New User, Welcome!     Login

Next Page >>

Revision History

Zabbix Server : Multiple remote vulnerabilities

Patched version : 1.8

Faulty source code : function node_process_command() in
zabbix_server/trapper/nodecommand.c

Changelog entry : fixed security vulnerability in server allowing remote
unauthenticated users to execute scripts

        [Zabbix Server : Remote SQL execution]

Impacted software : Zabbix Server

TS-2007-002-0: BlueCat Networks Adonis root Privilege Access

  Impact
  Exploit
  Workarounds
  Obtaining Patched Software
  Credits
  Revision History

Summary
-------

  Template Security has discovered a serious user input

TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation

  Impact
  Exploit
  Workarounds
  Obtaining Patched Software
  Credits
  Revision History

Summary
-------

  Template Security has discovered a root privilege escalation

TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability

  Impact
  Exploit
  Workarounds
  Obtaining Patched Software
  Credits
  Revision History

Summary
-------

  Template Security has discovered a serious Denial of Service

Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+---------------------------------------+
| Revision |                 | Initial  |
| 1.0      | 2009-October-14 | public   |

AST-2008-011: Traffic amplification in IAX2 firmware provisioning system

   | http://downloads.digium.com/pub/security/AST-2008-011.pdf and          |
   | http://downloads.digium.com/pub/security/AST-2008-011.html             |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                            Revision History                            |
   |------------------------------------------------------------------------|
   |      Date       |       Editor       |         Revisions Made          |
   |-----------------+--------------------+---------------------------------|
   | July 22, 2008   | Tilghman Lesher    | Initial release                 |
   |-----------------+--------------------+---------------------------------|

Cisco Security Advisory: Cisco IOS Software Firewall Application Inspection Control Vulnerability

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+----------------------------------------+
| Revision |                   | Initial |
| 1.0      | 2008-September-24 | public  |

Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+----------------------------------------+
| Revision |                   | Initial |
| 1.0      | 2008-September-24 | public  |

AST-2008-006 - 3-way handshake in IAX2 incomplete

   | http://downloads.digium.com/pub/security/AST-2008-006.pdf and          |
   | http://downloads.digium.com/pub/security/AST-2008-006.html             |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                            Revision History                            |
   |------------------------------------------------------------------------|
   |        Date         |        Editor        |      Revisions Made       |
   |---------------------+----------------------+---------------------------|
   | April 22, 2008      | Tilghman Lesher      | Initial release           |
   +------------------------------------------------------------------------+

Cisco Security Advisory: Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+---------------------------------------+
| Revision |              | Initial     |
| 1.0      | 2010-July-07 | public      |

Cisco Security Advisory: Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+---------------------------------------+
| Revision |               | Initial    |
| 1.0      | 2008-March-26 | public     |

Cisco Security Advisory: Cisco Voice Portal Privilege Escalation Vulnerability

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on mailing
lists or newsgroups. Users concerned about this problem are encouraged
to check the above URL for any updates.

Revision History
================

+------------------------------------------------------------+
| Revision 1.0   | 2008-May-21  | Initial public release.    |
+------------------------------------------------------------+

AST-2007-021: Crash from invalid/corrupted MIME bodies when using voicemail with IMAP storage

   | http://downloads.digium.com/pub/asa/AST-2007-021.pdf and               |
   | http://downloads.digium.com/pub/asa/AST-2007-021.html.                 |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                            Revision History                            |
   |------------------------------------------------------------------------|
   |         Date         |       Editor        |      Revisions Made       |
   |----------------------+---------------------+---------------------------|
   | August 24, 2007      | Mark Michelson      | Initial Release           |
   +------------------------------------------------------------------------+

Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+---------------------------------------+
| Revision |                | Initial   |
| 1.0      | 2010-August-25 | public    |

TWSL2011-006: IBM Web Application Firewall Bypass

Remediation Steps:
IBM has released fixes to the above issue in the "Super Tuesday" patch
released in June. Refer to the references section of the advisory for
further information released by IBM.

