TelSpace - Hosting & IT Solution Provider

New Security Vulnerabilities 24th May 2007

The following new security tests were added to Telspace' database:

TOTAL THREATS IN THE DATABASE 14628

NEW THREATS RISK FACTOR SUMMARY
(*****) Urgent Risk 4
(**** ) Critical Risk 14
(*** ) High Risk 3
(** ) Medium Risk 2
(* ) Low Risk 11

NEW THREATS FAMILY SUMMARY
Miscellaneous 12
Fedora Local Checks 5
Gentoo Local Checks 3
Web Services 2
Windows 2
Red Hat Local Checks 2
Centos Local Checks 2
Debian Local Checks 2
Remote Shell Access 1
Service Detection 1
Mandrake Local Checks 1
Slackware Local Checks 1

(*****) Urgent Risk - Miscellaneous
Samba NDR MS-RPC Request Heap-Based Buffer Overflow Vulnerability

(*****) Urgent Risk - Remote Shell Access
Darwin Streaming Server < 5.5.5 Multiple Vulnerabilities

(*****) Urgent Risk - Windows
CA InoWeb Buffer Overflow Vulnerability

(*****) Urgent Risk - Miscellaneous
Samba < 3.0.25 Multiple Vulnerabilities

(**** ) Critical Risk - Debian Local Checks
[DSA1293] DSA-1293-1 quagga

(**** ) Critical Risk - Gentoo Local Checks
[GLSA-200705-16] PhpWiki: Remote execution of arbitrary code

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-503: php

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0354

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-499: freeradius

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0065: bluez

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 5 2007-506: samba

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0354: samba

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-507: samba

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0327

(**** ) Critical Risk - Windows
CA InoTask Buffer Overflow Vulnerability

(**** ) Critical Risk - Mandrake Local Checks
MDKSA-2007:104: samba

(**** ) Critical Risk - Debian Local Checks
[DSA1294] DSA-1294-1 xfree86

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-505: squirrelmail

(*** ) High Risk - Web Services
CommuniGate Pro WebUser Interface Cross-Site Scripting Vulnerability

(*** ) High Risk - Gentoo Local Checks
[GLSA-200705-18] PPTPD: Denial of Service attack

(*** ) High Risk - Web Services
Resin Directory Traversal Vulnerability (2)

(** ) Medium Risk - Gentoo Local Checks
[GLSA-200705-17] Apache mod_security: Rule bypass

(** ) Medium Risk - Slackware Local Checks
SSA-2007-136-01 libpng

(* ) Low Risk - Miscellaneous
OS Identification : NTP

(* ) Low Risk - Miscellaneous
OS Identification : ICMP

(* ) Low Risk - Miscellaneous
OS Identification : uname

(* ) Low Risk - Miscellaneous
OS Identification : HTTP

(* ) Low Risk - Miscellaneous
OS Identification : MSRPC

(* ) Low Risk - Miscellaneous

OS Identification : SMB

(* ) Low Risk - Miscellaneous
OS Identification : SSH

(* ) Low Risk - Service Detection
SAMBA server detection

(* ) Low Risk - Miscellaneous
OS Identification : SinFP

(* ) Low Risk - Miscellaneous
OS Identification : mDNS

(* ) Low Risk - Miscellaneous
OS Identification : SNMP

Terms and Conditions | Acceptable Use Policy