New Security Vulnerabilities 13th March 2007

The following new security tests were added to Telspace' database:

 

TOTAL THREATS IN THE DATABASE   14134

 

NEW THREATS RISK FACTOR SUMMARY
   (*****)  Urgent Risk          8
   (**** )  Critical Risk        29
   (***  )  High Risk            6
   (**   )  Medium Risk          4
   (*    )  Low Risk             2

 

NEW THREATS FAMILY SUMMARY
   Windows                        7
   Fedora Local Checks            7
   Firewalls, Routers, SNMP       6
   Mandrake Local Checks          5
   Web Services                   5
   Centos Local Checks            4
   Gentoo Local Checks            4
   FreeBSD Local Checks           4
   Red Hat Local Checks           3
   Debian Local Checks            2
   Denial of Service              1
   Unix                           1

 

(*****)  Urgent Risk  -  Denial of Service
CA eTrust Intrusion Detection System Key Exchange Remote Denial of
Service Vulnerability

(*****)  Urgent Risk  -  Firewalls, Routers, SNMP
Cisco IOS SIP Packet Handling Remote Denial Of Service Vulnerability

(*****)  Urgent Risk  -  Firewalls, Routers, SNMP
Cisco IOS Intrusion Prevention System Multiple Vulnerabilities

(*****)  Urgent Risk  -  Firewalls, Routers, SNMP
Cisco IOS TCP Listener Denial Of Service Vulnerability

(*****)  Urgent Risk  -  Firewalls, Routers, SNMP
Cisco Multiple Products Network Analysis Module SNMP Communication
Spoofing Vulnerability

(*****)  Urgent Risk  -  Firewalls, Routers, SNMP
Cisco Multiple Devices Crafted IP Option Multiple Remote Code Execution
Vulnerability

(*****)  Urgent Risk  -  Firewalls, Routers, SNMP
Cisco Catalyst MPLS Packet Handling Denial of Service Vulnerability

(*****)  Urgent Risk  -  Web Services
getID3 < 1.7.8-b1 Multiple Vulnerabilities

(**** )  Critical Risk  -  Fedora Local Checks
Fedora Core 5 2007-281: firefox

(**** )  Critical Risk  -  Centos Local Checks
CentOS : RHSA-2007-0079

(**** )  Critical Risk  -  Fedora Local Checks
Fedora Core 5 2007-289: devhelp

(**** )  Critical Risk  -  Centos Local Checks
CentOS : RHSA-2007-0077

(**** )  Critical Risk  -  Fedora Local Checks
Fedora Core 5 2007-287: php

(**** )  Critical Risk  -  Centos Local Checks
CentOS : RHSA-2007-0085

(**** )  Critical Risk  -  Mandrake Local Checks
MDKSA-2007:049: spamassassin

(**** )  Critical Risk  -  Mandrake Local Checks
MDKSA-2007:051: snort

(**** )  Critical Risk  -  Unix
Default password 'password' for account 'root'

(**** )  Critical Risk  -  Windows
Mozilla Thunderbird < 1.5.0.10

(**** )  Critical Risk  -  Debian Local Checks
 [DSA1263] DSA-1263-1 clamav

(**** )  Critical Risk  -  Fedora Local Checks
Fedora Core 6 2007-293: gnome-python2-extras

(**** )  Critical Risk  -  Debian Local Checks
 [DSA1262] DSA-1262-1 gnomemeeting

(**** )  Critical Risk  -  Windows
SeaMonkey < 1.0.8

(**** )  Critical Risk  -  Windows
Citrix Presentation Server Client Remote Code Execution Vulnerability

(**** )  Critical Risk  -  Windows
Google Desktop Cross-Site Scripting Flaw

(**** )  Critical Risk  -  Centos Local Checks
CentOS : RHSA-2007-0074

(**** )  Critical Risk  -  Mandrake Local Checks
MDKSA-2007:050: mozilla-firefox

(**** )  Critical Risk  -  Mandrake Local Checks
MDKA-2007:016: gnome-terminal

(**** )  Critical Risk  -  Fedora Local Checks
Fedora Core 5 2007-278: nss

(**** )  Critical Risk  -  Windows
VeriSign ConfigChk ActiveX Control Buffer Overflow Vulnerability

(**** )  Critical Risk  -  Fedora Local Checks
Fedora Core 6 2007-279: nss

(**** )  Critical Risk  -  Red Hat Local Checks
RHSA-2007-0085:   kernel

(**** )  Critical Risk  -  Red Hat Local Checks
RHSA-2007-0077: seamonkey

(**** )  Critical Risk  -  Red Hat Local Checks
RHSA-2007-0079: firefox

(**** )  Critical Risk  -  Windows
FLEXnet Connect Update Service Agent ActiveX Control Buffer Overflow
Vulnerability

(**** )  Critical Risk  -  Fedora Local Checks
Fedora Core 6 2007-256: gnucash

(**** )  Critical Risk  -  Mandrake Local Checks
MDKA-2007:017: tcpdump

(**** )  Critical Risk  -  Web Services
Pagesetter id Parameter Information Disclosure Vulnerability

(***  )  High Risk  -  Web Services
OrangeHRM txtUserName SQL Injection Vulnerability

(***  )  High Risk  -  Gentoo Local Checks
 [GLSA-200703-06] AMD64 x86 emulation Qt library: Integer overflow

(***  )  High Risk  -  Gentoo Local Checks
 [GLSA-200703-07] STLport: Possible remote execution of arbitrary code

(***  )  High Risk  -  Gentoo Local Checks
 [GLSA-200703-04] Mozilla Firefox: Multiple vulnerabilities

(***  )  High Risk  -  Web Services
SQLiteManager SQLiteManager_currentTheme Cookie Local File Include
Vulnerability

(***  )  High Risk  -  Gentoo Local Checks
 [GLSA-200703-05] Mozilla Suite: Multiple vulnerabilities

(**   )  Medium Risk  -  FreeBSD Local Checks
FreeBSD : libarchive -- Infinite loop in corrupt archives handling in
libarchive (922)

(**   )  Medium Risk  -  FreeBSD Local Checks
FreeBSD : bind -- Multiple Denial of Service vulnerabilities (923)

(**   )  Medium Risk  -  FreeBSD Local Checks
FreeBSD : OpenSSL -- Multiple problems in crypto(3) (921)

(**   )  Medium Risk  -  FreeBSD Local Checks
FreeBSD : mozilla -- multiple vulnerabilities (920)

(*    )  Low Risk  -  Web Services
DokuWiki Detection

(*    )  Low Risk  -  Windows
Google Desktop detection


Terms and Conditions | Acceptable Use Policy Copyright © 2010 Telspace. All Rights Reserved