TelSpace - Hosting & IT Solution Provider

New Security Vulnerabilities 10th March 2006

New Security Vulnerabilities - 10,570 Total Threats

New security threats have been added to Telspace Systems database, a summary about each new vulnerability is provided below.

== == == == == == == == == ==

Threat ID: 21020 - High Risk Factor

Threat Name: 4Images <= 1.7.1 Directory Traversal Vulnerability

Threat Family: Web Services

Threat Summary: Check if 4Images is vulnerable to directory traversal flaws

------------------------------------------------------------------------------

Threat ID: 20990 - High Risk Factor

Threat Name: Mac OS X Security Update 2006-001

Threat Family: MacOS X Local Checks

Threat Summary: Check for Security Update 2006-001

------------------------------------------------------------------------------

Threat ID: 20993 - High Risk Factor

Threat Name: Visnetic AntiVirus Plug-in for MailServer Local Privilege

Escalation Vulnerability

Threat Family: Remote Shell Access

Threat Summary: Checks version of Visnetic AntiVirus Plug-in for MailServer

------------------------------------------------------------------------------

Threat ID: 20994 - High Risk Factor

Threat Name: Limbo CMS Itemid Arbitrary Code Execution Vulnerability

Threat Family: Web Services

Threat Summary: Injects arbitrary PHP code via Itemid parameter in Limbo CMS

------------------------------------------------------------------------------

Threat ID: 20991 - High Risk Factor

Threat Name: imageVue < 16.2 Multiple Vulnerabilities

Threat Family: Web Services

Threat Summary: Checks for unauthorized file upload vulnerability in imageVue

------------------------------------------------------------------------------

Threat ID: 20999 - Medium Risk Factor

Threat Name: [GLSA-200603-01] WordPress: SQL injection vulnerability

Threat Family: Gentoo Local Checks

Threat Summary: WordPress: SQL injection vulnerability

------------------------------------------------------------------------------

Threat ID: 21001 - Medium Risk Factor

Threat Name: [GLSA-200603-03] MPlayer: Multiple integer overflows

Threat Family: Gentoo Local Checks

Threat Summary: MPlayer: Multiple integer overflows

------------------------------------------------------------------------------

Threat ID: 21000 - Medium Risk Factor

Threat Name: [GLSA-200603-02] teTeX, pTeX, CSTeX: Multiple overflows in included XPdf code

Threat Family: Gentoo Local Checks

Threat Summary: teTeX, pTeX, CSTeX: Multiple overflows in included XPdf code

------------------------------------------------------------------------------

Threat ID: 20986 - Medium Risk Factor

Threat Name: phpRPC Library Remote Code Execution Vulnerability

Threat Family: Web Services

Threat Summary: Checks for remote code execution in phpRPC library

------------------------------------------------------------------------------

Threat ID: 20987 - Medium Risk Factor

Threat Name: MDaemon IMAP Server Format String Vulnerability

Threat Family: Remote Shell Access

Threat Summary: Checks for format string vulnerability in MDaemon IMAP server

------------------------------------------------------------------------------

Threat ID: 21022 - Medium Risk Factor

Threat Name: [GLSA-200603-05] zoo: Stack-based buffer overflow

Threat Family: Gentoo Local Checks

Threat Summary: zoo: Stack-based buffer overflow

------------------------------------------------------------------------------

Threat ID: 21021 - Medium Risk Factor

Threat Name: [GLSA-200603-04] IMAP Proxy: Format string vulnerabilities

Threat Family: Gentoo Local Checks

Threat Summary: IMAP Proxy: Format string vulnerabilities

------------------------------------------------------------------------------

Threat ID: 20988 - Medium Risk Factor

Threat Name: HP Systems Management Homepage Namazu lang Directory Traversal Vulnerability

Threat Family: Web Services

Threat Summary: Checks for namazu lang parameter directory traversal vulnerability in HP Systems Management Homepage

------------------------------------------------------------------------------

Threat ID: 20989 - Medium Risk Factor

Threat Name: FreeBSD nfsd Malformed NFS Mount Request Denial of Service Vulnerability

Threat Family: Denial of Service

Threat Summary: Tries to crash remote FreeBSD host

------------------------------------------------------------------------------

Threat ID: 21035 - Medium Risk Factor

Threat Name: Woltlab Burning Board SQL injection flaw

Threat Family: Web Services

Threat Summary: Checks SQL injection flaw in Woltlab Burning Board Database module

------------------------------------------------------------------------------

Threat ID: 20996 - Medium Risk Factor

Threat Name: Retrospect Client Denial of Service Vulnerability

Threat Family: Miscellaneous

Threat Summary: Checks version of Retrospect client

------------------------------------------------------------------------------

Threat ID: 20985 - Low Risk Factor

Threat Name: ArGoSoft Mail Server Pro Webmail Server Cross-Site

Scripting Vulnerabilities

Threat Family: Cross-Site Scripting

Threat Summary: Checks version of ArGoSoft Mail Server Pro banner

------------------------------------------------------------------------------

Threat ID: 20992 - Low Risk Factor

Threat Name: vBulletin Email Field Cross-Site Scripting Vulnerability

Threat Family: Web Services

Threat Summary: Checks version number of vBulletin

------------------------------------------------------------------------------

Threat ID: 20995 - Info Risk Factor

Threat Name: Retrospect Client Detection

Threat Family: Service Detection

Threat Summary: Detects a Retrospect Client

------------------------------------------------------------------------------

Terms and Conditions | Acceptable Use Policy