Next Page >>
HTTP requests
Hash: SHA1
Cisco Security Response: Cisco IOS Cross-Site Scripting
Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sr-20090114-http.shtml
Revision 1.0
For Public Release 2009 January 14 1600 UTC (GMT)
Virtual Security Research, LLC.
http://www.vsecurity.com/
Security Advisory
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Advisory Name: Multiple Cisco CSS / ACE Client Certificate and HTTP Header
Manipulation Vulnerabilities
Cisco Security Advisory: Cisco IOS Software Firewall Application
Inspection Control Vulnerability
Advisory ID: cisco-sa-20080924-iosfw
http://www.cisco.com/warp/public/707/cisco-sa-20080924-iosfw.shtml
Revision 1.0
For Public Release 2008 September 24 1600 UTC (GMT)
Intrusion Prevention System (IPS) and Cisco IOS Zone-Based Firewall
features. These vulnerabilities are:
* Memory leak in Cisco IOS Software
* Cisco IOS Software Denial of Service when processing specially
crafted HTTP packets
Cisco has released free software updates that address these
vulnerabilities.
Workarounds that mitigate these vulnerabilities are not available.
A DoS vulnerability exists in NetCache proxies of at least some areas
of Speedy Argentina ISP (201.255.64/18), by which a URL could be rendered
inaccessible by means of the prefetch cache control directive.
The procedure is very simple, sending several times a simple GET
HTTP/1.1 request to the victim URL will make the proxies no longer
serve it. Users will be waiting for about two minutes and then the TCP
connection will be closed, which depending on the user agent it will
be interpreted as a valid zero-length HTTP 0.9 reply or an error.
It is worth noting that this attack affects the URL EXACTLY. For
The Cisco ACE Application Control Engine Module and Cisco ACE 4710
Application Control Engine contain the following DoS vulnerabilities:
* Real-Time Streaming Protocol (RTSP) inspection DoS vulnerability
* HTTP, RTSP, and Session Initiation Protocol (SIP) inspection DoS
vulnerability
* Secure Socket Layer (SSL) DoS vulnerability
* SIP inspection DoS vulnerability
Cisco has released free software updates for affected customers.
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
Advisory ID: cisco-sa-20090727-wlc
http://www.cisco.com/warp/public/707/cisco-sa-20090727-wlc.shtml
Revision 1.0
For Public Release 2009 July 27 1600 UTC (GMT)
+ Vulnerability in HTC Peep: Twitter Credentials Disclosure
http://blog.taddong.com/2011/02/vulnerability-in-htc-peep-twitter.html
Title: Twitter credentials disclosure in HTC Peep mobile app (default HTC Twitter client)
Vulnerability ID: TAD-2011-001
Credits: This vulnerability was discovered by Raul Siles, Founder and Senior Security Analyst with Taddong (www.taddong.com)
Publication date: February 4, 2011
Cisco Security Advisory: Multiple Vulnerabilities in Firewall Services
Module
Advisory ID: cisco-sa-20071017-fwsm
http://www.cisco.com/warp/public/707/cisco-sa-20071017-fwsm.shtml
Revision 1.0
For Public Release 2007 October 17 1600 UTC (GMT)
advisory recently concerning some XSS/CSRF holes in the IOS..
quote{
Document ID: 98605
http://www.cisco.com/warp/public/707/cisco-sr-20090114-http.shtml
Revision 1.0
For Public Release 2009 January 14 1600 UTC (GMT)
Cisco Response:
"Two separate Cisco IOS® Hypertext Transfer Protocol (HTTP) cross-site
scripting (XSS) vulnerabilities have been reported to Cisco [...]
====================
Vulnerability :
When used as a Server Load Balancer and/or SSL offloader it's possible
to do requests
to the backend without leaving any ip address in the http server logs.
it's possible
then to do any L7 http attacks anonymousely.
A Bug request has been opened at cisco TAC, it has been classified
"work as designed"
vulnerability.
There are no workarounds that mitigate this vulnerability.
This advisory is posted at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111019-cs
Note:Effective October 18, 2011, Cisco moved the current list of
Cisco Security Advisories and Responses published by Cisco PSIRT. The
new location is:
http://tools.cisco.com/security/center/publicationListing
Title: Simple PHP Blog (sphpblog) <= 0.5.1 Multiple Vulnerabilities
Vendor: http://sourceforge.net/projects/sphpblog/
Advisory: http://acid-root.new.fr/?0:15
Author: DarkFig < gmdarkfig (at) gmail (dot) com >
Released on: 2007/10/21
Changelog: ----------
L M H T
Summary: Ip Spoofing [X] [_] [_] [X]
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Adaptive
Security Appliance and Cisco PIX Security Appliances
Advisory ID: cisco-sa-20090408-asa
http://www.cisco.com/warp/public/707/cisco-sa-20090408-asa.shtml
Revision 1.0
For Public Release 2009 April 08 1600 UTC (GMT)
Vuln name: GCALDaemon Remote DoS
Systems affected: GCALDaemon 1.0-beta13 (all platforms)
Systems not affected: -
Severity: Low
Local/Remote: Remote
Vendor URL: http://gcaldaemon.sourceforge.net/
Author(s): Luca "ikki" Carettoni - luca.carettoni@securenetwork.it
Vendor disclosure: 22nd August 2007
Vendor acknowledged: 22nd August 2007
Vendor patch release: n/a
Public disclosure: 18th September 2007
these vulnerabilities. Cisco has made free software available to
address this issue for affected customers.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20080213-phone.shtml
Affected Products
=================
Vulnerable Products
vulnerability may allow a Man-in-the-Middle (MITM) attacker to inject
arbitrary data into the beginning of the application protocol stream
protected by TLS.
