Next Page >>
Note
CVE-2011-4161 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
Note: For further information on Secure Printing and Imaging please refer to http://www.hp.com/go/secureprinting
Remote Firmware Update (RFU): The Remote Firmware Update (RFU) feature is enabled by default. A firmware update can be sent remotely to port 9100 without authentication. This could allow unauthorized modification of the device firmware. The unauthorized firmware could impact the confidentiality and integrity of data sent to and received from the device. The unauthorized firmware could also cause a Denial of Service (DoS) to the device.
RESOLUTION
VMware ESX 3.0.0 Download Patch Bundle ESX-4809553
http://www.vmware.com/support/vi3/doc/esx-4809553-patch.html
md5sum cd363526aab5fa6c45bf2509cb5ae500
NOTE: ESX 3.0.0 is nearing its End-of-life (10/05/2007) users
should upgrade to at least 3.0.1 and preferably the newest
release available.
VMware ESX 2.5.4 upgrade to patch 10 (Build# 53326)
VMware ESX 2.5.3 upgrade to patch 13 (Build# 52488)
structure your time however you see fit. If you think your
presentation will run longer, or have any special requirements, please
include this information in your submission and we will do our best to
accommodate you.
Note: If the presentation is based upon code or a particular
technique, the presenter must be one of the developers of the code or
technique and be prepared to perform a demonstration.
We look forward to reviewing your submissions, and anticipate another
great line-up for this year's conference. Once again, if you have any
vulnerabilities.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa
Note: The Cisco Catalyst 6500 Series Firewall Services Module (FWSM)
may be affected by some of the vulnerabilities above. A separate Cisco
Security Advisory has been published to disclose the vulnerabilities
that affect the Cisco FWSM.
The FWSM advisory is available at:
Workarounds that mitigate this vulnerability are available.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20080924-l2tp.shtml
Note: The September 24, 2008 IOS Advisory bundled publication
includes twelve Security Advisories. Eleven of the advisories address
vulnerabilities in Cisco's IOS software, and one advisory addresses
vulnerabilities in Cisco Unified Communications Manager. Each
Advisory lists the releases that correct the vulnerability described
in the Advisory. Please reference the following software table to
The first four vulnerabilities may lead to a denial of service (DoS)
condition and the fifth vulnerability may allow an attacker to bypass
control-plane access control lists (ACL).
Note: These vulnerabilities are independent of each other. A device
may be affected by one vulnerability and not affected by another.
Cisco has released free software updates that address these
vulnerabilities. Workarounds that mitigate some of these
vulnerabilities are available.
* SIP inspection DoS vulnerability
Cisco has released free software updates for affected customers.
Workarounds that mitigate some of the vulnerabilities are available.
Note: These vulnerabilities are independent of each other. A device
may be affected by one vulnerability and not affected by another.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20100811-ace.shtml
Unicenter ServicePlus Service Desk r11.2
Unicenter Software Delivery r11.1
Unicenter Software Delivery r11.2
Unicenter Workload Control Center r11
Apply the update below that is listed for your platform (note that
URLs may wrap):
AIX [3.0.3 (r64.us5/211)]
ftp://ftp.ca.com/CAproducts/ips/MDB/Generic_Ingres/Patches/r3/patch-3.0.3.211.12833-r64-us5.tar.z
* Two denial of service (DoS) vulnerabilities
* Three privilege escalation vulnerabilities
* Two access control list (ACL) bypass vulnerabilities
Note: These vulnerabilities are independent of one another. A device
may be affected by one vulnerability and not affected by another.
Cisco has released free software updates that address these
vulnerabilities.
To determine the WLC version that is running in a given environment,
use one of the following methods:
* In the web interface, choose the Monitor tab, click Summary in
the left pane, and note the Software Version field.
Note: Customers who use a WLC Module in an Integrated Services
Router (ISR) will need to issue the service-module
wlan-controller 1/0 session command prior to performing the next
step on the command line. Customers who use a Cisco Catalyst
* Cisco 4100 Series Wireless LAN Controllers
* Cisco Catalyst 6500 Series/7600 Series Wireless Services Module
(WiSM)
* Cisco Catalyst 3750 Series Integrated Wireless LAN Controllers
Note: The Cisco Wireless LAN Controller Modules supported on Cisco
2800 and 3800 series Integrated Services Routers are not vulnerable.
The Cisco 2000 and 2100 Series Wireless LAN Controllers are also not
affected by this vulnerability.
Privilege Escalation Vulnerability
$ curl
"http://test/openauto/xml_zone_data.php?filter=1%20union%20select%20concat(0x0a,user,0x3a,pass,0x3a,0x0a)%20from%20users"
| grep ":" | sort -u
This will give you the usernames and passwords in a standard unix passwd
format. Note that the raw MD5 hashes are salted with a suffix of _a*"
8.3.2 Fix
Vendor note:
Improper int check for $filter
Fix: Change line 31 of xml_zone_data.php to "$country_id =
* Windows NT Domain Authentication Bypass Vulnerability
* IPv6 Denial of Service Vulnerability
* Crypto Accelerator Memory Leak Vulnerability
Note: These vulnerabilities are independent of each other. A device may
be affected by one vulnerability and not affected by another.
Cisco has released free software updates that address these
vulnerabilities. Workarounds that mitigate some of these
vulnerabilities are available.
| Escalation Through Default | to but not | |
| cvpnd.exe File Permissions | including | |
| | 5.0.01.0600 | |
+----------------------------------------------------------------+
Note: The VPN Client for Windows software is distributed as both a
Microsoft Installer (MSI) package and an InstallShield (IS) package. Only
the MSI package for version 5.0.01.0600 of the VPN Client contains the fix
for the "Local Privilege Escalation Through Default cvpnd.exe File
Permissions" vulnerability. The IS package does not contain the fix for
that vulnerability and has been removed from http://www.cisco.com.
vulnerabilities.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20110928-sip.shtml.
