Next Page >>
engine
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE
Application Control Engine Module and Cisco ACE 4710 Application
Control Engine
Document ID: 109450
Advisory ID: cisco-sa-20090225-ace
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE
Application Control Engine Module and Cisco ACE 4710 Application
Control Engine
Advisory ID: cisco-sa-20100811-ace
Revision 1.0
http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html
This bug was reported 4 years ago [1] to FRISK, the response at that
time has been that "a fix for this bug will be included in future
versions of F-Prot Antivirus". Fast forward 4 years the same error
still allow to bypass the engine.
[1] CVE-2005-3499
http://www.zoller.lu/research/fprot.htm
http://web.nvd.nist.gov/view/vuln/detail?execution=e3s1
Release mode: Coordinated but limited disclosure.
Ref : [TZO-21-2009] - F-prot CAB bypass / evasion
WWW : http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html
Vendor : http://www.f-prot.com
Status : Current version not patched, next engine version patched
Date unknown, vendor doesn't answer any longer.
CVE : none provided
Credit : none prodided
OSVDB vendor entry: none [1]
Security notification reaction rating : better thn last time
Release mode: Coordinated but limited disclosure.
Ref : [TZO-34-2009] - F-prot RAR,ARJ,LHA bypass
WWW : http://blog.zoller.lu/2009/05/advisory-f-prot-generic-evasion-rar.html
Vendor : http://www.f-prot.com
Status : Current version not patched, next engine version will be patched
CVE : none provided
Credit : Given in the history file
OSVDB vendor entry: none [1]
Security notification reaction rating : good
Notification to patch window : n+1 (no patch for current build)
Release mode: Coordinated but limited disclosure.
Ref : [TZO-20-2009] - AVG generic ZIP bypass / evasion
WWW : http://blog.zoller.lu/2009/04/avg-zip-evasion-bypass.html
Vendor : http://www.AVG.com
Status : Patched (with engine build 8.5 323)
CVE : none provided
Credit : t.b.a
OSVDB vendor entry: none [1]
Security notification reaction rating : good
Notification to patch window : +-28 days
Release mode: Coordinated but limited disclosure.
Ref : [TZO-33-2009] - F-prot TAR bypass / evasion
WWW : http://blog.zoller.lu/2009/06/advisory-frisk-f-prot-evasion-tar.html
Vendor : http://www.f-prot.com
Status : Current version not patched, next engine version will be patched
CVE : none provided
Credit : Given in the History file
OSVDB vendor entry: none [1]
Security notification reaction rating : better than last time
Notification to patch window : n+1 (no patch for current build)
Release mode: Coordinated but limited disclosure.
Ref : [TZO-33-2009] - F-prot TAR bypass / evasion
WWW : http://blog.zoller.lu/2009/06/advisory-frisk-f-prot-evasion-tar.html
Vendor : http://www.f-prot.com
Status : Current version not patched, next engine version will be patched
in version 4.5.0. Vendor didn't reply if said version is
now in ciculation.
CVE : none provided
Credit : Given in the History file
OSVDB vendor entry: none [1]
Title: CA20090126-01: CA Anti-Virus Engine Detection Evasion
Multiple Vulnerabilities
CA Advisory Reference: CA20090126-01
CA Advisory Date: 2009-01-26
CA Advisory Updated: May 12, 2009
Security notification reaction rating : Catastrophic (see Timeline)
Disclosure Policy :
http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html
Affected products : IBM Proventia engine (minimum 4.9.0.0.44 20081231
Official Release) other products using the engine are likely to be
affected too. As IBM has not cooperated in any way and I have better
things to do than to test IBM products for free I cannot state all
affected products, if you are an IBM/ISS customer please call IBM
support and request more details.
Title: CA20090126-01: CA Anti-Virus Engine Detection Evasion
Multiple Vulnerabilities
CA Advisory Reference: CA20090126-01
CA Advisory Date: 2009-01-26
http://labs.idefense.com/intelligence/vulnerabilities/
Feb 26, 2008
I. BACKGROUND
Symantec Scan Engine is a standalone Anti-Virus Engine that exposes a
scanning Application Programming Interface (API) directly to developers
who wish to integrate protection into their own custom applications.
More information is available on the vendor's site at the following
URL.
ESET NOD32 Antivirus 5.0.93.0, 5.0.94.0 and earlier
4.2.71.2 and earlier
4.0.x
AVAST 6.0.1289 Internet Security , engine 111011-2 and earlier
F-Prot Antivirus 6.0.9.5 , Scanning Engine 4.6.2
G-Data AntiVirus 2012 22.0.2.38, 22.0.9.1
(MFSA 2009-10)
CVE-2009-0352
It is possible to execute arbitrary code via vectors related to the
layout engine. (MFSA 2009-01)
CVE-2009-0353
It is possible to execute arbitrary code via vectors related to the
JavaScript engine. (MFSA 2009-01)
~~~~~~~~~~~~~
Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX,
designed especially for e-mail scanning on mail gateways. It provides
a number of utilities including a flexible and scalable multi-threaded
daemon, a command line scanner and advanced tool for automatic
database updates. The core of the package is an anti-virus engine
available in a form of shared library.
