New Security Vulnerabilities 19th March 2007

The following new security tests were added to Telspace' database:

TOTAL THREATS IN THE DATABASE   14192

 

NEW THREATS RISK FACTOR SUMMARY
   (*****)  Urgent Risk          4
   (**** )  Critical Risk        14
   (***  )  High Risk            5
   (**   )  Medium Risk          3
   (*    )  Low Risk             1

 

NEW THREATS FAMILY SUMMARY
   Mandrake Local Checks          8
   Gentoo Local Checks            6
   Debian Local Checks            3
   FreeBSD Local Checks           3
   Web Services                   2
   Windows                        2
   Fedora Local Checks            2
   Remote Shell Access            1

 

(*****)  Urgent Risk  -  Windows
Vulnerability in Plug and Play Could Allow Remote Code Execution and
Local Elevation of Privilege (905749) - Network Check

(*****)  Urgent Risk  -  Web Services
LedgerSMB / SQL-Ledger authentication Bypass Vulnerability

(*****)  Urgent Risk  -  Remote Shell Access
Mercury IMAP Server Login Command Buffer Overflow Vulnerability

(*****)  Urgent Risk  -  Web Services
LedgerSMB / SQL-Ledger file Parameter Multiple Vulnerabilities

(**** )  Critical Risk  -  Mandrake Local Checks
MDKSA-2007:054: kdelibs

(**** )  Critical Risk  -  Fedora Local Checks
Fedora Core 6 2007-322: ekiga

(**** )  Critical Risk  -  Debian Local Checks
 [DSA1267] DSA-1267-1 webcalendar

(**** )  Critical Risk  -  Mandrake Local Checks
MDKSA-2007:057: xine-lib

(**** )  Critical Risk  -  Mandrake Local Checks
MDKSA-2007:060: kernel

(**** )  Critical Risk  -  Mandrake Local Checks
MDKSA-2007:056: tcpdump

(**** )  Critical Risk  -  Mandrake Local Checks
MDKSA-2007:058: ekiga

(**** )  Critical Risk  -  Gentoo Local Checks
 [GLSA-200703-16] Apache JK Tomcat Connector: Remote execution of
arbitrary code

(**** )  Critical Risk  -  Fedora Local Checks
Fedora Core 5 2007-321: ekiga

(**** )  Critical Risk  -  Mandrake Local Checks
MDKA-2007:018-1: timezone

(**** )  Critical Risk  -  Debian Local Checks
 [DSA1266] DSA-1266-1 gnupg

(**** )  Critical Risk  -  Mandrake Local Checks
MDKSA-2007:055: mplayer

(**** )  Critical Risk  -  Mandrake Local Checks
MDKSA-2007:059: gnupg

(**** )  Critical Risk  -  Debian Local Checks
 [DSA1268] DSA-1268-1 libwpd

(***  )  High Risk  -  Gentoo Local Checks
 [GLSA-200703-14] Asterisk: SIP Denial of Service

(***  )  High Risk  -  Gentoo Local Checks
 [GLSA-200703-12] SILC Server: Denial of Service

(***  )  High Risk-  Gentoo Local Checks
 [GLSA-200703-11] Amarok: User-assisted remote execution of arbitrary code

(***  )  High Risk  -  Gentoo Local Checks
 [GLSA-200703-15] PostgreSQL: Multiple vulnerabilities

(***  )  High Risk  -  Gentoo Local Checks
 [GLSA-200703-13] SSH Communications Security\\'s Secure Shell Server:
SFTP privilege escalation

(**   )  Medium Risk  -  FreeBSD Local Checks
FreeBSD : mplayer -- DMO File Parsing Buffer Overflow Vulnerability (925)

(**   )  Medium Risk  -  FreeBSD Local Checks
FreeBSD : trac -- cross site scripting vulnerability (926)

(**   )  Medium Risk  -  FreeBSD Local Checks
FreeBSD : ktorrent -- multiple vulnerabilities (927)

(*    )  Low Risk  -  Windows
Nessus Windows Scan not performed with admin privileges


Terms and Conditions | Acceptable Use Policy Copyright © 2010 Telspace. All Rights Reserved