New Security Vulnerabilities 8th October 2007

The following new security tests were added to Telspace' database:

 

TOTAL THREATS IN THE DATABASE 15569

 

NEW THREATS RISK FACTOR SUMMARY
(*****) Urgent Risk 2
(**** ) Critical Risk 99
(*** ) High Risk 7
(** ) Medium Risk 11
(* ) Low Risk 2

 

NEW THREATS FAMILY SUMMARY
HP-UX Local Checks 39
SuSE Local Checks 16
Solaris Local Checks 12
FreeBSD Local Checks 10
Red Hat Local Checks 8
Fedora Local Checks 6
Centos Local Checks 5
Gentoo Local Checks 4
Mandrake Local Checks 4
Debian Local Checks 4
Windows 3
Remote Shell Access 2
Web Services 2
Service Detection 2
Cross-Site Scripting 2
Database Services 1
Slackware Local Checks 1

 

(*****) Urgent Risk - Windows
NetSupport Manager Remote Authentication Bypass Vulnerability

(*****) Urgent Risk - Remote Shell Access
IBM Tivoli Storage Manager Client Vulnerabilities (swg21268775)

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_30771

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0890: php

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-709: php

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (sparc) : 125418-01

(**** ) Critical Risk - Solaris Local Checks
Solaris 9 (sparc) : 123376-01

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:050: opera

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:037: OpenOffice_org

(**** ) Critical Risk - Mandrake Local Checks
MDKSA-2007:186: openoffice.org

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0898

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_35830

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHKL_28060

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_34389

(**** ) Critical Risk - Mandrake Local Checks
MDKSA-2007:187: php

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (sparc) : 120011-14

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0848

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0845: libvorbis

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_36123

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHCO_36003

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0890

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0913: nfs

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_35920

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_35165

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_36278

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_35766

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_35183

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (sparc) : 125482-03

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_36286

(**** ) Critical Risk - Solaris Local Checks
Solaris 8 (sparc) : 126125-01

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0845

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_36361

(**** ) Critical Risk - Solaris Local Checks
Solaris 9 (sparc) : 117123-08

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:048: qt3

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_35164

(**** ) Critical Risk - Solaris Local Checks
Solaris 9 (sparc) : 112837-13

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHCO_35587

(**** ) Critical Risk - Windows
Firefox < 2.0.0.7

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_35485

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-700: openoffice.org

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (sparc) : 126258-02

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:045: IBM Java, Sun Java

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHKL_28025

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:046: flash-player

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHKL_26450

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_35729

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-707: httpd

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_34870

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0871: tomcat

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:052: OpenOffice_org

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_35182

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:033: clamav

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_35579

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-712: kernel

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_35352

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_31732

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:036: mozilla,MozillaFirefox,MozillaThunderbird

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-692: gd

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0848: openoffice.org

(**** ) Critical Risk - Windows
EasyMail SMTP Object ActiveX Control Buffer Overflow Vulnerabilities

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_36386

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:041: freetype2

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_35113

(**** ) Critical Risk - Gentoo Local Checks
 [GLSA-200709-18] Bugzilla: Multiple vulnerabilities

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0513: gimp

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHCO_25841

(**** ) Critical Risk - Debian Local Checks
 [DSA1379] DSA-1379-1 openssl

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_36452

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHCO_36808

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHCO_26449

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_36385

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_34949

(**** ) Critical Risk - Debian Local Checks
[DSA1380] DSA-1380-1 elinks

(**** ) Critical Risk - Database Services
Oracle Listener Program Logging Vulnerability (1361722)

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (sparc) : 126440-01

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:043: kernel

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (sparc) : 126661-01

(**** ) Critical Risk - Mandrake Local Checks
MDKSA-2007:185: avahi

(**** ) Critical Risk - Debian Local Checks
 [DSA1381] DSA-1381-1 linux-2.6

(**** ) Critical Risk - Mandrake Local Checks
MDKSA-2007:188: postgresql

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_35351

(**** ) Critical Risk - Gentoo Local Checks
 [GLSA-200709-16] Lighttpd: Buffer overflow

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-703: qt

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_35483

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0898: xorg

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0889: php

(**** ) Critical Risk - Web Services
Shop-Script Admin Bypass Vulnerability

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHCO_36809

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:039: libexif

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_34991

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_36973

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:049: MozillaFirefox,MozillaThunderbird,Seamonkey

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:040: file

(**** ) Critical Risk - Debian Local Checks
 [DSA1378] DSA-1378-2 linux-2.6

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:042: evolution,evolution-data-server

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0913

(**** ) Critical Risk - SuSE Local Checks
SUSE-SA:2007:038: krb5

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHKL_26269

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_35484

(**** ) Critical Risk - Solaris Local Checks
Solaris 9 (sparc) : 117127-03

(**** ) Critical Risk - Solaris Local Checks
Solaris 8 (sparc) : 126131-01

(*** ) High Risk - SuSE Local Checks
SUSE-SA:2007:047: bind, bind9

(*** ) High Risk - Web Services
ADOdb Lite last_module Parameter Command Execution Vulnerability

(*** ) High Risk - Cross-Site Scripting
Tomcat cal2.jsp Sample App Cross-Site Scripting Vulnerability

(*** ) High Risk - Remote Shell Access
Mercury IMAP Server SEARCH Command Buffer Overflow Vulnerability

(*** ) High Risk - Cross-Site Scripting
IceWarp Merak Mail Server < 9.0.0 Cross-Site Scripting Vulnerability

(*** ) High Risk - Gentoo Local Checks
 [GLSA-200709-17] teTeX: Multiple buffer overflows

(*** ) High Risk - Gentoo Local Checks
 [GLSA-200709-15] BEA JRockit: Multiple vulnerabilities

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : mediawiki -- cross site scripting vulnerability (1008)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : mozilla -- code execution via Quicktime media-link files (1001)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : flyspray -- authentication bypass (1000)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : wordpress -- remote sql injection vulnerability (1007)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : konquerer -- address bar spoofing (999)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : bugzilla -- multiple vulnerabilities (1004)

(** ) Medium Risk - Slackware Local Checks
SSA-2007-275-01 pidgin

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : coppermine -- multiple vulnerabilities (1003)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : clamav -- multiple remote Denial of Service vulnerabilities (1005)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : kdm -- passwordless login vulnerability (1002)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : samba -- nss_info plugin privilege escalation vulnerability (1006)

(* ) Low Risk - Service Detection
Detect memcached

(* ) Low Risk - Service Detection
IBM Tivoli Storage Manager Client Acceptor Daemon Detection

 

 


Terms and Conditions | Acceptable Use Policy Copyright © 2010 Telspace. All Rights Reserved