New Security Vulnerabilities 27th July 2007

The following new security tests were added to Telspace' database:

 

TOTAL THREATS IN THE DATABASE 15111


NEW THREATS RISK FACTOR SUMMARY
(*****) Urgent Risk 5
(**** ) Critical Risk 27
(*** ) High Risk 2
(** ) Medium Risk 1
(* ) Low Risk 0


NEW THREATS FAMILY SUMMARY
Red Hat Local Checks 6
Solaris Local Checks 6
Centos Local Checks 4
Web Services 4
Windows 4
Debian Local Checks 3
Remote Shell Access 2
Mandrake Local Checks 2
Fedora Local Checks 2
Denial of Service 1
FreeBSD Local Checks 1

 

(*****) Urgent Risk - Remote Shell Access
Symantec Veritas Backup Exec for Windows Server RPC Heap Buffer Overflow
Vulnerability

(*****) Urgent Risk - Windows
Kaspersky Anti-Virus for Check Point FireWall-1 Denial of Service
Vulnerability

(*****) Urgent Risk - Web Services
paFileDB categories parameter SQL Injection Vulnerability

(*****) Urgent Risk - Remote Shell Access
Ipswitch IMail Server < 2006.21 Multiple Vulnerabilities

(*****) Urgent Risk - Web Services
Joomla Expose Component Arbitrary File Upload Vulnerability

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (sparc) : 121132-03

(**** ) Critical Risk - Debian Local Checks
[DSA1335] DSA-1335-1 gimp

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0674

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0675

(**** ) Critical Risk - Solaris Local Checks
Solaris 8 (sparc) : 114669-04

(**** ) Critical Risk - Debian Local Checks
[DSA1333] DSA-1333-1 libcurl3-gnutls

(**** ) Critical Risk - Windows
Sun Java Runtime Environment XML Signature Command Injection Vulnerability
(102993)

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0519: xorg

(**** ) Critical Risk - Mandrake Local Checks
MDKA-2007:081: x11-server

(**** ) Critical Risk - Windows
Firefox < 2.0.0.5

(**** ) Critical Risk - Mandrake Local Checks
MDKSA-2007:146: perl-Net-DNS

(**** ) Critical Risk - Denial of Service
IBM Tivoli Provisioning Manager for OS Deployment TFTPD Blocksize Denial
of Service Vulnerability

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0520: xorg

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-628: wireshark

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0519

(**** ) Critical Risk - Debian Local Checks
[DSA1334] DSA-1334-1 freetype

(**** ) Critical Risk - Solaris Local Checks
Solaris 9 (sparc) : 114716-05

(**** ) Critical Risk - Solaris Local Checks
Solaris 9 (i386) : 114717-05

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0674: perl

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 6 2007-615: httpd

(**** ) Critical Risk - Solaris Local Checks
Solaris 8 (i386) : 114670-04

(**** ) Critical Risk - Web Services
CVS directory spider

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (i386) : 125794-02

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0662: httpd

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0569: tomcat

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2007-0662

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2007-0675: perl

(*** ) High Risk - Windows
Vulnerability in SAVCE could allow Local Privilege Escalation (SYM07-017)

(*** ) High Risk - Web Services
MailMarshal Spam Quarantine Password Retrieval Vulnerability

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : linux-flashplugin -- critical vulnerabilities (969)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : mod_jk -- information disclosure (954)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : squirrelmail -- Cross site scripting in HTML filter (948)

(* ) Low Risk - Service Detection
avast! Management Server Detection

(* ) Low Risk - Web Services
Packeteer Web Management Interface Version

(* ) Low Risk - Windows
OpenOffice Detection

(* ) Low Risk - Service Detection
XMPP Server Detection

(* ) Low Risk - Web Services
Symantec Web Security Detection

(* ) Low Risk - Service Detection
Symantec Ghost Solution Status Server detection

(* ) Low Risk - Web Services
Packeteer Web Management Interface Login

(* ) Low Risk - Service Detection
Symantec Ghost Solution Locate Server detection

(* ) Low Risk - Windows
Cisco VPN Client Version Detection

(* ) Low Risk - Web Services
Packeteer Web Management Interface Detection

(* ) Low Risk - Service Detection
SNMPc Management Server Detection

 

 

 


Terms and Conditions | Acceptable Use Policy Copyright © 2010 Telspace. All Rights Reserved