Next Page >>
Security Risk
===============================================================================
1. Insecure file upload in blog personal gallery
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Security risk: critical
Preconditions:
1. attacker must be registered user
2. attacker must have blog editing privileges
Registered users with blog keeping privileges can access personal gallery
Product: Owl Intranet Engine
Affected Versions: 1.01, possibly all older versions
Fixed Versions: none
Vulnerability Type: Information Disclosure, Unsalted Password Hashes
Security Risk: low
Vendor URL: http://owl.anytimecomm.com
Vendor Status: decided not to fix
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2011-006
Advisory Status: published
CVE: GENERIC-MAP-NOMATCH
Product: Geo++(R) GNCASTER
Affected Versions: <= 1.4.0.7
Fixed Versions: 1.4.0.8
Vulnerability Type: Memory corruption
Security Risk: medium
Vendor URL: http://www.geopp.de
Vendor Status: notified
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2010-002
Advisory Status: published
CVE: TBA
SugarCRM Professional
SugarCRM Enterprise
Affected Versions: <= 6.1.1
Fixed Versions: >= 6.1.3
Vulnerability Type: privilege restriction bypass
Security Risk: medium
Vendor URL: http://www.sugarcrm.com/crm/
Vendor Status: fixed version released
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2011-002
Advisory Status: published
CVE: CVE-2011-0745
Product: Bugzilla
Affected Versions: 2.17.1 to 3.4.12, 3.5.1 to 3.6.6, 3.7.1 to 4.0.2,
4.1.1 to 4.1.3
Fixed Versions: 3.4.13, 3.6.7, 4.0.3, 4.2rc1
Vulnerability Type: Cross Site Scripting
Security Risk: high
Vendor URL: http://www.bugzilla.org
Vendor Status: fixed version released
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2012-001
Advisory Status: published
CVE: CVE-2011-3657
Product: IceWarp eMail Server / WebMail Server
Affected Versions: 9.4.1
Fixed Versions: 9.4.2
Vulnerability Type: Cross Site Scripting
Security Risk: medium
Vendor URL: http://www.icewarp.com/
Vendor Status: notified, fixed version released
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2009-002
Advisory Status: published
CVE: CVE-2009-1467
ZyWALL USG-2000
Possibly other ZLD-based products
Affected Versions: Firmware Releases before April 25, 2011
Fixed Versions: Firmware Releases from or after April 25, 2011
Vulnerability Type: Client Side Authorization
Security Risk: medium
Vendor URL: http://www.zyxel.com/
Vendor Status: fixed version released
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2011-004
Advisory Status: published
CVE: GENERIC-MAP-NOMATCH
Product: IceWarp eMail Server / WebMail Server
Affected Versions: 9.4.1
Fixed Versions: 9.4.2
Vulnerability Type: Unauthorised System Message Manipulation
Security Risk: medium
Vendor URL: http://www.icewarp.com/
Vendor Status: notified, fixed version released
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2009-004
Advisory Status: published
CVE: CVE-2009-1469
Product: Papoo CMS
Affected Versions: 3.7.3 (older versions are probably also vulnerable)
Fixed Versions: 3.7.3 after applying vendor patch
Vulnerability Type: Code Execution
Security Risk: medium
Vendor URL: http://www.papoo.de
Vendor Status: notified, fixed version released
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2009-005
Advisory Status: published
CVE: TBA
Product: Geo++(R) GNCASTER
Affected Versions: <= 1.4.0.7
Fixed Versions: 1.4.0.8
Vulnerability Type: Memory corruption
Security Risk: high
Vendor URL: http://www.geopp.de
Vendor Status: notified
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2010-001
Advisory Status: published
CVE: TBA
Product: Owl Intranet Engine
Affected Versions: 1.00, possibly all older versions
Fixed Versions: 1.01
Vulnerability Type: Authentication Bypass
Security Risk: high
Vendor URL: http://owl.anytimecomm.com
Vendor Status: fixed version released
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2011-005
Advisory Status: published
CVE: GENERIC-MAP-NOMATCH
ZyWALL USG-2000
Possibly other ZLD-based products
Affected Versions: Firmware Releases before April 25, 2011
Fixed Versions: Firmware Releases from or after April 25, 2011
Vulnerability Type: Authentication Bypass
Security Risk: high
Vendor URL: http://www.zyxel.com/
Vendor Status: fixed version released
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2011-003
Advisory Status: published
CVE: GENERIC-MAP-NOMATCH
List of found vulnerabilities
===============================================================================
1. Remote Php Code Execution in "avatarlist.php"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Security risk: High
Reasons:
1. uninitialized arrays "patterns" and "replacements"
Preconditions:
1. attacker must be logged in as user
Product: IceWarp eMail Server / WebMail Server
Affected Versions: 9.4.1
Fixed Versions: 9.4.2
Vulnerability Type: Cross Site Scripting
Security Risk: high
Vendor URL: http://www.icewarp.com/
Vendor Status: notified, fixed version released
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2009-001
Advisory Status: published
CVE: CVE-2009-1467
Product: nostromo (nhttpd)
Affected Versions: <= 1.9.3
Fixed Versions: CVS 2011-03-03, 1.9.4
Vulnerability Type: directory traversal
Security Risk: high
Vendor URL: http://www.nazgul.ch/dev_nostromo.html
Vendor Status: patch available
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2011-001