The only ArubaOS component that seems affected by this issue is the
HTTPS WebUI administration interface. If a client browser (victim) is
configured to authenticate to the WebUI over HTTPS using a client
certificate, an attacker can potentially use the victim's credentials
temporarily to execute arbitrary HTTP request for each initiation of an
HTTPS session from the victim to the WebUI. This would happen without
any HTTPS/TLS warnings to the victim. This condition can essentially be
PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method
Vulnerability found: 7 November 2007
Vendor contacted: 14 November 2007
Risk factor: N/A
The reason why we didn't consider this vulnerability a security risk is because the attacker needs to force the victim's browser to submit a malformed HTTP method.
Name Multiple Vulnerabilities in FormMail
Systems Affected FormMail 1.92 and possibly earlier versions
Severity Medium
Impact (CVSSv2) Medium 4.3/10, vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Vendor http://www.scriptarchive.com/formmail.html
Advisory http://www.ush.it/team/ush/hack-formmail_192/adv.txt
Authors Francesco "ascii" Ongaro (ascii AT ush DOT it)
Giovanni "evilaliv3" Pellerano (evilaliv3 AT ush DOT it)
Antonio "s4tan" Parata (s4tan AT ush DOT it)
Date 20090511
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
0. ORIGINAL ADVISORY
~~~~~~~~~~~~~~~~~~~~
http://o0o.nu/~meder/o0o_bypassing_servlet_input_validation_filters.txt
I. BACKGROUND
~~~~~~~~~~~~~
NOTE: This advisory will use OWASP's Stinger and Struts framework to
1. DESCRIPTION
There is a DoS vulnerability in Cisco Linksys router WRH54G http service. Any anonymous attacker could crash the http service easily by sending a malformed http request, and needn't any privilege.
When the device attempts to process the malformed request, it will be possible to corrupt sensitive memory. Although unconfirmed, it may also be possible to modify various configuration settings or execute malicious code.
After being attacked, Cisco Linksys router can't be accessed remotely by any user. Http service is not recovered and the attacked router can not be managed without a hard reboot. A reboot of router may cause network disconnected.
Further more, the firewall can still route packets.
Cisco Security Advisory: CDS Internet Streamer: Web Server Directory
Traversal Vulnerability
Advisory ID: cisco-sa-20100721-spcdn
http://www.cisco.com/warp/public/707/cisco-sa-20100721-spcdn.shtml
Revision 1.0
For Public Release 2010 July 21 1600 UTC (GMT)
Name Multiple Vulnerabilities in Jetty
Systems Affected Jetty 7.0.0 and earlier versions
Severity Medium
Impact (CVSSv2) Medium 5/10, vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Vendor http://www.mortbay.org/jetty/
Advisory http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt
Authors Francesco "ascii" Ongaro (ascii AT ush DOT it)
Giovanni "evilaliv3" Pellerano (evilaliv3 AT ush DOT it)
Antonio "s4tan" Parata (s4tan AT ush DOT it)
Date 20091024
On July 15 OuTian reported a vulnerability in Apache Tomcat[2] whereby
overwide byte sequences in utf-8 could bypass both Apache Tomcat access
control restrictions as well as path decoding logic.
On July 17 Simon Ryeo reported[3] a variation of the same vulnerability in
Apache httpd server when proxying content generated from Tomcat.
Remy Maucherat wrote a patch to address this particular expression of the
vector for Tomcat 6.0.x[4] which also mitigates against any similar but as
yet undiscovered decoding vulnerabilities. This patch has also been ported
to 5.5.x[5] and 4.1.x[6]. On July 31st the Apache Software Foundation
Advisory: Geo++(R) GNCASTER: Faulty implementation of HTTP Digest
Authentication
During a penetration test, RedTeam Pentesting discovered that the
GNCaster software has multiple bugs in its implementation of HTTP Digest
Authentication.
Details
=======
Core Security Technologies - Corelabs Advisory
http://corelabs.coresecurity.com/
ZOHO ManageEngine ADSelfService multiple vulnerabilities
1. *Advisory Information*
Title: ZOHO ManageEngine ADSelfService multiple vulnerabilities
Advisory ID: CORE-2011-0103
I dont know if its new but i code it during a PentTest and i would
like to share it with you.
It is based on code developed By sinhack research labs:
http://sinhack.net/URLFilteringEvasion/sakeru.tx
Description:
"Fortinet's URL blocking functionality can be bypassed by
specially-crafted HTTP requests that fulfill 3 factors:
1.- HTTP Requests are terminated by the CRLF characters.
Cisco Security Advisory: Vulnerability in Cisco IOS While Processing
SSL Packet
Advisory ID: cisco-sa-20080924-ssl
http://www.cisco.com/warp/public/707/cisco-sa-20080924-ssl.shtml
Revision 1.0
For Public Release 2008 September 24 1600 UTC (GMT)
Document ID: 105444
Advisory ID: cisco-sa-20080604-asa
http://www.cisco.com/warp/public/707/cisco-sa-20080604-asa.shtml
Revision 1.0
For Public Release 2008 June 04 1600 UTC (GMT)
Title: CA20090429-01: CA ARCserve Backup Apache HTTP Server
Multiple Vulnerabilities
CA Advisory Reference: CA20090429-01
CA Advisory Date: 2009-04-29
Next Page>>
|
