New Security Vulnerabilities 14nd August 2007

The following new security tests were added to Telspace' database:

 

TOTAL THREATS IN THE DATABASE 15236


NEW THREATS RISK FACTOR SUMMARY
(*****) Urgent Risk 4
(**** ) Critical Risk 30
(*** ) High Risk 8
(** ) Medium Risk 18
(* ) Low Risk 1


NEW THREATS FAMILY SUMMARY
FreeBSD Local Checks 12
Debian Local Checks 11
Gentoo Local Checks 8
Red Hat Local Checks 7
Slackware Local Checks 6
Windows 4
Web Services 3
Centos Local Checks 3
Mandrake Local Checks 2
Fedora Local Checks 2
Service Detection 1
MacOS X Local Checks 1
Cross-Site Scripting 1


(*****) Urgent Risk - Web Services
PHP-Blogger pref.db Information Disclosure Vulnerability

(*****) Urgent Risk - Web Services
Joomla GMaps Component mapId SQL Injection Vulnerability

(*****) Urgent Risk - Web Services
LinPHA order parameter SQL Injection Vulnerability

(*****) Urgent Risk - MacOS X Local Checks
Mac OS X Security Update 2007-007

(**** ) Critical Risk - Debian Local Checks
[DSA1341] DSA-1341-2 bind9

(**** ) Critical Risk - Debian Local Checks
[DSA1346] DSA-1346-1 iceape

(**** ) Critical Risk - Gentoo Local Checks
[GLSA-200708-08] SquirrelMail G/PGP plugin: Arbitrary code execution

(**** ) Critical Risk - Mandrake Local Checks
MDKSA-2007:152: mozilla-firefox

(**** ) Critical Risk - Windows
Mozilla Thunderbird < 1.5.0.13 / 2.0.0.6

(**** ) Critical Risk - Mandrake Local Checks
MDKSA-2007:151: qt3

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0735

(**** ) Critical Risk - Debian Local Checks
[DSA1344] DSA-1344-1 iceweasel

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0732: poppler

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0735: xpdf

(**** ) Critical Risk - Debian Local Checks
[DSA1345] DSA-1345-1 xulrunner

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0731

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0729: kdegraphics

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0731: tetex

(**** ) Critical Risk - Windows
Nessus ScanCtrl ActiveX File Deletion Vulnerability

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-654: tcpdump

(**** ) Critical Risk - Debian Local Checks
[DSA1351] DSA-1351-1 bochs

(**** ) Critical Risk - Windows
SeaMonkey < 1.1.4

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0720: cups

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-653: gdm

(**** ) Critical Risk - Debian Local Checks
[DSA1349] DSA-1349-1 libextractor

(**** ) Critical Risk - Debian Local Checks
[DSA1353] DSA-1353-1 tcpdump

(**** ) Critical Risk - Debian Local Checks
[DSA1350] DSA-1350-1 tetex-bin

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0720

(**** ) Critical Risk - Windows
Firefox < 2.0.0.6

(**** ) Critical Risk - Debian Local Checks
[DSA1347] DSA-1347-1 xpdf

(**** ) Critical Risk - Debian Local Checks
[DSA1352] DSA-1352-1 pdfkit.framework

(**** ) Critical Risk - Debian Local Checks
[DSA1348] DSA-1348-1 poppler

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0721: qt

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0730: gpdf

(*** ) High Risk - Cross-Site Scripting
Joomla order Parameter Cross-Site Scripting Vulnerability

(*** ) High Risk - Gentoo Local Checks
[GLSA-200708-01] Macromedia Flash Player: Remote arbitrary code execution

(*** ) High Risk - Gentoo Local Checks
[GLSA-200708-06] Net::DNS: Multiple vulnerabilities

(*** ) High Risk - Gentoo Local Checks
[GLSA-200708-03] libarchive (formerly named as bsdtar): Multiple PaX
Extension Header Vulnerabilities

(*** ) High Risk - Gentoo Local Checks
[GLSA-200708-05] GD: Multiple vulnerabilities

(*** ) High Risk - Gentoo Local Checks
[GLSA-200708-07] Xfce Terminal: Remote arbitrary code execution

(*** ) High Risk - Gentoo Local Checks
[GLSA-200708-02] Xvid: Array indexing vulnerabilities

(*** ) High Risk - Gentoo Local Checks
[GLSA-200708-04] ClamAV: Denial of Service

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : xpdf -- stack based buffer overflow (984)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : drupal -- Multiple cross-site scripting vulnerabilities (978)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : tcpdump -- remote integer underflow vulnerability (983)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : p5-Net-DNS -- multiple Vulnerabilities (982)

(** ) Medium Risk - Slackware Local Checks
SSA-2007-222-03 qt

(** ) Medium Risk - Slackware Local Checks
SSA-2007-222-05 xpdf

(** ) Medium Risk - Slackware Local Checks
SSA-2007-222-02 poppler

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : joomla -- multiple vulnerabilities (987)

(** ) Medium Risk - Slackware Local Checks
SSA-2007-215-01 thunderbird

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : FreeBSD -- Buffer overflow in tcpdump(1) (985)

(** ) Medium Risk - Slackware Local Checks
SSA-2007-222-01 gimp

(** ) Medium Risk - Slackware Local Checks
SSA-2007-222-04 seamonkey

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : phpsysinfo -- url Cross-Site Scripting (979)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : drupal -- Cross site request forgeries (980)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : FreeBSD -- Predictable query ids in named(8) (986)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : fsplib -- multiple vulnerabilities (988)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : vim -- Command Format String Vulnerability (977)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : mutt -- buffer overflow vulnerability (981)

(* ) Low Risk - Service Detection
NetVault Process Manager Service Detection

 

 

 


Terms and Conditions | Acceptable Use Policy Copyright © 2010 Telspace. All Rights Reserved