II. Description
~~~~~~~~~~~~~~~
The parsing engine can be bypassed by manipulating RAR archive in
#######################################################################
Luigi Auriemma
Application: Unreal engine
http://www.unrealtechnology.com
http://www.epicgames.com
Versions: this engine is used in many games like Unreal Tournament
2003 and 2004 (both vulnerables) and I have not tested
them all although I'm enough sure that almost all are
Summary
=======
The Cisco Internet Streamer application, part of the Cisco Content
Delivery System (Cisco CDS), contains a vulnerability in its web
server component that could cause the web server engine to crash when
processing specially crafted URLs.
Cisco has released free software updates that address this
vulnerability.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Denial of Service Vulnerabilities in Cisco
Intercompany Media Engine
Advisory ID: cisco-sa-20110824-ime
Revision 1.0
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01908935
Version: 1
HPSBUX02466 SSRT090192 rev.1 - HP-UX Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-10-21
Last Updated: 2009-10-21
Potential Security Impact: Remote Denial of Service (DoS), execution of arbitrary code
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), or execution of arbitrary code. Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
References: CVE-2007-4465, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.03 or v2.0.59.09 or earlier or Tomcat-based Servelet Engine v5.5.27.01 or earlier
Potential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, cross-site request forgery (CSRF)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, or cross-site request forgery (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
References: CVE-2007-6420, CVE-2008-1232, CVE-2008-1947, CVE-2008-2364, CVE-2008-2370, CVE-2008-2938, CVE-2008-2939, CVE-2008-3658
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.01.01 or v2.0.59.07.02 or earlier or Tomcat-based Servelet Engine v5.5.27.01 or earlier
#######################################################################
Luigi Auriemma
Application: Unreal engine 3
http://www.unrealtechnology.com
Versions: the bug affects various games which use the Unreal engine
3 like Unreal Tournament 3 1.3, Frontlines: Fuel of War
1.1.1 and so on
Turning Point: Fall of Liberty is NOT vulnerable
Affected Products:
CA Host-Based Intrusion Prevention System r8
CA Internet Security Suite 2007 (v3.2) with CA Personal Firewall
2007 (v9.1) Engine version 1.2.260 and below
CA Internet Security Suite 2008 (v4.0) with CA Personal Firewall
2008 (v10.0) Engine version 1.2.260 and below
CA Personal Firewall 2007 (v9.1) with Engine version 1.2.260 and
below
CA Personal Firewall 2008 (v10.0) with Engine version 1.2.260 and
http://labs.idefense.com/intelligence/vulnerabilities/
Feb 26, 2008
I. BACKGROUND
Symantec Scan Engine is a standalone Anti-Virus Engine that exposes a
scanning Application Programming Interface (API) directly to developers
who wish to integrate protection into their own custom applications.
More information is available on the vendor's site at the following
URL.
Advisory: Owl Intranet Engine: Information Disclosure and Unsalted Password Hashes
The Owl Intranet Engine uses no salting in the password hashing
procedure. Furthermore, users in the "Administrators" group are able to
see the MD5 password hashes of every user using the web interface.
Details
=======
Background
==========
Tremulous is a team-based FPS game with RTS elements. Its engine and
game logic are based on the GPL source release of the Quake III Arena
engine and game logic by id Software.
The de facto upstream developer of the Quake III engine is now another
fork, ioquake3; in particular, ioquake3 fixes many security
vulnerabilities present in the original Quake III Arena source release.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02241113
Version: 1
HPSBUX02541 SSRT100145 rev.1 - HP-UX Running Tomcat Servlet Engine, Remote Increase in Privilege, Arbitrary File
Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
CA20091008-01: Security Notice for CA Anti-Virus Engine
Issued: October 8, 2009
CA's support is alerting customers to multiple security risks
associated with CA Anti-Virus Engine. Vulnerabilities exist in
the arclib component that can allow a remote attacker to cause a
#######################################################################
Luigi Auriemma
Application: Unreal engine
http://www.unrealtechnology.com
Versions: the games which have been tested and resulted vulnerable
are Unreal Tournament 3 1.3, Unreal Tournament 2003 and
2004, Dead Man's Hand, Pariah, WarPath, Postal2, Shadow
Ops and possibly others.
Title: CA20090615-01: CA ARCserve Backup Message Engine Denial of
Service Vulnerabilities
CA Advisory Reference: CA20090615-01
CA Advisory Date: 2009-06-15
Next Page>>
|