Advisory Status: published
CVE: CVE-2011-0751
Product: IceWarp eMail Server / WebMail Server
Affected Versions: 9.4.1
Fixed Versions: 9.4.2
Vulnerability Type: SQL Injection
Security Risk: high
Vendor URL: http://www.icewarp.com/
Vendor Status: notified, fixed version released
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2009-003
Advisory Status: published
CVE: CVE-2009-1468
Product: Geo++(R) GNCASTER
Affected Versions: <= 1.4.0.7
Fixed Versions: 1.4.0.8
Vulnerability Type: Various types
Security Risk: low
Vendor URL: http://www.geopp.de
Vendor Status: notified
Advisory URL: http://www.redteam-pentesting.de/advisories/rt-sa-2010-003
Advisory Status: published
CVE: TBA
Product: Mapbender
Affected Versions: 2.4.4 (verified), probably older versions, too
Fixed Versions: 2.4.5 rc1
Vulnerability Type: SQL-Injection
Security-Risk: high
Vendor-URL: http://www.mapbender.org
Vendor-Status: informed, fixed version released
Advisory-URL: http://www.redteam-pentesting.de/advisories/rt-sa-2008-002.php
Advisory-Status: public
CVE: CVE-2008-0301
Product: Alcatel-Lucent OmniPCX
Affected Versions: All versions up to and including R7.1
Fixed Versions: All supported versions
Vulnerability Type: Remote Command Execution
Security-Risk: high
Vendor-URL: http://www1.alcatel-lucent.com/psirt/statements.htm
reference number 2007002
Vendor-Status: Informed, patch available
Advisory-URL: http://www.redteam-pentesting.de/advisories/rt-sa-2007-001.php
Advisory-Status: public
#
# Home : http://Black-hg.Org - http://IrIsT.Ir
#
# Software Link : http://wordpress.org/extend/plugins/wpsc-mijnpress/
#
# Security Risk : High
#
# Version : All Version
#
# Tested on : GNU/Linux Ubuntu - Windows Server - win7
#
>
>
>
>
>
> Security Risk
>
> =============
>
> Linksys WRT54GL is prone to an authentication-bypass vulnerability. Reportedly, the device permits changes in its configuration settings without requring authentication (CSRF).
>
CVE: CVE-2007-6420
CVE-2007-6421
CVE-2007-6422
CVE-2007-6423
SecurityRisk: Low
Affected Software: Apache 2.2.x (mod_proxy_balancer)
Advisory URL:
http://securityreason.com/achievement_securityalert/48
Vendor: http://httpd.apache.org
============
Mambo CMS is a popular Content Management System.
Security Risk
=============
It is possible to manipulate administrator interface cookies, which may be used to impersonate a legitimate user, allowing the attacker to view or alter user records, and to perform transactions as that user.
The Cookie variable can be set to a malicious and arbitrary value which can lead to session hijacking and privilege escalation attack.
Possible Causes
#
# Home : http://Black-hg.Org - http://IrIsT.Ir
#
# Software Link : http://wordpress.org/extend/plugins/taggator/
#
# Security Risk : High
#
# Version : All Version
#
# Tested on : GNU/Linux Ubuntu - Windows Server - win7
#
============
The Linksys Wireless-G Broadband Router is really three devices in one box. First, there's the Wireless Access Point, which lets you connect both screaming fast Wireless-G (802.11g at 54Mbps) and Wireless-B (802.11b at 11Mbps) devices to the network. There's also a built-in 4-port full-duplex 10/100 Switch to connect your wired-Ethernet devices together. Connect four PCs directly, or attach more hubs and switches to create as big a network as you need. Finally, the Router function ties it all together and lets your whole network share a high-speed cable or DSL Internet connection.
Security Risk
=============
Linksys WRT54GL is prone to an authentication-bypass vulnerability. Reportedly, the device permits changes in its configuration settings without requring authentication (CSRF).
>
>
>
>
>
> Security Risk
>
> =============
>
> Linksys WRT54GL is prone to an authentication-bypass vulnerability. Reportedly, the device permits changes in its configuration settings without requring authentication (CSRF).
>
============
Joomla CMS is a popular Content Management System.
Security Risk
=============
It is possible to manipulate administrator interface cookies, which may be used to impersonate a legitimate user, allowing the attacker to view or alter user records, and to perform transactions as that user.
The Cookie variable can be set to a malicious and arbitrary value which can lead to session hijacking and privilege escalation attack.
Possible Causes
#
# Home : http://IrIsT.Ir
#
# Software Link : http://vbulletin.com
#
# Security Risk : High
#
# Version : All Version
#
# Tested on : GNU/Linux Ubuntu - Windows Server - win7
#
Title: OpenCart CSRF Vulnerability
Advisory URL:
http://blog.visionsource.org/2010/01/28/opencart-csrf-vulnerability/
Date published: 2010-01-28
Vendors contacted: OpenCart
Security Risk: High
Vulnerability Description:
OpenCart is vulnerable to CSRF attacks using the POST method. It is possible to craft a malicious page that will create an administrator user when the victim, who is logged into OpenCart, visits the malicious page.
CA20090818-02: Security Notice for CA Internet Security Suite
Issued: August 18, 2009
CA's technical support is alerting customers to a security risk with
CA Internet Security Suite. A vulnerability exists that can allow a
local attacker to cause a denial of service. CA has issued updates
to address the vulnerability.
The vulnerability, CVE-2009-0682, is due to insufficient verification
Next Page>>
|
