Next Page >>
Digital Defense
---------------
9/4/2007
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Additional Discovered By (Digital Defense, Inc. Credit: sxkeebler and r@b13s
Vulnerability Description
-------------------------
The NetSupport Manager client that listens on TCP port 5405 does not properly handle authentication sessions. It is possible to pose as the NetSupport Manager, associate to a client, and then issue commands without performing the authentication sequence. Both the basic and advanced authentication schemes can be bypassed in the same manner. When properly exploited, this flaw will results in a complete compromise of the target system.
===============
Thanks to SafeNet for patching this vulnerability and for working with
me on this advisory.
According to Digital Defense, Inc.'s advisory, Corey Lebleu originally
discovered this problem on October 10th, 2007. I discovered the same
vulnerability independently on October 29th, 2007. I have no reason to
doubt Digital Defense, Inc.'s claim, and do not claim to have
discovered the problem first.
---------------
October 10th, 2007
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Corey Lebleu
Vulnerability Description
-------------------------
A classic directory traversal condition exists within the Sentinel Protection Server. By sending in an HTTP GET request with a path of a file proceeded by and escaped traversal sequence, an attacker can leverage an arbitrary file access condition on the affected system.
---------------
October 23, 2008
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Shmoov and r@b13$
Vulnerability Description
-------------------------
The HP-ChaiSOE/1.0 embedded web server on certain HP JetDirect printers allows a potential attacker to gain read only access to directories and files outside of the web root. An attacker can leverage this flaw to read arbitrary system configuration files, cached documents, etc. Information obtained from an affected host may facilitate further attacks against the host. Exploitation of this flaw is trivial using common web server directory traversal techniques.
---------------
9/4/2007
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team Credit Given To: sxkeebler and r@b13$ http://www.digitaldefense.net/
Vulnerability Description
-------------------------
The NetSupport Manager client that listens on TCP port 5405 does not properly validate input supplied during the initial connection sequence.
Specifically, during the configuration exchange part of the initial connection setup, the client does not appear to validate the supplied data which can result in a DoS of the NetSupport Manager Client. Remote code exploitation is also thought to be possible. Within Technical Document ID TD545, NetSupport acknowledges that this flaw is present in unspecified versions of NetSupport School Student.
---------------
October 14, 2008
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Corey LeBleu and r@b13$
Vulnerability Description
-------------------------
The Citrix Broadcast Server administrative login page is vulnerable to trivial SQL injections via the txtUID HTTP POST parameter. An attacker could leverage this flaw to obtain unauthorized access to the web interface or to extract data from the database via blind SQL injection.
---------------
April 12, 2012
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Chris Graham and r@b13$
Vulnerability Description
-------------------------
Digital Defense, Inc. (DDI) has discovered a blind SQL injection vulnerability in the Epicor Returns Management software SOAP interface. Left unremediated, this vulnerability could be leveraged by an attacker to execute arbitrary SQL commands and extract information from the backend database using standard SQL exploitation techniques. Additionally, an attacker may be able to leverage this flaw to compromise the database server host operating system.
---------------
January 19th, 2009
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: David Marshall and r@b13$
Vulnerability Description
-------------------------
Alterations of the title and message parameters in vBook allow attacks to specify arbitrary web or scripting content. This allows scripting tags to be executed by the browser to perform XSS attacks. Such an attack would require convincing a user to click on a specially crafted link.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1870 to this vulnerability.
VMware would like to thank the Vulnerability Research Team of
Digital Defense, Inc. for reporting this issue to us.
Apache Struts version 2.0.11 and earlier also contain
vulnerabilities which have not been assigned CVE names. This
advisory also addresses these vulnerabilities described at the
following URLs:
--------
Medium
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: princeofnigeria and r@b13$
Date Discovered
---------------
1/29/2008
Reference Base Vector Base Score
CVE-2008-4419 (AV:N/AC:L/Au:N/C:C/I:N/A:N) 7.8
===============================================
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
The Hewlett-Packard Company thanks the Digital Defense, Inc. (DDI) Vulnerability Research Team (VRT) for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has provided firmware updates and preliminary firmware updates to resolve this vulnerability. The firmware updates and preliminary firmware updates are available as described below.
---------------
August 15, 2011
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Chris Graham and r@b13$
Vulnerability Description
-------------------------
Metropolis Technologies OfficeWatch enables a web server on TCP port 80 that is susceptible to a directory traversal. An attacker may send a ../ (dot-dot-slash) sequence to traverse out of the web root and access arbitrary files on the host.
