Security Labs
Successful exploitation of this vulnerability can result in a complete compromise of the target system. In an unsuccessful attack attempt, the vulnerable system may abnormally terminate.
4. Vulnerability Detection
TELUS Security Labs has confirmed the vulnerability in:
iSCSI Enterprise Project iscsitarget 1.4.20.1 and prior
SCST project iscsi-scst 1.0.1.1 and prior
tgt project tgt 1.0.5 and prior
The vulnerability is due to a boundary error in the IP Conduit Service, ZfHIPCND.exe. If a crafted packet is sent to the service on port 2400/TCP, it allocates a fixed size heap buffer and copies the client device information into it without validating the string size. This could be exploited by attackers to overflow the buffer and possibly execute arbitrary code with the privileges of the ZfHIPCND.exe service, by default SYSTEM.
4. Vulnerability Detection
TELUS Security Labs has confirmed the vulnerability in:
ZENworks Handheld Management 7.0 (ZfHIPCND.exe version 7.0.2.1029 Build 10/29/10)
5. Workaround
The Alert Management System (AMS) component of Symantec Antivirus Corporate Edition installs an alert handler service, HNDLRSVC, that listens for commands from the AMS server. This service does not perform proper input validation of the command arguments while parsing parameters in the AMSGetPastParamList function. Remote unauthenticated attackers could exploit this vulnerability by sending a crafted packet, with overly long parameter size values, via the MSGSYS.EXE service on port 38292/TCP.
4. Vulnerability Detection
TELUS Security Labs has confirmed the vulnerability in:
Symantec Antivirus Corporate Edition 10.1.8.8000
Symantec System Center 10.1.8.8000
5. Workaround
A remote unauthenticated attacker can exploit the vulnerability by enticing a target user to open a maliciously crafted XBM image file. A successful attack will result in arbitrary code executed on the target host with the privileges of the logged-on user. An unsuccessful attack can abnormally terminate the affected product.
4. Vulnerability Detection
TELUS Security Labs has confirmed the vulnerability in:
ACD Systems ACDSee Photo Editor 2008 build 286 and prior
ACD Systems ACDSee Photo Manager 8.1 build 99 and prior
ACD Systems ACDSee Photo Manager 9.0 build 108 and prior
The Alert Management System (AMS) component of Symantec Antivirus Corporate Edition installs an alert handler service, HNDLRSVC, that listens for commands from the AMS server. This service does not perform proper authentication checks before executing such commands. Remote unauthenticated attackers could exploit this vulnerability by sending a crafted packet via the MSGSYS.EXE service on port 38292/TCP. The Run Program command would allow executing arbitrary programs from a remote SMB share with SYSTEM privileges on the vulnerable system.
4. Vulnerability Detection
TELUS Security Labs has confirmed the vulnerability in:
Symantec Antivirus Corporate Edition 10.1.8.8000
Symantec System Center 10.1.8.8000
5. Workaround
----------------
Intruders Tiger Team Security (http://www.intruders.com.br/) is a
SecurityLabs (http://www.security.org.br) division.
The Intruders Tiger Team Security (ITTS) is a group of researchers
with more than 10 years of experience, specialized in the development
of penetration tests.
H - Security Labs
Eggblog v3.1.0 Security Advisory
ID : HSEC#20071111
General Information
--------------------------
Name : EggBlog v.3.1.0
Vendor HomePage :http://sourceforge.net/projects/eggblog/
Platforms : PHP && MySQL
Vulnerability Type : Input Validation Error
H - Security Labs
Tikiwiki v1.9.8.3 Security Advisory
ID : HSEC#20072212
General Information
--------------------------
Name : Tikiwiki 1.9.8.3
Vendor HomePage :http://tikiwiki.org
Platforms : PHP && MySQL
H - Security Labs
Falt4Extreme (RC4 10.9.2007) Security Report
ID : HSEC#20071012
General Information
--------------------------
Name : Falt4Extreme CMS (RC4 10.9.2007)
Vendor HomePage :http://sourceforge.net/projects/falt4/
Platforms : PHP && MySQL
Microsoft Office Excel Malformed Records Stack Buffer Overflow
TSL ID : FSC20090609-01
Reference: http://telussecuritylabs.com/threats/show/FSC20090609-01
1. Affected Software
Microsoft Office Excel 2000
Microsoft Office Excel 2002
Solution.
A patch is available from Adobe and is included in the next
release (9.4).
Discovered by.
Brett Gervasoni from Sense of Security Labs.
About us.
Sense of Security is a leading provider of information
security and risk management solutions. Our team has expert
skills in assessment and assurance, strategy and architecture,
Solution.
Apply the vendor patch.
Discovered by.
Sense of Security Labs.
About us.
Sense of Security is a leading provider of information
security and risk management solutions. Our team has expert
skills in assessment and assurance, strategy and architecture,
Solution.
Remove the script securimage_play.php and disable the use of the Audio
CAPTCHA.
Discovered by.
Phil Taylor from Sense of Security Labs.
About us.
Sense of Security is a leading provider of information security and
risk management solutions. Our team has expert skills in assessment
and assurance, strategy and architecture, and deployment through to
Solution.
=========
Upgrade to BackWPUp 2.1.5 of above.
