Posted by MustLive on Sep 02

Hello Bugtraq!

I want to warn you about SQL Injection and Redirector (URL Redirector Abuse)
vulnerabilities in CMS WebManager-Pro (SecurityVulns ID:11108). It's
Ukrainian commercial CMS.

SQL Injection:

http://site/c.php?id=1%20and%20version()=5

Redirector:

http://site/c.php?id=1&url=http://websecurity.com.ua

Affected products: both systems CMS WebManager-Pro from two developers.
Vulnerable are versions CMS WebManager-Pro up to 8.1...

Posted by Francis Provencher on Sep 02

#####################################################################################

Application: Novell Netware OpenSSH Remote Stack Overflow

Platforms: Netware 6.5

Exploitation: Remote code execution

CVE Number:

Novell TID: 7006756

ZeroDayInitiative: ZDI-10-169

Author: Francis Provencher (Protek Research Lab's)

Blog: http://www.protekresearchlab.com/...

Posted by YGN Ethical Hacker Group on Sep 02

1. OVERVIEW

The Moovida Media Player application is vulnerable to Insecure DLL
Hijacking Vulnerability. Similar terms that describe this
vulnerability
have been come up with Remote Binary Planting, Unsafe Library Loading,
and Insecure DLL Loading/Injection/Hijacking/Preloading.

2. PRODUCT DESCRIPTION

Moovida Media Player is a free and open source media center that
allows you to enjoy all of your music, video and pictures
in an awsome...

Posted by security on Sep 02

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:168
http://www.mandriva.com/security/
_______________________________________________________________________

Package : openssl
Date : September 1, 2010
Affected: 2010.1
_______________________________________________________________________

Problem Description:

A vulnerability has been found...

Posted by security on Sep 02

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:169
http://www.mandriva.com/security/
_______________________________________________________________________

Package : mozilla-thunderbird
Date : September 2, 2010
Affected: 2008.0, 2009.0, 2010.0, 2010.1
_______________________________________________________________________

Problem...

Posted by Marc Deslauriers on Sep 02

===========================================================
Ubuntu Security Notice USN-982-1 September 02, 2010
wget vulnerability
CVE-2010-2252
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 9.04
Ubuntu 9.10
Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem...

Posted by advisory on Sep 01

Vulnerability ID: HTB22588
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_artgk_cms_1.html
Product: ArtGK CMS
Vendor: ArtGK ( http://artgk-cms.ru/ )
Vulnerable Version: 2009-08-28 16:00:00 and Probably Prior Versions
Vendor Notification: 18 August 2010
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking &...

Posted by ACROS Lists on Sep 01

ACROS Security has made the Online Binary Planting Exposure Test publicly accessible
for the benefit of all Windows users. This test should make it easy for users and
administrators to assess their exposure to binary planting attacks originating from
the Internet.

URL: http://www.binaryplanting.com/test.htm

Note that this test is NOT meant to answer whether you're vulnerable (at this point
where so many binary planting vulnerabilities exist out...

Posted by advisory on Sep 01

Vulnerability ID: HTB22591
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_rumba_cms.html
Product: Rumba CMS
Vendor: Rumba Netware Ltd. ( http://rumbacms.com )
Vulnerable Version: 2.4 and Probably Prior Versions
Vendor Notification: 18 August 2010
Vulnerability Type: Stored XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking...

Posted by advisory on Sep 01

Vulnerability ID: HTB22587
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_artgk_cms.html
Product: ArtGK CMS
Vendor: ArtGK ( http://artgk-cms.ru/ )
Vulnerable Version: 2009-08-28 16:00:00 and Probably Prior Versions
Vendor Notification: 18 August 2010
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking &...

Posted by advisory on Sep 01

Vulnerability ID: HTB22592
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_rumba_cms_1.html
Product: Rumba CMS
Vendor: Rumba Netware Ltd. ( http://rumbacms.com )
Vulnerable Version: 2.4 and Probably Prior Versions
Vendor Notification: 18 August 2010
Vulnerability Type: Stored XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Low
Credit: High-Tech Bridge SA - Ethical Hacking &...

Posted by nikhil_uitrgpv on Sep 01

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2010-3199 to this issue. This is a
candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.

Posted by advisory on Sep 01

Vulnerability ID: HTB22590
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_amiro_cms_1.html
Product: Amiro.CMS
Vendor: Amiro ( http://www.amiro.ru/ )
Vulnerable Version: 5.8.4.0 and Probably Prior Versions
Vendor Notification: 18 August 2010
Vulnerability Type: Stored XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking &...

Posted by VMware Security Team on Sep 01

------------------------------------------------------------------------
VMware Security Advisory

Advisory ID: VMSA-2010-0013
Synopsis: VMware ESX third party updates for Service Console
Issue date: 2010-08-31
Updated on: 2010-08-31 (initial release of advisory)
CVE numbers: CVE-2005-4268 CVE-2010-0624 CVE-2010-2063
CVE-2010-1321 CVE-2010-1168 CVE-2010-1447...

Posted by VMware Security Team on Sep 01

------------------------------------------------------------------------
VMware Security Advisory

Advisory ID: VMSA-2010-0013
Synopsis: VMware ESX third party updates for Service Console
Issue date: 2010-08-31
Updated on: 2010-08-31 (initial release of advisory)
CVE numbers: CVE-2005-4268 CVE-2010-0624 CVE-2010-2063
CVE-2010-1321 CVE-2010-1168 CVE-2010-1447...

Posted by security on Sep 01

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:167
http://www.mandriva.com/security/
_______________________________________________________________________

Package : perl-libwww-perl
Date : August 31, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0,
Enterprise Server 5.0...

Posted by Moritz Muehlenhoff on Sep 01

------------------------------------------------------------------------
Debian Security Advisory DSA-2101-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
August 31, 2010 http://www.debian.org/security/faq
------------------------------------------------------------------------

Package : wireshark
Vulnerability : several
Problem type : remote...

Posted by YGN Ethical Hacker Group on Aug 31

1. OVERVIEW

The KeePass application is vulnerable to Insecure DLL Hijacking
Vulnerability. Similar terms that describe this vulnerability
have been come up with Remote Binary Planting, and Insecure DLL
Loading/Injection/Hijacking/Preloading.

2. PRODUCT DESCRIPTION

KeePass Password Safe is a free, open source, light-weight and
easy-to-use password manager for Windows. You can store your passwords
in a highly-encrypted database, which is locked...

Posted by edgard . chammas on Aug 31

##############################################################
# Vendor: ApPHP
# Affected versions: All
# Script: ApPHP Calendar
# URL: http://www.apphp.com/php-calendar/index.php
# Vulnerability type: XSS - CSRF
# Risk rating: Medium
##############################################################
# [Exploit]
# Attack: XSS - CSRF in calendar.php via POST
# Vulnerable file: calendar.class.php
# Vulnerable parameters:
# - category_name
# -...

Posted by ZDI Disclosures on Aug 31

ZDI-10-168: Apple QuickTime ActiveX _Marshaled_pUnk Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-168
August 31, 2010

-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)

-- Affected Vendors:
Apple

-- Affected Products:
Apple Quicktime

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 10407.
For further...