Revision History:
04/07/11 - Vulnerability disclosed
06/16/11 - Patch released
06/21/11 - Advisory published

References:

AST-2011-011: Possible enumeration of SIP users due to differing authentication responses

   | http://downloads.digium.com/pub/security/AST-2011-011.pdf and          |
   | http://downloads.digium.com/pub/security/AST-2011-011.html             |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                            Revision History                            |
   |------------------------------------------------------------------------|
   |        Date        |       Editor        |       Revisions Made        |
   |--------------------+---------------------+-----------------------------|
   +------------------------------------------------------------------------+

Symantec Product Security: Symantec Device Driver Local Elevation of Privilege

SYM07-024 
September 05, 2007 
Symantec SYMTDI.SYS Device Driver Local Denial of Service 
Revision History: None 

Risk Impact: Low 

Remote Access: No 
Local Access: Yes 
Authentication Required: Yes, to the local system

Cisco Security Advisory: Cisco IOS Software Border Gateway Protocol 4-Byte Autonomous System Number Vulnerabilities

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+-------------------------------------------------------------------+
| Revision 1.0   | 2009-July-29 1600    | Initial public release    |
+-------------------------------------------------------------------+

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Digital Media Manager

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on mailing
lists or newsgroups. Users concerned about this problem are encouraged
to check the above URL for any updates.

Revision History
================

+------------------------------------------------------------+
| Revision 1.0  | 2010-March-03  | Initial public release.   |
+------------------------------------------------------------+

AST-2011-004:

   http://downloads.digium.com/pub/security/AST-2011-004.pdf and              
   http://downloads.digium.com/pub/security/AST-2011-004.html                 

    

   Revision History       
   Date                   Editor                   Revisions Made             
   2011-03-14             Terry Wilson             Initial release

Cisco Security Advisory: Cisco IOS IPS Denial of Service Vulnerability

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+----------------------------------------+
| Revision |                   | Initial |
| 1.0      | 2008-September-24 | public  |

Exim security issue in historical release

releases. The exim-announce list [2] is a low-volume moderated list
which announces new releases.

We regret that the full impact of the problem fixed in 4.70 was not
appreciated and that we did not draw more attention to it than the
ChangeLog notice "Potential buffer overflow in string_format". With
more pro-active notification on our part, vendors who package old
releases and backport minimal fixes may have included this fix too.

We expect that the 4.73 release of Exim will include changes that
protect against the privilege escalation seen in the exploit. Some

Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+---------------------------------------+
| Revision |               | Initial    |
| 1.0      | 2011-March-30 | public     |

Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+---------------------------------------+
| Revision |               | Initial    |
| 1.0      | 2011-March-30 | public     |

AST-2011-006: Asterisk Manager User Shell Access

   This document may be superseded by later versions; if so, the latest       
   version will be posted at                                                  
   http://downloads.digium.com/pub/security/AST-2011-006.pdf and              
   http://downloads.digium.com/pub/security/AST-2011-006.html                 

                                Revision History
          Date                 Editor                  Revisions Made         
   4/21/11            Matthew Nicholson        Initial version                

               Asterisk Project Security Advisory - AST-2011-006
              Copyright (c) 2011 Digium, Inc. All Rights Reserved.

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Agent

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+----------------------------------------+
| Revision |                  | Initial  |
| 1.0      | 2010-February-17 | public   |

Cisco Security Advisory: Vulnerabilities in Cisco Video Surveillance Products

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+---------------------------------------+
| Revision |              | Initial     |
| 1.0      | 2009-June-24 | public      |

TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)

Vendor Communication Timeline:
08/30/10 - Vulnerability disclosed
01/21/11 - Patch Released
02/04/11 - Advisory Published

Revision History:
1.0 Initial publication

References
1. http://www.smc.com/index.cfm?event=viewProduct&pid=1678

Cisco Security Advisory: Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
================

+---------------------------------------+
| Revision |                | Initial   |
| 1.0      | 2009-August-18 | public    |

[ MDVSA-2009:110 ] squirrelmail

 (XSS) attacks to be run by surreptitious placement of content in
 specially-crafted emails sent to SquirrelMail users (CVE-2009-1581).
 
 Additionally many of the bundled plugins has been upgraded. Basically
 this is a syncronization with the latest squirrelmail package found
 in Mandriva Cooker. The rpm changelog will reveal all the changes
 (rpm -q --changelog squirrelmail).
 
 The updated packages have been upgraded to the latest version of
 squirrelmail to prevent this.
 _______________________________________________________________________
Next Page>>

Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!