Note: The September 28, 2011, Cisco IOS Software Security Advisory
bundled publication includes ten Cisco Security Advisories. Nine of the
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the Cisco IOS Software releases that
correct the vulnerability or vulnerabilities detailed in the advisory as
/index.php?module=Potentials&action=ListView&date_closed=2006-01'><script>alert(1)</script>&sales_stage=Other&query=true&type=dbrd&owner=admin&viewname=10
Parameter: day
Note: Move your mouse over the input text box 'pagenum' , "1" of "1"
/index.php?action=index&module=Calendar&view=week&hour=0&day=5%27%29%22%20%20onmouseover%3d%22alert%28/XSS/)%22%20x
Parameter: month
Cisco ASA or Cisco PIX security appliances that are configured for IPsec
or SSL-based remote access VPN and have the Override Account Disabled
feature enabled are affected by this vulnerability.
Note: The Override Account Disabled feature was introduced in Cisco
ASA software version 7.1(1). Cisco ASA and PIX software versions 7.1,
7.2, 8.0, and 8.1 are affected by this vulnerability. This feature is
disabled by default.
Crafted HTTP Packet DoS Vulnerability
Content-Type header and
the "magic" signature at the beginning contradict or when the
Content-Type header
is unknown. In that case, IE will try to establish the content type and can be
tricked into assuming text/html by placing certain HTML tags within the first
255 bytes of the file. Note that such files can be valid image files
despite their
HTML payload.
A frequent example for unknown content-types is "image/bmp", which is created by
PHP's (< 5.3.0) getimagesize API function[4].
This is - the obvious XSS issue aside - used for phishing attachs[3].
available.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20080924-ipc.shtml
Note: The September 24, 2008 IOS Advisory bundled publication
includes twelve Security Advisories. Eleven of the advisories address
vulnerabilities in Cisco's IOS^ software, and one advisory addresses
vulnerabilities in Cisco Unified Communications Manager. Each
Advisory lists the releases that correct the vulnerability described
in the Advisory. Please reference the following software table to
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20100804-asa.shtml
Note: The Cisco Firewall Services Module (FWSM) is affected by the
SunRPC DoS vulnerabilities. A separate Cisco Security Advisory has
been published to disclose the vulnerabilities that affect the FWSM.
This advisory is available at:
http://www.cisco.com/warp/public/707/cisco-sa-20100804-fwsm.shtml
Unspecified vulnerability in the Java Runtime Environment (JRE)
in Oracle Java SE and Java for Business 6 Update 23 and earlier,
5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote
untrusted Java Web Start applications and untrusted Java applets to
affect integrity via unknown vectors related to Networking. NOTE: the
previous information was obtained from the February 2011 CPU. Oracle
has not commented on claims from a downstream vendor that this issue
involves DNS cache poisoning by untrusted applets. (CVE-2010-4448)
Unspecified vulnerability in the Java Runtime Environment (JRE)
There are no workarounds that mitigate this vulnerability.
This advisory is posted at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111019-cs
Note:Effective October 18, 2011, Cisco moved the current list of
Cisco Security Advisories and Responses published by Cisco PSIRT. The
new location is:
http://tools.cisco.com/security/center/publicationListing
You can also navigate to this page from the Cisco
Products and Services menu of the Cisco Security Intelligence
HP has made archive files available to resolve the vulnerability for NNM v7.53. The archive files require that certain patches be installed first.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
The archive files are available using ftp.
Host
Account
HP has made archive files available to resolve the vulnerability for NNM v7.53. The archive files require that certain patches be installed first.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
The archive files are available using ftp.
Host
Account
Cisco has released free software updates available for affected
customers. Workarounds that mitigate some of the vulnerabilities are
available.
Note: These vulnerabilities are independent of each other. A device
may be affected by one vulnerability and not affected by another.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20090225-ace.shtml
ESX-1004189
VMware ESX 2.5.5 without update patch 8
VMware ESX 2.5.4 without update patch 19
NOTES: Hosted products VMware Workstation 5.x, VMware Player 1.x,
and VMware ACE 1.x will reach end of general support
2008-11-09. Customers should plan to upgrade to the latest
version of their respective products.
ESX 3.0.1 is in Extended Support and its end of extended
products. Only SNMPv3 is impacted by these vulnerabilities.
Workarounds are available for mitigating the impact of the
vulnerabilities described in this document.
The United States Computer Emergency Response Team (US-CERT) has
assigned Vulnerability Note VU#878044 to these vulnerabilities.
Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-0960
has also been assigned to these vulnerabilities.
This advisory is posted at
vulnerabilities.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml
Note: The September 22, 2010, Cisco IOS Software Security Advisory
bundled publication includes six Cisco Security Advisories. Five of
the advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses vulnerabilities in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The table
Cisco has released free software updates that address these
vulnerabilities. Workarounds are available for the vulnerabilities
disclosed in this advisory.
Note: These vulnerabilities are independent of each other. A device
may be affected by one vulnerability and not affected by another.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20100804-fwsm.shtml
HP Data Protector Express 3.x and HP Data Protector Express SSE 3.x prior to build 47065
HP Data Protector Express 4.x and HP Data Protector Express SSE 4.x prior to build 46537
running on all supported versions of Microsoft Windows, Linux, and Novell NetWare.
Note: The supported versions of Microsoft Windows, Linux, and Novell NetWare are listed below.
Note: Users can identify the build number by clicking on 'Help' and then 'About'.
BACKGROUND
Next Page>>
|