Discovered by.
Phil Taylor from Sense of Security Labs.
About us.
Sense of Security is a leading provider of information security and risk
management solutions. Our team has expert skills in assessment and
assurance,
If you are participating in ISC's Beta or release candidate (RC) program,
please upgrade. ISC Beta/RC testers are expected to remove vulnerable
versions and upgrade. No security advisories are issued for beta / release
candidates once the corresponding final release is made.
Acknowledgement: ISC thanks Bryce Moore from TELUS Security Labs for
finding and reporting this issue.
Document Revision History
Version 1.0 - 14 June 2011: Phase One Disclosure Date
Solution.
Upgrade to the latest version of Apache HTTP Server (currently
2.2.15).
Discovered by.
Brett Gervasoni from Sense of Security Labs.
About us.
Sense of Security is a leading provider of information security and risk
management solutions. Our team has expert skills in assessment and
>
> Solution.
> Upgrade to version 1.7.1
>
> Discovered by.
> Phil Taylor - Sense of Security Labs.
>
> Sense of Security Pty Ltd
> Level 8, 66 King St
> Sydney NSW 2000
> AUSTRALIA
Upgrade to CuOM 8.6.
Refer to Cisco Bug IDs: CSCtn61716, CSCto12704, CSCto12712 and
CSCto35577 for information on patches and availability of fixes.
Discovered by.
Sense of Security Labs.
About us.
Sense of Security is a leading provider of information
security and risk management solutions. Our team has expert
skills in assessment and assurance, strategy and architecture,
Credit:
Robert Gilbert
Senior Consultant
HALOCK Security Labs, Purpose Driven Security(tm)
rgilbert [-at-] halock [-dot-] com
http://www.halock.com
http://blog.halock.com
Sense of Security has been advised that Elcom Technology has
patched all versions of CommunityManager.NET and notified all
clients.
Discovered by.
Sense of Security Labs.
About us.
Sense of Security is a leading provider of information
security and risk management solutions. Our team has expert
skills in assessment and assurance, strategy and architecture,
Solution.
Upgrade to version 1.7.1
Discovered by.
Phil Taylor - Sense of Security Labs.
Sense of Security Pty Ltd
Level 8, 66 King St
Sydney NSW 2000
AUSTRALIA
will no longer be updated, as he has rewritten the application and v2.0 is
now
the recommended release.
Discovered by.
Kaan Kivilcim - Sense of Security Labs.
About us.
Sense of Security is a leading provider of information
security and risk management solutions. Our team has expert
skills in assessment and assurance, strategy and architecture,
From: "chr1x" <chr1x@sectester.net>
Date: Fri, 29 Oct 2010 23:47:20
To: <full-disclosure@lists.grok.org.uk>; <websecurity@webappsec.org>
Cc: <webappsec@lists.securityfocus.com>; <bugtraq@securityfocus.com>
Subject: [WEB SECURITY] [TOOL] DotDotPwn v2.1 - The Directory Traversal Fuzzer
CubilFelino Security Research Lab and Chatsubo (IN) Security Labs
proudly present...
DotDotPwn v2.1 - The Directory Traversal Fuzzer
===============================================
Solution.
The vendor has advised that 'Patch 1084' is now available,
and should be applied to fix this issue.
Discovered by.
Karan Khosla - Sense of Security Labs.
About us.
Sense of Security is a leading provider of information
security and risk management solutions. Our team has expert
skills in assessment and assurance, strategy and architecture,
> From: "chr1x" <chr1x@sectester.net>
> Date: Fri, 29 Oct 2010 23:47:20
> To: <full-disclosure@lists.grok.org.uk>; <websecurity@webappsec.org>
> Cc: <webappsec@lists.securityfocus.com>; <bugtraq@securityfocus.com>
> Subject: [WEB SECURITY] [TOOL] DotDotPwn v2.1 - The Directory Traversal Fuzzer
> CubilFelino Security Research Lab and Chatsubo (IN) Security Labs
> proudly present...
>
> DotDotPwn v2.1 - The Directory Traversal Fuzzer
> ===============================================
>
Solution.
Upgrade to TC4.2 for the C series to fix validation issues.
Discovered by.
David Klein, Sense of Security Labs.
About us.
Sense of Security is a leading provider of information
security and risk management solutions. Our team has expert
skills in assessment and assurance, strategy and architecture,
* Philippe Langlois (P1 Telecom Security, PSP, TSTF, /tmp/lab)
* Moxie Marlinspike (Institute for Disruptive Studies)
* Karsten Nohl (deGate, Reflextor)
* Nicolas Thill (OpenWRT, /tmp/lab)
* Julien Tinnes (Google)
* Nicolas Ruff (EADS, Security Labs)
* Carlos Sarraute (CORE Security Technologies)
* Matthieu Suiche (Sandman, win32dd)
* Fyodor Yarochkin (TSTF, o0o.nu)
FEES
Solution.
Ask your ISP to obtain the latest firmware from NETGEAR and deploy it
to your device.
Discovered by.
Sense of Security Labs.
About us.
Sense of Security is a leading provider of information
security and risk management solutions. Our team has expert
skills in assessment and assurance, strategy and architecture,
|
