS.DBMS_CDC_IMPDP [DB01] (24.07.2006)
 documentCERT, Oracle Database - SQL Injection in SYS.DBMS_CDC_IMPDP [DB01] (24.07.2006)
 documentCERT, US-CERT Technical Cyber Security Alert TA06-200A -- Oracle Products Contain Multiple Vulnerabilities (24.07.2006)
 documentKornbrust, Alexander, Oracle Database - SQL Injection in SYS.KUPW$WORKER [DB03] (24.07.2006)
 documentDavid Litchfield, [Full-disclosure] Recent Oracle exploit is _actually_ an 0day with no patch (26.04.2006)
 documentc c, [Full-disclosure] [Argeniss] Oracle Database 10gR1 Buffer overflow in VERIFY_LOG procedure (20.04.2006)
 documentCERT, US-CERT Technical Cyber Security Alert TA06-109A -- Oracle Products Contain Multiple Vulnerabilities (20.04.2006)
 documentKornbrust, Alexander, [Full-disclosure] SQL Injection in package SYS.DBMS_LOGMNR_SESSION (19.04.2006)
 documentNGSSoftware Insight Security Research, Multiple critical and high risk issues in Oracle's database server (19.04.2006)
 documentKornbrust, Alexander, [Full-disclosure] Oracle read-only user can insert/update/delete data via specially crafted views (10.04.2006)
 documentDavid Litchfield, More on the workaround for the unpatched Oracle PLSQL Gateway flaw (03.02.2006)
 documentDavid Litchfield, The History of the Oracle PLSQL Gateway Flaw (03.02.2006)
 documentc c, [VulnWatch] [Argeniss] Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMS_XMLSCHEMA{_INT} (27.01.2006)
 documentDavid Litchfield, Workaround for unpatched Oracle PLSQL Gateway flaw (26.01.2006)
 documentCERT, US-CERT Technical Cyber Security Alert TA06-018A -- Oracle Products Contain Multiple Vulnerabilities (19.01.2006)
 documentKornbrust, Alexander, [Full-disclosure] Oracle Database 10g Rel. 1 - SQL Injection in SYS.KUPV$FT (18.01.2006)
 documentKornbrust, Alexander, [Full-disclosure] Oracle Database 10g Rel. 1 - SQL Injection in SYS.KUPV$FT_INT (18.01.2006)
 documentKornbrust, Alexander, [Full-disclosure] Oracle Database 10g Rel. 2 - Event 10053 logs TDE wallet password in cleartext (18.01.2006)
 documentAmichai Shulman, [Full-disclosure] Oracle DBMS - Access Control Bypass in Login (18.01.2006)
 documentKornbrust, Alexander, [Full-disclosure] Oracle Reports - Read parts of files via desname (fixed after 874 days) (18.01.2006)
 documentKornbrust, Alexander, [Full-disclosure] Oracle Reports - Overwrite any application server file via desname (fixed after 889 days) (18.01.2006)
 documentKornbrust, Alexander, [Full-disclosure] Oracle Reports - Read parts of files via customize(fixed after 875 days) (18.01.2006)
 documentKornbrust, Alexander, [Full-disclosure] Oracle Database 10g Rel. 2- Transparent Data Encryption plaintext masterkey in SGA (18.01.2006)
 documentNGSSoftware Insight Security Research, Oracle DBMS_ASSERT and the October 2005 CPU (09.11.2005)
 documentNGSSoftware Insight Security Research, Oracle October 2005 CPU Problems (09.11.2005)
 documentsnsadv_(at)_lac.co.jp, [SNS Advisory No.84] Oracle Application Server HTTP Response Splitting Vulnerability (22.10.2005)
 documentoracle_secalert_(at)_hushmail.com, [Full-disclosure] Exploit Oracle DB27 - CPU Octobre (20.10.2005)
 documentSPI Labs, Oracle 10g - emagent.exe Stack-Based Overflow (20.10.2005)
 documentKornbrust, Alexander, [Full-disclosure] Oracle Workflow CSS Vulnerability wf_route (20.10.2005)
