Hosting Provided By

Vulnerabilities digest

From: 3APA3A <3APA3A(at)SECURITY.NNOV.RU>
Date: Tue Aug 21 2007 - 15:36:43 EDT

Dear bugtraq@securityfocus.com,

there is a number of vulnerabilities unpublished in English yet

Dmitry Zubov reports Planet VC-200M VDSL2 router administration interface DoS vulnerability.

HTTP request with missed Host: header prevents administration interface access until reboot. Vendor was reportedly contacted, but failed to react.

SecurityVulns issue: http://securityvulns.com/news/Planet/VC-200M/DoS.html Original message (in Russian): http://securityvulns.ru/Rdocument847.html

2. MustLive reports low-risk (requires social engineering), yet interesting example of crossite scripting in Internet Explorer. Local zone scripting is possible on accessing saved page with original URL in the form of

http://site/-->[script]alert("XSS")[/script]

Internet Explorer 6.0 was tested.

SecurityVulns Issue: http://securityvulns.com/news/Microsoft/IE/saved-css.html Additional Information (in Ukranian): http://websecurity.com.ua/1241/ Original message (in Russian): http://securityvulns.ru/Rdocument865.html

Do you need help?

3. MustLive reports crossite scripting vulnerability in Search Engine Builder.

Request
http://site/search/search.html?searWords=%3Cscript%3Ealert(document.cookie)%3C/script%3E

leads to crossite scripting.

Additional information (in Ukranian): http://websecurity.com.ua/1159/ Original message (in Russian): http://securityvulns.ru/Rdocument843.html

  4.  MustLive  reports vulnerability in Sirius 1.0, Blix 0.9.1 and Blix
  0.9.1  Rus, Pool 1.0.7 themes for WordPress and also WordPress Classic
  1.5 theme, last one is already fixed in WordPress 2.1.3.

Insuficcient filtering of PHP_SELF variable leads to crossite scripting with request like
http://site/index.php/%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

Additional information (in Ukranian):

             
http://websecurity.com.ua/1252/
             
http://websecurity.com.ua/1248/
             
http://websecurity.com.ua/1238/
             
http://websecurity.com.ua/1234/
  Original messages (in Russian):
             
http://securityvulns.ru/Rdocument839.html
             
http://securityvulns.ru/Rdocument825.html
             
http://securityvulns.ru/Rdocument771.html
             
http://securityvulns.ru/Rdocument751.html

5. MustLive reports crossite scripting in coWiki

with request
http://site/?cmd=srchdoc&q=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

Do you need more help?

Additional information: http://websecurity.com.ua/1131/ Original message: http://securityvulns.ru/Rdocument692.html

6. Ivan Niiiil (http://uNkn0wn.eu) reports vulnerabilities in Linkliste 1.2, Butterfly online vistors counter 1.08, mcLinksCounter 1.2, My_REFERER 1.08.

Original messages in English are available from http://securityvulns.com/source26994.html

7. Okan Alp (http://www.expw0rm.com) reports vulnerabilities in different Web applications.

Original messages in English are available from http://securityvulns.com/source13951.html

-- 
http://securityvulns.com/
         /\_/\
        { , . }     |\
+--oQQo->{ ^ }<-----+ \
|  ZARAZA  U  3APA3A   } You know my name - look up my number (The Beatles)
+-------------o66o--+ /
                    |/

Received on Tue Aug 21 16:08:28 2007

This message: [ Message body ]
Next message: Asterisk Security Team: "AST-2007-020: Resource Exhaustion Vulnerability in Asterisk SIP channel driver"
Previous message: iDefense Labs: "iDefense Security Advisory 08.20.07: Trend Micro SSAPI Long Path Buffer Overflow Vulnerability"
Next in thread: Steven M. Christey: "Re: Vulnerabilities digest"
Reply: Steven M. Christey: "Re: Vulnerabilities digest"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Oct 28 2007 - 06:13:00 EDT