Dans la PresseSecuriteamWelcome to the SecuriTeam RSS Feed - sponsored by Beyond Security. Know Your Vulnerabilities! Visit BeyondSecurity.com for your web site, network and code security audit and scanning needs.
It has been brought to our attention that a number of security vulnerabilities have been noted in SQL-Ledger. Several of these affect earlier versions of LedgerSMB, and three hotfixes have been released for problems that continue to affect the LedgerSMB codebase. Insecure permissions have been detected in the multiple Kaspersky Lab antivirus products. Piwik unserializes() user input which allows an attacker to send a carefully crafted cookie that when unserialized utilizes Piwik's classes to upload arbitrary files or execute arbitrary PHP code. Invision Power Board has a PHP file inclusion vulnerability that is trivial to exploit with a web browser and a known location of a php file residing on the target system. Authorisation is not required. The SQL injection vulnerability is somewhat tricky to exploit as there are quite a few restrictions that make creating a successful sql attack vector difficult. Nevertheless a crafty attacker might issue a series of requests that might allow him to gain some information about the target system or even read files from the disk depending on permissions granted to the db account that is used by the forum. The U.S. Defense Information Systems Agency (DISA) publishes Security Readiness Review scripts (SRRs) to ensure systems and software meet security baselines required by the Department of Defense. Unprivileged local users can obtain root access on Unix systems where the DISA SRR scripts are run. Milw0rmmilw0rm.com's latest exploit rss feed
|
Kaspersky Anti-Virus 2010 <= 9.0.0.463 pointer dereference vulnerability
Program : Kaspersky Anti-Virus 2010 9.0.0.463 Homepage : http://www.kaspersky.com Discovery : 2009/09/29 Author Contacted : 2009/10/01 Patch Updated : 2009/11/16 Found by : Heurs This Advisory : Heurs Contact : s.leberre@sysdream.com GMER =< 1.0.15.15087 pointer dereference vulnerability
//----- Advisory Program : GMER 1.0.15.15087 Homepage : http://www.gmer.net Discovery : 2009/07/28 Author Contacted : 2009/09/28 Author Response : 2009/09/28 Patch Updated : 2009/10/05 Found by : Heurs This Advisory : Heurs Contact : s.leberre@sysdream.com Local Privilege Escalation in Avast!
//----- Advisory Program : avast! 4.8.1335 Professionnel Homepage : http://www.avast.com Discovery : 2009/07/29 Author Contacted : 2009/07/31 Found by : Heurs This Advisory : Heurs Contact : heurs@ghostsinthstack.org, s.leberre@sysdream.com Phorum : Permanent Cross-Site Scripting Vulnerabilities
//----- Advisory Program : Phorum 5.2.11 Homepage : http://www.phorum.org/ Discovery : 2009/07/16 Author Contacted : 2009/07/17 Found by : crashfr at sysdream dot com This Advisory : crashfr at sysdream dot com NPDS: Serveral Vulnerabilities
//----- Advisory Software : NPDS Homepage : http://www.npds.org/ Tested version : < 08.06 Found by : Jean-François LECLERC This advisory : nosp at sysdream dot com Discovery date : 2008/04/24 Vendor notified : 2008/04/25 Linksys IP Phone SPA942: Denial Of Service
//----- Advisory Hardware : Linksys IP Phone SPA942 Homepage : http://www.linksys.com/ Tested version : 5.1.5 Found by : crashfr at sysdream dot com This advisory : crashfr at sysdream dot com Discovery date : 2007/03/19 Vendor notified : 2007/03/20 GNU gv : Stack Overflow Vulnerability
//----- Advisory Program : GNU gv Homepage : http://www.gnu.org/software/gv/ Tested version : 3.6.2 Found by : r.lifchitz at sysdream dot com This advisory : r.lifchitz at sysdream dot com Discovery date : 2006/11/06 Vendor notified : 2006/11/09 Symantec corporate antivirus: escalation privilege vulnerability
//----- Advisory Program : Symantec Corporate Antivirus - 10.1 Homepage : http://www.symantec.com/ Discovery : 2006/07/11 Author Contacted : 2006/07/18 Found by : ali at sysdream dot com This Advisory : ali at sysdream dot com Stonevoice Application Suite v 2.2 : Several vulnerabilities
//----- Advisory Program : Stonevoice Application Suite - Ver. 2.2 (build #9) Homepage : http://www.stonevoice.com/ Discovery : 2006/06/17 Author Contacted : 2006/07/17 Found by : crashfr at sysdream dot com This Advisory : ali at sysdream dot com Camino Browser : Denial Of Service
//----- Advisory Program : Camino Browser Homepage : http://www.caminobrowser.org Tested version : <= 1.0 Found by : Simon MOREL philemon at sysdream dot com This advisory : Simon MOREL philemon at sysdream dot com Discovery date : 2006/04/13 |
Advisories Sécurité Informatique
Presse Sécurité Informatique
US-CERTNational Vulnerability DatabaseThis feed contains the most recent fully analyzed CVE cyber vulnerabilities published within the National Vulnerability Database.
The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT command. Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors. Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors. Cross-site scripting (XSS) vulnerability in WebEditor/Authentication/LoginPage.aspx in IBM ENOVIA SmarTeam 5 allows remote attackers to inject arbitrary web script or HTML via the errMsg parameter. Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010. The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document. Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability." Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability." Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Office SharePoint Server 2007 SP1 and SP2 do not validate ZIP headers during decompression of Open XML (.XLSX) documents, which allows remote attackers to execute arbitrary code via a crafted document that triggers access to uninitialized memory locations, aka "Microso... Microsoft Office Excel 2007 SP1 and SP2 and Office 2004 for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Microsoft Office Excel FNGROUPNAME Record Uninitialized Memory Vulnerability." |
| 2008 - 2009 © Sysdream - N° d'agrément 11930594993 - Mentions Légales - CGV | Accueil | Produits & Services | Presse | Contact |