 documentKornbrust, Alexander, [Full-disclosure] Oracle Workflow CSS Vulnerability wf_monitor (20.10.2005)
 documentKornbrust, Alexander, [Full-disclosure] Oracle Workflow CSS Vulnerability wf_monitor (20.10.2005)
 documentCERT, US-CERT Technical Cyber Security Alert TA05-292A -- Oracle Products Contain Multiple Vulnerabilities (20.10.2005)
 documentDavid Litchfield, Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers (07.10.2005)
 documentKornbrust, Alexander, [Full-disclosure] Cross-Site-Scripting Vulnerability in Oracle XMLDB (07.10.2005)
 documentKornbrust, Alexander, [Full-disclosure] Shutdown TNS Listener via Oracle iSQL*Plus (07.10.2005)
 documentKornbrust, Alexander, [Full-disclosure] Shutdown TNS Listener via Oracle Forms Servlet (07.10.2005)
 documentKornbrust, Alexander, [Full-disclosure] Plaintext Password Vulnerabilitiy during Installation of Oracle HTMLDB (07.10.2005)
 documentKornbrust, Alexander, [Full-disclosure] Cross-Site-Scripting Vulnerabilities in Oracle HTMLDB (07.10.2005)
 documentKornbrust, Alexander, [Full-disclosure] Cross-Site-Scripting Vulnerability in Oracle iSQL*Plus (07.10.2005)
 documentc c, [VulnWatch] [Full-disclosure] [Argeniss] Oracle 9R2 Unpatched vulnerability on CWM2_OLAP_AW_AWUTIL package (27.07.2005)
 documentc c, [Full-disclosure] [Argeniss] Oracle 9R2 Unpatched vulnerability on CWM2_OLAP_AW_AWUTIL package (23.07.2005)
 documentSECUNIA, [SA16121] Sun Management Center Oracle Listener Vulnerabilities (19.07.2005)
 documentKornbrust, Alexander, Various Cross-Site-Scripting Vulnerabilities in Oracle Reports (19.07.2005)
 documentKornbrust, Alexander, Read parts of any XML-file via customize parameter in Oracle Reports (19.07.2005)
 documentKornbrust, Alexander, Read parts of any file via desformat in Oracle Reports (19.07.2005)
 documentKornbrust, Alexander, Run any OS Command via unauthorized Oracle Reports (19.07.2005)
 documentKornbrust, Alexander, Run any OS Command via unauthorized Oracle Forms (19.07.2005)
 documentKornbrust, Alexander, Overwrite any file via desname in Oracle Reports (19.07.2005)
 documentKornbrust, Alexander, [Full-disclosure] Silently fixed security bugs in Oracle Critical Patch Update July 2005 (15.07.2005)
 documentCERT, US-CERT Technical Cyber Security Alert TA05-194A -- Oracle Products Contain Multiple Vulnerabilities (14.07.2005)
 documentKornbrust, Alexander, Oracle Forms Insecure Temporary File Handling (13.07.2005)
 documentKornbrust, Alexander, Oracle Forms Builder Password in Temp Files (13.07.2005)
 documentKornbrust, Alexander, Oracle JDeveloper Plaintext Passwords (13.07.2005)
 documentKornbrust, Alexander, Name Oracle JDeveloper passes Plaintext Password (13.07.2005)
 documentDavid Litchfield, Problems with the Oracle Critical Patch Update for April 2005 (07.07.2005)
 documentKornbrust, Alexander, Oracle 10g Exploit dbms_scheduler SESSION_USER issue (03.05.2005)
 documentKornbrust, Alexander, Oracle Fine Grained Auditing Issue in Oracle 9i / 10g (03.05.2005)
 documentKornbrust, Alexander, Webcache Client Requests bypasses OHS mod_access restrictions (28.04.2005)
 documentKornbrust, Alexander, Append file in Oracle Webcache 9i (28.04.2005)
 documentKornbrust, Alexander, Cross Site Scripting in Oracle Webcache 9i (28.04.2005)
 documentCERT, US-CERT Technical Cyber Security Alert TA05-117A -- Oracle Products Contain Multiple Vulnerabilities (28.04.2005)
