New Security Vulnerabilities 7th March 2006
New Security Vulnerabilities - 10,551 Total Threats
The following security tests were added to Telspace’ database during the on 6th March 2006:
Threat ID: 20922 - High Risk Factor
Threat Name: RHSA-2006-0178: ImageMagick
Threat Family: Red Hat Local Checks
Threat Summary: Check for the version of the ImageMagick packages
------------------------------------------------------------------------------
Threat ID: 20924 - High Risk Factor
Threat Name: Lotus Notes Attachment Handling Vulnerabilities
Threat Family: Remote Shell Access
Threat Summary: Checks for attachment handling vulnerabilities in Lotus
Notes
------------------------------------------------------------------------------
Threat ID: 20923 - High Risk Factor
Threat Name: SUSE-SA:2006:008: openssh
Threat Family: SuSE Local Checks
Threat Summary: Check for the version of the openssh package
------------------------------------------------------------------------------
Threat ID: 20943 - High Risk Factor
Threat Name: Solaris 10 (sparc) : 120329-02
Threat Family: Solaris Local Checks
Threat Summary: Check for patch 120329-02
------------------------------------------------------------------------------
Threat ID: 20937 - High Risk Factor
Threat Name: Fedora Core 4 2006-116: gnupg
Threat Family: Fedora Local Checks
Threat Summary: Check for the version of the gnupg package
------------------------------------------------------------------------------
Threat ID: 20945 - High Risk Factor
Threat Name: Solaris 8 (sparc) : 117350-33
Threat Family: Solaris Local Checks
Threat Summary: Check for patch 117350-33
------------------------------------------------------------------------------
Threat ID: 20940 - High Risk Factor
Threat Name: MDKSA-2006:041: bluez-hcidump
Threat Family: Mandrake Local Checks
Threat Summary: Check for the version of the bluez-hcidump package
------------------------------------------------------------------------------
Threat ID: 20944 - High Risk Factor
Threat Name: Solaris 10 (i386) : 120330-02
Threat Family: Solaris Local Checks
Threat Summary: Check for patch 120330-02
------------------------------------------------------------------------------
Threat ID: 20942 - High Risk Factor
Threat Name: MDKSA-2006:043: gnupg
Threat Family: Mandrake Local Checks
Threat Summary: Check for the version of the gnupg package
------------------------------------------------------------------------------
Threat ID: 20948 - High Risk Factor
Threat Name: Solaris 8 (i386) : 122092-01
Threat Family: Solaris Local Checks
Threat Summary: Check for patch 122092-01
------------------------------------------------------------------------------
Threat ID: 20947 - High Risk Factor
Threat Name: Solaris 8 (i386) : 117351-33
Threat Family: Solaris Local Checks
Threat Summary: Check for patch 117351-33
------------------------------------------------------------------------------
Threat ID: 20946 - High Risk Factor
Threat Name: Solaris 8 (sparc) : 122091-01
Threat Family: Solaris Local Checks
Threat Summary: Check for patch 122091-01
------------------------------------------------------------------------------
Threat ID: 20939 - High Risk Factor
Threat Name: MDKSA-2006:040: kernel
Threat Family: Mandrake Local Checks
Threat Summary: Check for the version of the kernel package
------------------------------------------------------------------------------
Threat ID: 20941 - High Risk Factor
Threat Name: MDKSA-2006:042: libtiff
Threat Family: Mandrake Local Checks
Threat Summary: Check for the version of the libtiff package
------------------------------------------------------------------------------
Threat ID: 20950 - High Risk Factor
Threat Name: BlackBerry Enterprise Server Attachment Buffer Overflow
Vulnerabilities
Threat Family: Remote Shell Access
Threat Summary: Checks version number of BlackBerry Enterprise Server
------------------------------------------------------------------------------
Threat ID: 20956 - High Risk Factor
Threat Name: HP-UX Security patch : PHSS_34202
Threat Family: HP-UX Local Checks
Threat Summary: Checks for patch PHSS_34202
------------------------------------------------------------------------------
Threat ID: 20955 - High Risk Factor
Threat Name: HP-UX Security patch : PHSS_34008
Threat Family: HP-UX Local Checks
Threat Summary: Checks for patch PHSS_34008
------------------------------------------------------------------------------
Threat ID: 20954 - High Risk Factor
Threat Name: HP-UX Security patch : PHSS_33842
Threat Family: HP-UX Local Checks
Threat Summary: Checks for patch PHSS_33842
------------------------------------------------------------------------------
Threat ID: 20967 - High Risk Factor
Threat Name: SUSE-SA:2006:009: gpg,liby2util
Threat Family: SuSE Local Checks
Threat Summary: Check for the version of the gpg,liby2util package
------------------------------------------------------------------------------
Threat ID: 20964 - High Risk Factor
Threat Name: MDKSA-2006:046: tar
Threat Family: Mandrake Local Checks
Threat Summary: Check for the version of the tar package
------------------------------------------------------------------------------
Threat ID: 20958 - High Risk Factor
Threat Name: eStara SoftPhone SDP Data Attribute Buffer Overflow
Vulnerability
Threat Family: Miscellaneous
Threat Summary: Checks version number of eStara SoftPhone
------------------------------------------------------------------------------
Threat ID: 20966 - High Risk Factor
Threat Name: RHSA-2006-0217: metamail
Threat Family: Red Hat Local Checks
Threat Summary: Check for the version of the metamail packages
------------------------------------------------------------------------------
Threat ID: 20965 - High Risk Factor
Threat Name: RHSA-2006-0195: tar
Threat Family: Red Hat Local Checks
Threat Summary: Check for the version of the tar packages
------------------------------------------------------------------------------
Threat ID: 20963 - High Risk Factor
Threat Name: MDKSA-2006:045: MySQL
Threat Family: Mandrake Local Checks
Threat Summary: Check for the version of the MySQL package
------------------------------------------------------------------------------
Threat ID: 20981 - High Risk Factor
Threat Name: MDKSA-2006:047: metamail
Threat Family: Mandrake Local Checks
Threat Summary: Check for the version of the metamail package
------------------------------------------------------------------------------
Threat ID: 20982 - High Risk Factor
Threat Name: BlackBerry Enterprise Server PNG Attachment Buffer
Overflow Vulnerability
Threat Family: Remote Shell Access
Threat Summary: Checks version number of BlackBerry Enterprise Server
------------------------------------------------------------------------------
Threat ID: 20928 - Medium Risk Factor
Threat Name: Vulnerability in Web Client Service Could Allow Remote
Code Execution (911927) - network check
Threat Family: Microsoft Bulletins
Threat Summary: Determines the presence of update 911927 - network check
------------------------------------------------------------------------------
Threat ID: 20927 - Medium Risk Factor
Threat Name: SSH Tectia Server SFTP Format String Vulnerability
Threat Family: Miscellaneous
Threat Summary: Checks for format string vulnerability in SSH Tectia
Server SFTP subsystem
------------------------------------------------------------------------------
Threat ID: 20925 - Medium Risk Factor
Threat Name: dotProject Remote File Include Vulnerabilities
Threat Family: Web Services
Threat Summary: Checks for remote file include vulnerabilities in
dotProject
------------------------------------------------------------------------------
Threat ID: 20929 - Medium Risk Factor
Threat Name: Flyspray adodbpath Parameter Remote File Include
Vulnerability
Threat Family: Web Services
Threat Summary: Checks for adodbpath parameter remote file include
vulnerability in Flyspray
------------------------------------------------------------------------------
Threat ID: 20962 - Medium Risk Factor
Threat Name: [GLSA-200602-12] GPdf: heap overflows in included Xpdf
code
Threat Family: Gentoo Local Checks
Threat Summary: GPdf: heap overflows in included Xpdf code
------------------------------------------------------------------------------
Threat ID: 20972 - Medium Risk Factor
Threat Name: Plume CMS <= 1.0.2 Remote File Inclusion Vulnerability
Threat Family: Web Services
Threat Summary: Check if Plume CMS is vulnerable to a file inclusion flaw
------------------------------------------------------------------------------
Threat ID: 20933 - Medium Risk Factor
Threat Name: Cisco IOS AAA RADIUS Authentication Bypass Vulnerability
Threat Family: Firewalls, Routers, SNMP
Threat Summary: Uses SNMP to determine if a flaw is present
------------------------------------------------------------------------------
Threat ID: 20936 - Medium Risk Factor
Threat Name: Macallan IMAP Server Directory Traversal Vulnerability
Threat Family: Miscellaneous
Threat Summary: Checks for directory traversal vulnerability in Macallan
------------------------------------------------------------------------------
Threat ID: 20978 - Medium Risk Factor
Threat Name: SPIP < 1.8.2-g SQL Injection and XSS Flaws
Threat Family: Web Services
Threat Summary: Checks for SPIP SQL injection flaw
------------------------------------------------------------------------------
Threat ID: 20980 - Medium Risk Factor
Threat Name: [GLSA-200602-14] noweb: Insecure temporary file creation
Threat Family: Gentoo Local Checks
Threat Summary: noweb: Insecure temporary file creation
------------------------------------------------------------------------------
Threat ID: 20979 - Medium Risk Factor
Threat Name: [GLSA-200602-13] GraphicsMagick: Format string
vulnerability
Threat Family: Gentoo Local Checks
Threat Summary: GraphicsMagick: Format string vulnerability
------------------------------------------------------------------------------
Threat ID: 20952 - Medium Risk Factor
Threat Name: Fedora DS Administration Server Information Disclosure
Vulnerability
Threat Family: Web Services
Threat Summary: Checks for an information disclosure vulnerability in
Fedora Directory Server Administration Server
------------------------------------------------------------------------------
Threat ID: 20951 - Medium Risk Factor
Threat Name: Xerox XRX06-001
Threat Family: Miscellaneous
Threat Summary: Checks for multiple ESS / network controller and
microServer vulnerabilities in Xerox WorkCentre devices
------------------------------------------------------------------------------
Threat ID: 20968 - Medium Risk Factor
Threat Name: ViRobot Linux Server filescan Authentication Bypass
Vulnerability
Threat Family: Web Services
Threat Summary: Checks for authentication bypass vulnerability in ViRobot
Linux Server's filescan component
------------------------------------------------------------------------------
Threat ID: 20961 - Medium Risk Factor
Threat Name: CherryPy staticFilter Directory Traversal Vulnerability
Threat Family: Web Services
Threat Summary: Checks for staticFilter directory traversal vulnerability
in CherryPy
------------------------------------------------------------------------------
Threat ID: 20960 - Medium Risk Factor
Threat Name: IA eMailServer IMAP Server Search Command Buffer Overflow
Vulnerability
Threat Family: Remote Shell Access
Threat Summary: Checks for search command buffer overflow vulnerability
in IA eMailServer's IMAP server
------------------------------------------------------------------------------
Threat ID: 20959 - Medium Risk Factor
Threat Name: Geeklog < 1.3.11sr4 / 1.4.0sr1 Multiple
Vulnerabilities
Threat Family: Web Services
Threat Summary: Checks for multiple vulnerabilities in Geeklog <
1.3.11sr4 / 1.4.0sr1
------------------------------------------------------------------------------
Threat ID: 20969 - Medium Risk Factor
Threat Name: PostNuke < 0.762 Multiple Vulnerabilities
Threat Family: Web Services
Threat Summary: Checks for admin access bypass issue in PostNuke
------------------------------------------------------------------------------
Threat ID: 20970 - Medium Risk Factor
Threat Name: SquirrelMail < 1.4.6 Multiple Vulnerabilities
Threat Family: Web Services
Threat Summary: Checks for IMAP command injection in SquirrelMail
------------------------------------------------------------------------------
Threat ID: 20971 - Medium Risk Factor
Threat Name: Noah's Classifieds <= 1.3 Multiple Vulnerabilities
Threat Family: Web Services
Threat Summary: Checks for search page SQL injection flaw in Noah's
Classifieds
------------------------------------------------------------------------------
Threat ID: 20973 - Medium Risk Factor
Threat Name: Winamp < 5.2 Multiple Vulnerabilities
Threat Family: Windows
Threat Summary: Checks the version number of Winamp
------------------------------------------------------------------------------
Threat ID: 20974 - Medium Risk Factor
Threat Name: NOCC <= 1.0 Multiple Vulnerabilities
Threat Family: Web Services
Threat Summary: Checks for a local file include flaw in NOCC
------------------------------------------------------------------------------
Threat ID: 20976 - Medium Risk Factor
Threat Name: ArGoSoft Mail Server _DUMP Command Information Disclosure
Vulnerability
Threat Family: Miscellaneous
Threat Summary: Checks for _DUMP command information disclosure
vulnerability in ArGoSoft POP3 server
------------------------------------------------------------------------------
Threat ID: 20975 - Medium Risk Factor
Threat Name: ShockWave Player ActiveX Installer Buffer Overflow
Vulnerability
Threat Family: Windows
Threat Summary: Checks version of ShockWave installer ActiveX control
------------------------------------------------------------------------------
Threat ID: 20984 - Medium Risk Factor
Threat Name: Coppermine Photo Gallery f Parameter Remote File Include
Vulnerability
Threat Family: Web Services
Threat Summary: Checks for f parameter remote file include vulnerability
in Coppermine Photo Gallery
------------------------------------------------------------------------------
Threat ID: 20953 - Low Risk Factor
Threat Name: [GLSA-200602-11] OpenSSH, Dropbear: Insecure use of
system() call
Threat Family: Gentoo Local Checks
Threat Summary: OpenSSH, Dropbear: Insecure use of system() call
------------------------------------------------------------------------------
Threat ID: 20926 - Low Risk Factor
Threat Name: dotProject docs Directory Information Disclosure
Vulnerabilities
Threat Family: Web Services
Threat Summary: Checks for docs directory information disclosure
vulnerabilities in dotProject
------------------------------------------------------------------------------
Threat ID: 20911 - Low Risk Factor
Threat Name: Mac OS X < 10.4.5
Threat Family: MacOS X Local Checks
Threat Summary: Check for the version of Mac OS X
------------------------------------------------------------------------------
Threat ID: 20931 - Low Risk Factor
Threat Name: NeoMail sort Parameter Cross-Site Scripting Vulnerability
Threat Family: Cross-Site Scripting
Threat Summary: Checks for sort parameter cross-site scripting
vulnerability in NeoMail
------------------------------------------------------------------------------
Threat ID: 20932 - Low Risk Factor
Threat Name: NeoMail Session Id Validation Vulnerability
Threat Family: Web Services
Threat Summary: Checks for session id validation vulnerability in NeoMail
------------------------------------------------------------------------------
Threat ID: 20930 - Low Risk Factor
Threat Name: MyBB < 1.04 Multiple Vulnerabilities
Threat Family: Web Services
Threat Summary: Checks for multiple vulnerabilities in MyBB < 1.04
------------------------------------------------------------------------------
Threat ID: 20977 - Low Risk Factor
Threat Name: ArGoSoft Mail Server IMAP Server Directory Traversal
Vulnerability
Threat Family: Miscellaneous
Threat Summary: Checks for directory traversal vulnerability in ArGoSoft
IMAP server
------------------------------------------------------------------------------
Threat ID: 20983 - Low Risk Factor
Threat Name: BlackBerry Enterprise Server SRP Packet Denial of Service
Vulnerability
Threat Family: Denial of Service
Threat Summary: Checks version number of BlackBerry Enterprise Server
------------------------------------------------------------------------------
Threat ID: 15879 - Info Risk Factor
Threat Name: Hydra: NNTP
Threat Family: Miscellaneous
Threat Summary: Brute force NNTP authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15873 - Info Risk Factor
Threat Name: Hydra: HTTP
Threat Family: Miscellaneous
Threat Summary: Brute force HTTP authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15877 - Info Risk Factor
Threat Name: Hydra: LDAP
Threat Family: Miscellaneous
Threat Summary: Brute force LDAP authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 18660 - Info Risk Factor
Threat Name: Hydra: Postgres
Threat Family: Miscellaneous
Threat Summary: Brute force Postgres authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 18661 - Info Risk Factor
