NNOV Vulnerabilities
securityvulns.com vulnerabilities newsline
Updated: 5 hours 52 min ago
Microsoft Windows code execution
It's possible toexecute code without authentication with RPC request UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188 to browser service via SERVER (LanmanServer) service, TCP/139, TCP/445.
Reccomendation is to disable browser service. Applications: Windows 2000 Server, Windows 2000 Professional, Windows XP, Windows 2003 Server, Windows Vista, Windows 2008 Server (24.10.2008)
Categories: Recent Vulnerabilities
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
CNCat: crossite scripting via description field. Applications: Smarty 2.6, CNCat 4.1, MySQL Quick Admin (24.10.2008)
Categories: Recent Vulnerabilities
Asterisk DoS
Resources exhaustion on IAX request parsing. (24.10.2008)
Categories: Recent Vulnerabilities
Google Chrome, Mozilla Firefox, Opera, Internet Explorer browsers DoS, updated since 30.09.2008
Calling window.print() function in loop causes browser to hang. Uncontrollable memory allocation. Script can close window without user approval. Applications: Windows 2000 Server, Windows 2000 Professional, Windows XP, Windows 2003 Server, Windows Vista, Windows 2008 Server, Firefox 3.0, Chrome 0.2, Opera 9.52 (24.10.2008)
Categories: Recent Vulnerabilities
Symantec Veritas Storage Foundation unauthorized access
qioadmin utility allows local files read access. Applications: Veritas Storage Foundation 5.0 (23.10.2008)
Categories: Recent Vulnerabilities
Cisco PIX / ASA multiple security vulnerabilities
Windows NT domain authentication bypass, IPv6 DoS, DoS because of memory leak in crypto accelerator Applications: PIX 7.0, PIX 7.1, PIX 7.2, PIX 8.0, PIX 8.1 (23.10.2008)
Categories: Recent Vulnerabilities
Microsoft Internet Explorer multiple security vulnerabilities, updated since 14.10.2008
Memory corruptions, information hijack, crossite scripting. Applications: Windows 2000 Server, Windows 2000 Professional, Windows XP, Windows 2003 Server, Windows Vista, Windows 2008 Server (21.10.2008)
Categories: Recent Vulnerabilities