Next Page >>
Vulnerability Details
OPENNMS MULTIPLE VULNERABILITIES 1
Vendor 3
Application Description 3
OpenNMS HTTP Response Splitting Vulnerability 3
Vulnerability Information 3
Vulnerability Details 3
Proof-of-Concept 4
OpenNMS Cross-Site Scripting Vulnerabilities 5
Vulnerability Information 5
Vulnerability Details 5
Proof-of-Concept 5
Vulnerability Type: XSS (Cross Site Scripting)
Status: Fixed by Vendor
Risk level: Medium
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/index.php" script to properly sanitize user-supplied input in URL. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
: Vulnerability Type: SQL Injection
: Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
: Risk level: High
: Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
:
: Vulnerability Details:
: The vulnerability exists due to failure in the "/mail.php" script to properly sanitize user-supplied input in "id" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
:
: Attacker can use browser to exploit this vulnerability. The following PoC is available:
:
:
vulnerability by Digital Vaccine protection filter ID 9509.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary commands
on vulnerable installations of Hewlett-Packard Performance Insight.
Authentication is not required to exploit this vulnerability.
The specific flaw exists in the handling of requests to the helpmanager
Vulnerability Type: XSS (Сross Site Sсriрting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/_layouts/help.aspx" script to properly sanitize user-supplied input in "cid0" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
vulnerability by Digital Vaccine protection filter ID 6378.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of RealNetworks Helix Server. Authentication is
not required to exploit this vulnerability.
The specific flaw exists within the authentication provided by the
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "search/results" script to properly sanitize user-supplied input in "keyword" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
Vulnerability Type: SQL Injection
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Low
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "/admin/editArticle.php" script to properly sanitize user-supplied input in "id" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
Attacker can use browser to exploit this vulnerability. The following PoC is available:
http://host/admin/editArticle.php?id=1'+sql_code_here
vulnerability by Digital Vaccine protection filter ID 9685.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Adobe Shockwave. User interaction is
required to exploit this vulnerability in that the target must visit a
malicious page.
vulnerability by Digital Vaccine protection filter ID 8379.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows attackers to execute arbitrary code on
vulnerable installations of Microsoft's Remote Desktop Client.
Authentication is not required to exploit this vulnerability.
The specific flaw exists within mstscax.dll when parsing packets from an
Author : Lavakumar Kuppan - lavakumar[dot]in[at]gmail[dot]com
Advisory URL : http://www.lavakumar.com
Severity : High
Local/Remote : Remote
[Vulnerability Details]
Modsecurity is an Open source Web Application firewall which runs as an Apache
module. It has a comprehensive set of rules called 'ModSecurity Core
Rules' for common web application
attacks like SQL Injection, Cross-Site Scripting etc.
Oracle
-- Affected Products:
Oracle Secure Backup
-- Vulnerability Details:
This vulnerability allows remote attackers to inject arbitrary commands
on vulnerable installations of Oracle Secure Backup. User interaction is
not required to exploit this vulnerability but an attacker must be
authenticated.
VMWare, Inc. VMWare Player
VMWare, Inc. VMWare Workstation
VMWare, Inc. VMWare Server
VMWare, Inc. VMWare ACE
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of multiple VMWare products. User interaction
is required in that a user must visit a malicious web page or open a
malicious video file.
Oracle
-- Affected Products:
Oracle Secure Backup
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Oracle Secure Backup. Authentication is not
required to exploit this vulnerability.
The specific flaw exists in the Oracle Secure Backup Services daemon
Adobe
-- Affected Products:
Adobe Flash Player
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Adobe Flash Player. User interaction is
required in that a target must visit a malicious website.
The specific flaw exists within the code for parsing embedded image data
Microsoft
-- Affected Products:
Microsoft Internet Explorer
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Microsoft Internet Explorer. User
interaction is required to exploit this vulnerability in that the target
must visit a malicious page.
vulnerability by Digital Vaccine protection filter ID 9715.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Novell ZENworks. Authentication is not
required to exploit this vulnerability.
The specific flaw exists within the ZENworks Server (zenserver.exe).
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/login.php" script to properly sanitize user-supplied input in "txtusername" POST parameter. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
The integrated ITS is widely used among SAP implementations, being the Webgui service one of the most common services. This service provides access to
the SAP system through a SAPGUI HTML interface, enabling end-users to access the server through a regular Internet browser.
5. Vulnerability Details
========================
Due to the significant risk of this vulnerability to critical business solutions, Onapsis is not distributing technical details about it to the
general public at this moment in order to provide enough time to affected customers to patch their systems and protect against the exploitation of the
described vulnerability.
vulnerability by Digital Vaccine protection filter ID 9283.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Hewlett-Packard OpenView Network Node
Manager. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the ovutil.dll module which is loaded by
vulnerability by Digital Vaccine protection filter ID 9231.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Microsoft Office Excel. User interaction is
required to exploit this vulnerability in that the target must open a
malicious spreadsheet.
interface technologies of SAP and are based on the SAP Web Application
Server
(WebAS) Java.
5. Vulnerability Details
========================
The WebDynpro Runtime suffers from a Cross-Site Scripting / CSS
Injection vulnerability, which may enable remote attacks to perform
different kind of
Adobe
-- Affected Products:
Adobe Acrobat
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Adobe Acrobat and Adobe Reader. User
interaction is required to exploit this vulnerability in that the target
must visit a malicious web address or open a malicious file.
vulnerability by Digital Vaccine protection filter ID 6664.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Apple QuickTime. User interaction is
required to exploit this vulnerability in that the target must visit a
malicious page or open a malicious file.
vulnerability by Digital Vaccine protection filter ID 5783.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute code on vulnerable
installations of RealPlayer. User interaction is required in that a user
must open a malicious file or visit a malicious web site.
The specific flaw exists during the parsing of files with improperly
vulnerability by Digital Vaccine protection filter ID 8287.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerability installations of HP Application Recovery Manager.
Authentication is not required to exploit this vulnerability.
The specific flaw exists in the handling of requests to the OmniInet
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/admin/edit.php" script to properly sanitize user-supplied input in "pealkiri" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
An attacker can use browser to exploit this vulnerability. The following PoC is available:
(untested) Local Privilege Escalation
Notes: Tested on XP Sp0-Sp2 fixed faulting process IExplorer 6
======================
Vulnerability Details:
======================
Avast's aswRdr.sys Driver does not sanitize user supplied input
IOCTL) and this lead to Kernel Heap Overflow that propagates
on the system with a BSOD and potential risk of Privilege Escalation.
Oracle
-- Affected Products:
Oracle Secure Backup
-- Vulnerability Details:
This vulnerability allows remote attackers to bypass authentication on
vulnerable installations of Oracle Secure Backup. User interaction is
not required to exploit this vulnerability.
The specific flaw exists in the logic used to authenticate a user to the
vulnerability by Digital Vaccine protection filter ID 9610.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows attackers to deny services on vulnerable
installations of Sun Microsystems Directory Server. Authentication is
not required to exploit this vulnerability.
The specific flaw exists within Sun Directory Server's DSML-over-HTTP
Next Page>>
|