 documentSECURITEAM, [EXPL] Multiple Exploit Codes for Oracle (interMedia, DBMS_CDC_SUBSCRIBE, DBMS_CDC_ISUBSCRIBE and DBMS_METADATA) (21.04.2005)
 documentSHATTER, [AppSecInc Team SHATTER Security Advisory] SQL Injection in ALTER_MANUALLOG_CHANGE_SOURCE procedure (19.04.2005)
 documentSHATTER, [AppSecInc Team SHATTER Security Advisory] Multiple SQL Injection vulnerabilities in DBMS_METADATA package (19.04.2005)
 documentSHATTER, [AppSecInc Team SHATTER Security Advisory] Denial of Service in Oracle interMedia (19.04.2005)
 documentSHATTER, [AppSecInc Team SHATTER Security Advisory] SQL Injection in CREATE_SCN_CHANGE_SET procedure (19.04.2005)
 documentSHATTER, [AppSecInc Team SHATTER Security Advisory] Multiple SQL Injection vulnerabilities in DBMS_CDC_SUBSCRIBE and DBMS_CDC_ISUBSCRIBE packages (19.04.2005)
Файлы:Oracle 9i HTTP XDB service stack overflow exploit
 exploit for Oracle 10g 10.2.0.2.0
 Exploits command exec via oracle extproc
 file system access suite for oracle

Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:23 декабря 2006 г.
Источник:
SecurityVulns ID:6965
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:IXPRIMCMS : Ixprim CMS 1.2
 KISGB : Keep It Simple Guest Book 5.0
 XTNEWS : Xt-News 0.1
 ETERNALMART : EternalMart Guestbook 1.1
 OPENNEWSLETTER : Open Newsletter 2.5
Оригинальный текстdocumentbilkopat_(at)_hotmail.com, EternalMart Guestbook 1.1.0 [emgb_admin_path] Remote File Include (23.12.2006)
 documentbilkopat_(at)_hotmail.com, KISGB (Keep It Simple Guest Book)* [default_path_for_themes] Remote File Include (23.12.2006)
 documentMr_KaLiMaN, Xt-News 0.1 : SQL Injection Vulnerability & XSS (23.12.2006)
 documentzeus olimpusklan, Multiple Remote Vulnerabilities in KISGB (23.12.2006)
Файлы:Ixprim 1.2 Remote Blind SQL Injection Exploit
 Exploits Open Newsletter <= 2.* Muliple Vulnerabilities

ОБратный путь в каталогах Web-Сервера Http Explorer (directory traversal)
Опубликовано:23 декабря 2006 г.
Источник:
SecurityVulns ID:6967
Тип:удаленная
Уровень опасности:
5/10
Описание:Классический обратный путь в каталогах через ../
Затронутые продукты:HTTPEXPLORER : Http Explorer 1.02
Файлы:Exploits Http explorer Web Server 1.02 Directory Transversal Vulnerability

Многочисленные переполнения буфера в IMAP-Сервере Novell Netmail (buffer overflow)
дополнено с 23 декабря 2006 г.
Опубликовано:25 декабря 2006 г.
Источник:
SecurityVulns ID:6968
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнения буфера в командах STOR, APPEND И при разборе литералов.
Затронутые продукты:NOVELL : NetMail 3.52
Оригинальный текстdocumentIDEFENSE, [Full-disclosure] iDefense Security Advisory 12.23.06: Novell Netmail IMAP append Denial of Service Vulnerability (25.12.2006)
 documentIDEFENSE, [Full-disclosure] iDefense Security Advisory 12.23.06: Novell NetMail IMAPD subscribe Buffer Overflow Vulnerability (25.12.2006)
 documentZDI, [Full-disclosure] ZDI-06-053: Novell NetMail IMAP Verb Literal Heap Overflow Vulnerability (23.12.2006)
 documentZDI, [Full-disclosure] ZDI-06-054: Novell NetMail IMAP APPEND Buffer Overflow Vulnerability (23.12.2006)
 documentZDI, [Full-disclosure] ZDI-06-052: Novell NetMail NMAP STOR Buffer Overflow Vulnerability (23.12.2006)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород