Client Application
configuration file.
Mitigation
Implement segregation of roles:
- Agent workstations should not propose the manager's client
application (TSA_manager.exe). Remove it if found.
- Manager workstations should only propose the manager's client
application and not the agent client application.
- Use a separate IP subnet to host the manager workstations.
- Provide physical protection to manager workstations by implementing
physical access control to the room where the Contact Center managers have
This bug has been used to denial of service proftpd 1.3.3f in openbsd 4.9 and netbsd 5.1. Similar problem has been reported in GNU libc. Anyway Redhat has decided to not solve the problem:
---
Statement:
Red Hat does not consider crash of client application, using regcomp()
or regexec() routines on untrusted input without preliminary checking
the input for the sanity, to be a security issue (the described deficiency
implies and is a known limitation of the glibc regular expression engine
implementation). The expressions can be modified to avoid quantification
nesting, or program modified to limit size of input passed to regular
10. Contest officials will add attackers on IM and read their messages.
They will not click on links or open file transfers.
11. Client Application list:
The fully patched client-side applications that qualify for a prize includes:
. Adobe PDF
. Adobe Flash
Digital Armaments November-December Hacking Challenge: Diffuse Client Application
Challenge Pubblication 11.29.2007
http://www.digitalarmaments.com/challenge200711849505.html
I. Details
Digital Armaments officially announce the launch of November-December hacking challenge.
The challenge starts on November 1. For the November-December Challenge, Digital Armaments will give 10.000$ and 5000 credits EXTRA for each submission that results in a Diffuse Client Application (example: Internet Explorer, Firefox, Safari, Microsoft Office, Winzip, Zip, MSN, Skype) Vulnerability. This should include example and documentation.
10. Contest officials will add attackers on IM and read their messages.
They will not click on links or open file transfers.
11. Client Application list:
The fully patched client-side applications that qualify for a prize includes:
. Adobe PDF
. Adobe Flash
CVE Id(s) : CVE-2008-3963 CVE-2008-4456
Debian Bug : 498362
Multiple vulnerabilities have been identified affecting MySQL, a
relational database server, and its associated interactive client
application. The Common Vulnerabilities and Exposures project
identifies the following two problems:
CVE-2008-3963
Kay Roepke reported that the MySQL server would not properly handle
overly long "boundary" parameter (more than 212 bytes).
======================================================================
5) Solution
The vendor recommends users to delete the IMail Client application,
which will be removed from the next major release of the IPSwitch
IMail Server.
======================================================================
6) Time Table
Core requests update info on the vulnerabilities.
. 2008-02-18:
Vendor replies that the iCal Server (CVE-2008-1000) vulnerability is
tracked for a fix in an upcoming update and the vulnerabilities in the
iCal client application will be fixed in an update following the early
March software update.
. 2008-02-19:
Core indicated that it will split the report in two security advisories.
CORE-2008-0123 will address the vulnerability in iCal server
1. UserID enumerate
Attacker can get valid UserID. It is possible because OpenEdge RDBMS server
give different answers for situation when password is incorrect and when
UserID does not exist. Client application in both way gives the same message
- “Your Password and UserID <USERID> do not much”. But in network layer
answers from server are different:
Packet 1. From server to client, if UserID exist (UserID eq AAA):
+------------+
Eavesdropping of call detail records requires knowledge of the target
user’s BroadWorks username, e.g. 098765432@serviceprovider.com.
BroadWorks uses Client Application Protocol (CAP) XML messages to
communicate between client applications and the BroadWorks platform. One
of the messages, monitoringUsersRequest, is transmitted by the Attendant
Console to BroadWorks during the logon procedure. This command includes
a list of usernames that the Attendant Console can monitor for incoming
and outgoing calls. A malicious user can replay this message with
Core requests update info on the vulnerabilities.
. 2008-02-18:
Vendor replies that the iCal Server (CVE-2008-1000) vulnerability is
tracked for a fix in an upcoming update and the vulnerabilities in the
iCal client application will be fixed in an update following the early
March software update.
. 2008-02-19:
Core indicated that it will split the report in two security advisories.
CORE-2008-0123 will address the vulnerability in iCal server
which are the version number of the program.
If an attacker uses a version number equal to zero (no encryption?)
will be able to crash the server due to the access to a NULL pointer
during the decryption of the incoming data.
Note that this bug affects both the server and client application so an
attacker can easily crash all the clients in the LAN sending the
malformed data to the port 5178 of each host since this is the default
port on which they listen.
The bug created a "non-persistent" cross-site scripting security
vulnerability. We fixed this bug on our web site on October 28, the
day after
it was discovered, and have fixed it in version 1.3.1 of our local
client
application, which was released on Monday, November 2. The update has
been applied to almost all running instances of Wowd. To our
knowledge, no
exploit for this bug was actually attempted and none of our users were
affected. Please contact us at feedback@wowd.com if you have any
questions.
following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft \Internet
Explorer\Main\FeatureControl\FEATURE_LocalMachine_Lockdown
Add a REG_DWORD value to this key named as the AIM client application (for
example, aim.exe) and set it to 1. Any other setting for this value will
disable Local Machine Zone Lockdown for the application.
For further details about how to configure this feature read Microsoft‟s
Internet Explorer Local Machine Zone Lockdown recommendation at:
It has assigned CLSID: 7CB9D4F5-C492-42A4-93B1-3F7D6946470D and is by default included to "Safe for Scripting" OLE components, that allows full execution scripting access to the control methods from within the browser.
The default control installation path is
C:\Program Files\Hewlett-Packard\eSupportDiags\RulesEngine.dll
The control is used by the the HP Software Updates software's HPWUCli.exe client application to enumerate, load and store available software patches information. The HPWUCli.exe binary is located in the directory:
C:\Program Files\HP\HP Software Update\
The control may also be used by a remote WWW service, such as Hewlett-Packard online software update service.
The potentialy insecure method is:
CVE Name: CVE-2011-1512
3. *Vulnerability Description*
A memory corruption vulnerability in the Lotus Notes client application
can be leveraged to execute arbitrary code on vulnerable systems by
enticing users to open specially crafted spreadsheet files with the
'.XLS' extension. The vulnerability arises from improper parsing of a
BIFF record. This vulnerability could be used by a remote attacker to
execute arbitrary code with the privileges of the user that opened the
following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft \Internet
Explorer\Main\FeatureControl\FEATURE_LocalMachine_Lockdown
Add a REG_DWORD value to this key named as the AIM client application (for
example, aim.exe) and set it to 1. Any other setting for this value will
disable Local Machine Zone Lockdown for the application.
For further details about how to configure this feature read Microsoft‟s
Internet Explorer Local Machine Zone Lockdown recommendation at:
management, process management, network stack, and driver model. The
kernel also acts as an abstraction layer between the hardware and the
rest of the software stack.
The WebKit application framework is included to facilitate development
of web client application functionality. The framework in turn uses
different third-party open source libraries to implement processing of
several image formats.
Android includes a web browser based on the Webkit framework that
contains multiple binary vulnerabilities when processing .GIF, .PNG and
|