Threat Name: Hydra: MySQL
Threat Family: Miscellaneous
Threat Summary: Brute force MySQL authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15878 - Info Risk Factor
Threat Name: Hydra: MS SQL
Threat Family: Miscellaneous
Threat Summary: Brute force MS SQL authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15871 - Info Risk Factor
Threat Name: Hydra: CVS
Threat Family: Miscellaneous
Threat Summary: Brute force CVS authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15886 - Info Risk Factor
Threat Name: Hydra: SNMP
Threat Family: Miscellaneous
Threat Summary: Brute force SNMP authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15868 - Info Risk Factor
Threat Name: Hydra (NASL wrappers options)
Threat Family: Miscellaneous
Threat Summary: Brute force authentication protocols
------------------------------------------------------------------------------
Threat ID: 15885 - Info Risk Factor
Threat Name: Hydra: SMTP AUTH
Threat Family: Miscellaneous
Threat Summary: Brute force SMTP AUTH authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15882 - Info Risk Factor
Threat Name: Hydra: rexec
Threat Family: Miscellaneous
Threat Summary: Brute force rexec authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15888 - Info Risk Factor
Threat Name: Hydra: SSH2
Threat Family: Miscellaneous
Threat Summary: Brute force SSH2 authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15870 - Info Risk Factor
Threat Name: Hydra: Cisco enable
Threat Family: Miscellaneous
Threat Summary: Brute force 'Cisco enable' authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15883 - Info Risk Factor
Threat Name: Hydra: SAP R3
Threat Family: Miscellaneous
Reference URL: https://www.Telspace.com/threats/details.php?id=15883
Threat Summary: Brute force SAP R3 authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15872 - Info Risk Factor
Threat Name: Hydra: FTP
Threat Family: Miscellaneous
Reference URL: https://www.Telspace.com/threats/details.php?id=15872
Threat Summary: Brute force FTP authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15884 - Info Risk Factor
Threat Name: Hydra: SMB
Threat Family: Miscellaneous
Threat Summary: Brute force SMB authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 20949 - Info Risk Factor
Threat Name: BlackBerry Enterprise Server Detection
Threat Family: Miscellaneous
Threat Summary: Detects BlackBerry Enterprise Server
------------------------------------------------------------------------------
Threat ID: 15874 - Info Risk Factor
Threat Name: Hydra: HTTP proxy
Threat Family: Miscellaneous
Threat Summary: Brute force HTTP proxy authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15869 - Info Risk Factor
Threat Name: Hydra: Cisco
Threat Family: Miscellaneous
Threat Summary: Brute force Cisco authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15889 - Info Risk Factor
Threat Name: Hydra: telnet
Threat Family: Miscellaneous
Threat Summary: Brute force telnet authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15881 - Info Risk Factor
Threat Name: Hydra: POP3
Threat Family: Miscellaneous
Threat Summary: Brute force POP3 authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15880 - Info Risk Factor
Threat Name: Hydra: PCNFS
Threat Family: Miscellaneous
Threat Summary: Brute force PCNFS authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15887 - Info Risk Factor
Threat Name: Hydra: Socks5
Threat Family: Miscellaneous
Threat Summary: Brute force Socks5 authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15890 - Info Risk Factor
Threat Name: Hydra: VNC
Threat Family: Miscellaneous
Threat Summary: Brute force VNC authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15875 - Info Risk Factor
Threat Name: Hydra: ICQ
Threat Family: Miscellaneous
Threat Summary: Brute force ICQ authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 15876 - Info Risk Factor
Threat Name: Hydra: IMAP
Threat Family: Miscellaneous
Threat Summary: Brute force IMAP authentication with Hydra
------------------------------------------------------------------------------
Threat ID: 20957 - Info Risk Factor
Threat Name: eStara SoftPhone Detection
Threat Family: Miscellaneous
Threat Summary: Detects eStara SoftPhone
|
