New Security Vulnerabilities 21st May 2007

The following new security tests were added to Telspace' database:

 

TOTAL THREATS IN THE DATABASE 14594

 

NEW THREATS RISK FACTOR SUMMARY
(*****) Urgent Risk 5
(**** ) Critical Risk 36
(*** ) High Risk 2
(** ) Medium Risk 3
(* ) Low Risk 4

 

NEW THREATS FAMILY SUMMARY
Microsoft Bulletins 7
Mandrake Local Checks 6
Fedora Local Checks 6
Debian Local Checks 5
Centos Local Checks 4
Miscellaneous 3
Red Hat Local Checks 3
Web Services 3
Solaris Local Checks 3
Remote Shell Access 2
Gentoo Local Checks 2
Service Detection 1
Windows 1
Database Services 1
Slackware Local Checks 1
FreeBSD Local Checks 1
MacOS X Local Checks 1

 

(*****) Urgent Risk - Web Services
RunCms debug_show.php Multiple Vulnerabilities

(*****) Urgent Risk - Microsoft Bulletins
Vulnerability in Microsoft Exchange Could Allow Remote Code Execution
(931832)

(*****) Urgent Risk - Microsoft Bulletins
Vulnerability in Windows DNS RPC Interface Could Allow Remote Code
Execution (935966)

(*****) Urgent Risk - Remote Shell Access
Trend Micro ServerProtect AgRpcCln.dll Buffer Overflow Vulnerability

(*****) Urgent Risk - Remote Shell Access
Trend Micro ServerProtect EarthAgent Buffer Overflow Vulnerability

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 5 2007-485: evolution-data-server

(**** ) Critical Risk - Solaris Local Checks
Solaris 9 (sparc) : 116837-03

(**** ) Critical Risk - Mandrake Local Checks
MDKA-2007:036: kernel

(**** ) Critical Risk - Microsoft Bulletins
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
(934873)

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-492: vim

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (sparc) : 116837-03

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0346

(**** ) Critical Risk - Debian Local Checks
 [DSA1247] DSA-1247-1 libapache-mod-auth-kerb

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 5 2007-493: dovecot

(**** ) Critical Risk - Mandrake Local Checks
MDKSA-2007:102: php

(**** ) Critical Risk - Mandrake Local Checks
MDKSA-2007:099: python

(**** ) Critical Risk - Debian Local Checks
 [DSA1290] DSA-1290-1 squirrelmail

(**** ) Critical Risk - Solaris Local Checks
Solaris 9 (i386) : 116838-03

(**** ) Critical Risk - Windows
AXIS CamImage ActiveX Control SaveBMP Method Buffer Overflow Vulnerability

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 5 2007-491: gimp

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-489: gimp

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0336: rh

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0349: php

(**** ) Critical Risk - Mandrake Local Checks
MDKSA-2007:101: vim

(**** ) Critical Risk - Debian Local Checks
 [DSA1291] DSA-1291-1 samba

(**** ) Critical Risk - Microsoft Bulletins
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
(934233)

(**** ) Critical Risk - MacOS X Local Checks
Vulnerabilities in Microsoft Office Allow Remote Code Execution
(934233,934232,934873) (Mac OS X)

(**** ) Critical Risk - Web Services
Thyme eid Parameter SQL Injection Vulnerability

(**** ) Critical Risk - Microsoft Bulletins
Cumulative Security Update for Internet Explorer (931768)

(**** ) Critical Risk - Microsoft Bulletins
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution
(934232)

(**** ) Critical Risk - Debian Local Checks
 [DSA1289] DSA-1289-1 linux-2.6

(**** ) Critical Risk - Mandrake Local Checks
MDKSA-2007:098: clamav

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0348

(**** ) Critical Risk - Gentoo Local Checks
 [GLSA-200705-15] Samba: Multiple vulnerabilities

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0338

(**** ) Critical Risk - Mandrake Local Checks
MDKA-2007:035: curl

(**** ) Critical Risk - Debian Local Checks
 [DSA1292] DSA-1292-1 qt4-x11

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0338: freeradius

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0336

(**** ) Critical Risk - Microsoft Bulletins
Vulnerability in CAPICOM Could Allow Remote Code Execution (931906)

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-484: evolution-data-server

(*** ) High Risk - Gentoo Local Checks
 [GLSA-200705-14] XScreenSaver: Privilege escalation

(*** ) High Risk - Web Services
Advanced Guestbook lang Cookie Local File Include Vulnerability

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : php -- multiple vulnerabilities (945)

(** ) Medium Risk - Slackware Local Checks
SSA-2007-134-01 samba

(** ) Medium Risk - Database Services
MySQL IF Query Denial of Service Vulnerability

(* ) Low Risk - Miscellaneous
Enumerate IPv4 interfaces via SSH

(* ) Low Risk - Miscellaneous
Enumerate IPv6 interfaces via SSH

(* ) Low Risk - Miscellaneous
TCP timestamps

(* ) Low Risk - Service Detection
Remote listeners enumeration

 


Terms and Conditions | Acceptable Use Policy Copyright © 2010 Telspace. All Rights Reserved