Reference Base Vector Base Score
CVE-2008-4419 (AV:N/AC:L/Au:N/C:C/I:N/A:N) 7.8
===============================================
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
The Hewlett-Packard Company thanks the Digital Defense, Inc. (DDI) Vulnerability Research Team (VRT) for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has provided firmware updates and preliminary firmware updates to resolve this vulnerability. The firmware updates and preliminary firmware updates are available as described below.
---------------
February 23rd, 2009
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: David Marshall and r@b13$
Vulnerability Description
-------------------------
ActiveMQ 5.2.0’s /admin interface gathers input from the user in numerous forms which are not properly sanitized. Attackers may insert script tags to have them execute when a user browses the affected areas of the page.
---------------
November 3, 2009
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Alex Kaszczuk, Alan Chin, Jose R. Hernandez and r@b13$
Vulnerability Description
-------------------------
The rpc.cmsd service contains an integer overflow which can allow a malicious unauthenticated user to cause a denial of service, or remotely execute arbitrary code with root privileges.
--------
Medium
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: princeofnigeria and r@b13$
Date Discovered
---------------
1/29/2008
Reference Base Vector Base Score
CVE-2008-4419 (AV:N/AC:L/Au:N/C:C/I:N/A:N) 7.8
===============================================
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
The Hewlett-Packard Company thanks the Digital Defense, Inc. (DDI) Vulnerability Research Team (VRT) for reporting this vulnerability to security-alert@hp.com.
Note: For further information on Secure Printing and Imaging please refer to http://www.hp.com/go/secureprinting
RESOLUTION
CVE-2008-4419 (AV:N/AC:L/Au:N/C:C/I:N/A:N) 7.8
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks the Digital Defense, Inc. (DDI) Vulnerability Research Team (VRT) for reporting this vulnerability to security-alert@hp.com.
Note: For further information on Secure Printing and Imaging please refer to http://www.hp.com/go/secureprinting
RESOLUTION
--------
Medium
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: princeofnigeria and r@b13$
Date Discovered
---------------
1/29/2008
---------------
July 15, 2011
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: sxkeebler and r@b13$
Vulnerability Description
-------------------------
The Axway SecureTransport device contains a directory traversal in
--------
High
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: princeofnigeria and r@b13$
Date Discovered
---------------
1/29/2008
---------------
July 28, 2011
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Javier Castro, sxkeebler and r@b13$
Vulnerability Description
-------------------------
The default installation of the IBM WebSphere Application Server is
---------------
March 8, 2012
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: shmoov and r@b13$
Vulnerability Description
-------------------------
The ACTi Web Configurator 3.0 for ACTi IP Surveillance Cameras contains a directory traversal vulnerability within the cgi-bin directory. An unauthenticated remote attacker can use this vulnerability to retrieve arbitrary files that are located outside the root of the web server.
---------------
October 2, 2008
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Corey LeBleu and r@b13$
Vulnerability Description
-------------------------
The iPhone Configuration Web Utility allows centralized management of iPhone configuration settings. The iPhone Configuration Web Utility 1.0 for Windows web interface is vulnerable to a common web directory traversal attack. Successful exploitation will result in arbitrary read-only file access outside of the iPhone Configuration Web Utility 1.0 web root.
---------------
November 18, 2011
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: sxkeebler and r@b13$
Vulnerability Description
-------------------------
The KnowledgeTree login.php login page is vulnerable to a blind SQL
---------------
November 19, 2009
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Rob Kraus, Chris Graham and r@b13$
Vulnerability Description
-------------------------
The login page of the F2L-3000 version 4.0.0 is vulnerable to SQL Injection. Exploitation of the vulnerability may allow attackers to bypass authentication and access sensitive information stored on the device.
CVE-2008-4419 (AV:N/AC:L/Au:N/C:C/I:N/A:N) 7.8
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks the Digital Defense, Inc. (DDI) Vulnerability Research Team (VRT) for reporting this vulnerability to security-alert@hp.com.
Note: For further information on Secure Printing and Imaging please refer to http://www.hp.com/go/secureprinting
RESOLUTION
---------------
March 10th, 2009
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Steven James and princeofnigeria and r@b13$
Vulnerability Description
-------------------------
Certain Precidia Ether232 devices contain memory overwrite and authentication flaws.
---------------
October 21st 2008
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Steven James and r@b13$
Vulnerability Description
-------------------------
Orb Networks' Orb media server is vulnerable to a denial of service condition. Sending malformed http requests may crash the service denying service to legitimate users.
--------
High
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: r@b13$
Date Discovered
---------------
December 7, 2011
Next Page>>
|
