Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:30 августа 2010 г.
Источник:
SecurityVulns ID:11100
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:PHPMYADMIN : phpMyAdmin 2.11
 PHPMYADMIN : phpMyAdmin 3.3
 TYPO3 : typo3 4.3
 BTNET : BugTracker.NET 3.4
 WEBMATIC : Webmatic 3.0
CVE:CVE-2010-3056 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.php, (4) js/messages.php, (5) libraries/common.lib.php, (6) libraries/database_interface.lib.php, (7) libraries/dbi/mysql.dbi.lib.php, (8) libraries/dbi/mysqli.dbi.lib.php, (9) libraries/db_info.inc.php, (10) libraries/sanitizing.lib.php, (11) libraries/sqlparser.lib.php, (12) server_databases.php, (13) server_privileges.php, (14) setup/config.php, (15) sql.php, (16) tbl_replace.php, and (17) tbl_sql.php.)
 CVE-2010-3055 (The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request.)
Оригинальный текстdocumentHigh-Tech Bridge Security Research, XSS vulnerability in CompuCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Webmatic (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Auto CMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Webmatic (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, Local File Inclusion in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in CompuCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in CompuCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in CompuCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in CompuCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSRF (CSRF) in Webmatic (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, File Content Disclosure in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in CompuCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in TCMS (30.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in CompuCMS (30.08.2010)
 documentMark van Tilburg, BugTracker.net 3.4.3 SQL Injection (30.08.2010)
 documentDEBIAN, [SECURITY] [DSA 2097-1] New phpmyadmin packages fix several vulnerabilities (30.08.2010)
 documentDEBIAN, [SECURITY] [DSA 2098-1] New typo3-src packages fix several vulnerabilities (30.08.2010)

Переполнение буфера в KDE okular
Опубликовано:30 августа 2010 г.
Источник:
SecurityVulns ID:11101
Тип:локальная
Уровень опасности:
5/10
Описание:Переполнение буфера динамической памяти при разборе файлов PDB.
Затронутые продукты:KDE : KDE 4.4
 KDE : KDE 4.2
CVE:CVE-2010-2575 (Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file.)
Оригинальный текстdocumentSECUNIA, Secunia Research: KDE Okular PDB Parsing RLE Decompression Buffer Overflow (30.08.2010)
 documentUBUNTU, [USN-979-1] okular vulnerability (30.08.2010)

Проблема с проверкой сертификатов во многих браузерах
Опубликовано:30 августа 2010 г.
Источник:
SecurityVulns ID:11102
Тип:m-i-t-m
Уровень опасности:
3/10
Описание:Разрешены маски в сертификатах по IP-адресам.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MOZILLA : Firefox 3.6
 NOKIA : QT 4.7
Оригинальный текстdocumentRichard Moore, wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness (30.08.2010)

Уязвимости безопасности в RealNetworks RealPlayer
Опубликовано:30 августа 2010 г.
Источник:
SecurityVulns ID:11103
Тип:клиент
Уровень опасности:
5/10
Описание:Повреждения памяти при разборе форматов FLV и IVR.
CVE:CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY or (2) HX_FLV_META_AMF_TYPE_ARRAY data in an FLV file.)
 CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on Windows allows remote attackers to execute arbitrary code via a malformed header in a RealMedia .IVR file.)
Оригинальный текстdocumentZDI, ZDI-10-167: RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities (30.08.2010)
 documentZDI, ZDI-10-166: RealNetworks RealPlayer Malformed IVR Object Index Code Execution Vulnerability (30.08.2010)

Обратный путь в каталогах TFTP-сервера Deepin
Опубликовано:30 августа 2010 г.
Источник:
SecurityVulns ID:11104
Тип:удаленная
Уровень опасности:
5/10
Описание:Обратный путь в каталогах при получении или сохранении файла.
Затронутые продукты:DEEPIN : Deepin TFTP Server 1.25
Оригинальный текстdocumenthuang_chaoyi_(at)_venustech.com.cn, Deepin TFTP Server Directory Traversal Vulnerability (30.08.2010)

DoS через BGP против Cisco IOS XR
Опубликовано:30 августа 2010 г.
Источник:
SecurityVulns ID:11106
Тип:удаленная
Уровень опасности:
5/10
Описание:При получении некорректного аттрибута префикса маршрутизатор может выдать некорректный анонс.
Затронутые продукты:CISCO : IOS XR 3.4
 CISCO : IOS XR 3.5
 CISCO : IOS XR 3.6
 CISCO : IOS XR 3.7
 CISCO : IOS XR 3.8
 CISCO : IOS XR 3.9
CVE:CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability (30.08.2010)

DoS против Cisco Unified Presence / Cisco Unified Communications Manager
дополнено с 30 августа 2010 г.
Опубликовано:27 сентября 2010 г.
Источник:
SecurityVulns ID:11105
Тип:удаленная
Уровень опасности:
5/10
Описание:Отказ при разборе сообщений SIP.
Затронутые продукты:CISCO : Unified Communications Manager 6.1
 CISCO : Unified Communications Manager 7.1
 CISCO : Unified Communications Manager 8.0
 CISCO : Unified Presence 6.0
 CISCO : Unified Presence 7.0
CVE:CVE-2010-2840 (The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629.)
 CVE-2010-2839 (SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474.)
 CVE-2010-2838 (The SendCombinedStatusInfo implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.0SU before 7.0(2a)SU3, 7.1 before 7.1(5), and 8.0 before 8.0(3) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REGISTER message, aka Bug ID CSCtf66305.)
 CVE-2010-2837 (The SIPStationInit implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.1SU before 6.1(5)SU1, 7.0SU before 7.0(2a)SU3, 7.1SU before 7.1(3b)SU2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtd17310.)
 CVE-2010-2835 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a SIP REFER request with an invalid Refer-To header, aka Bug IDs CSCta20040 and CSCta31358.)
 CVE-2010-2834 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities (27.09.2010)
 documentCISCO, Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities (30.08.2010)
 documentCISCO, Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities (30.08.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород