Next Page >>
engineering
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE
Application Control Engine Module and Cisco ACE 4710 Application
Control Engine
Document ID: 109450
Advisory ID: cisco-sa-20090225-ace
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE
Application Control Engine Module and Cisco ACE 4710 Application
Control Engine
Advisory ID: cisco-sa-20100811-ace
Revision 1.0
http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html
This bug was reported 4 years ago [1] to FRISK, the response at that
time has been that "a fix for this bug will be included in future
versions of F-Prot Antivirus". Fast forward 4 years the same error
still allow to bypass the engine.
[1] CVE-2005-3499
http://www.zoller.lu/research/fprot.htm
http://web.nvd.nist.gov/view/vuln/detail?execution=e3s1
Release mode: Coordinated but limited disclosure.
Ref : [TZO-21-2009] - F-prot CAB bypass / evasion
WWW : http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html
Vendor : http://www.f-prot.com
Status : Current version not patched, next engine version patched
Date unknown, vendor doesn't answer any longer.
CVE : none provided
Credit : none prodided
OSVDB vendor entry: none [1]
Security notification reaction rating : better thn last time
Release mode: Coordinated but limited disclosure.
Ref : [TZO-34-2009] - F-prot RAR,ARJ,LHA bypass
WWW : http://blog.zoller.lu/2009/05/advisory-f-prot-generic-evasion-rar.html
Vendor : http://www.f-prot.com
Status : Current version not patched, next engine version will be patched
CVE : none provided
Credit : Given in the history file
OSVDB vendor entry: none [1]
Security notification reaction rating : good
Notification to patch window : n+1 (no patch for current build)
Release mode: Coordinated but limited disclosure.
Ref : [TZO-20-2009] - AVG generic ZIP bypass / evasion
WWW : http://blog.zoller.lu/2009/04/avg-zip-evasion-bypass.html
Vendor : http://www.AVG.com
Status : Patched (with engine build 8.5 323)
CVE : none provided
Credit : t.b.a
OSVDB vendor entry: none [1]
Security notification reaction rating : good
Notification to patch window : +-28 days
time to investigate and fix the bugs. Vendor requests GPG key of Core's
security Advisories team.
. 2009-01-12:
Core agrees to postpone the advisory publication but asks the vendor for
a feedback of their engineering team as soon as possible in order to
coordinate the release date of fixes and security advisories.
. 2009-01-21:
Core asks the vendor an estimated date for the release of patches and
fixes.
Release mode: Coordinated but limited disclosure.
Ref : [TZO-33-2009] - F-prot TAR bypass / evasion
WWW : http://blog.zoller.lu/2009/06/advisory-frisk-f-prot-evasion-tar.html
Vendor : http://www.f-prot.com
Status : Current version not patched, next engine version will be patched
CVE : none provided
Credit : Given in the History file
OSVDB vendor entry: none [1]
Security notification reaction rating : better than last time
Notification to patch window : n+1 (no patch for current build)
Release mode: Coordinated but limited disclosure.
Ref : [TZO-33-2009] - F-prot TAR bypass / evasion
WWW : http://blog.zoller.lu/2009/06/advisory-frisk-f-prot-evasion-tar.html
Vendor : http://www.f-prot.com
Status : Current version not patched, next engine version will be patched
in version 4.5.0. Vendor didn't reply if said version is
now in ciculation.
CVE : none provided
Credit : Given in the History file
OSVDB vendor entry: none [1]
Title: CA20090126-01: CA Anti-Virus Engine Detection Evasion
Multiple Vulnerabilities
CA Advisory Reference: CA20090126-01
CA Advisory Date: 2009-01-26
Title: CA20090126-01: CA Anti-Virus Engine Detection Evasion
Multiple Vulnerabilities
CA Advisory Reference: CA20090126-01
CA Advisory Date: 2009-01-26
CA Advisory Updated: May 12, 2009
Security notification reaction rating : Catastrophic (see Timeline)
Disclosure Policy :
http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html
Affected products : IBM Proventia engine (minimum 4.9.0.0.44 20081231
Official Release) other products using the engine are likely to be
affected too. As IBM has not cooperated in any way and I have better
things to do than to test IBM products for free I cannot state all
affected products, if you are an IBM/ISS customer please call IBM
support and request more details.
http://labs.idefense.com/intelligence/vulnerabilities/
Feb 26, 2008
I. BACKGROUND
Symantec Scan Engine is a standalone Anti-Virus Engine that exposes a
scanning Application Programming Interface (API) directly to developers
who wish to integrate protection into their own custom applications.
More information is available on the vendor's site at the following
URL.
(MFSA 2009-10)
CVE-2009-0352
It is possible to execute arbitrary code via vectors related to the
layout engine. (MFSA 2009-01)
CVE-2009-0353
It is possible to execute arbitrary code via vectors related to the
JavaScript engine. (MFSA 2009-01)
~~~~~~~~~~~~~
Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX,
designed especially for e-mail scanning on mail gateways. It provides
a number of utilities including a flexible and scalable multi-threaded
daemon, a command line scanner and advanced tool for automatic
database updates. The core of the package is an anti-virus engine
available in a form of shared library.
II. Description
~~~~~~~~~~~~~~~
The parsing engine can be bypassed by manipulating RAR archive in
#######################################################################
Luigi Auriemma
Application: Unreal engine
http://www.unrealtechnology.com
http://www.epicgames.com
Versions: this engine is used in many games like Unreal Tournament
2003 and 2004 (both vulnerables) and I have not tested
them all although I'm enough sure that almost all are
Summary
=======
The Cisco Internet Streamer application, part of the Cisco Content
Delivery System (Cisco CDS), contains a vulnerability in its web
server component that could cause the web server engine to crash when
processing specially crafted URLs.
Cisco has released free software updates that address this
vulnerability.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Denial of Service Vulnerabilities in Cisco
Intercompany Media Engine
Advisory ID: cisco-sa-20110824-ime
Revision 1.0
Affected Products:
CA Host-Based Intrusion Prevention System r8
CA Internet Security Suite 2007 (v3.2) with CA Personal Firewall
2007 (v9.1) Engine version 1.2.260 and below
CA Internet Security Suite 2008 (v4.0) with CA Personal Firewall
2008 (v10.0) Engine version 1.2.260 and below
CA Personal Firewall 2007 (v9.1) with Engine version 1.2.260 and
below
CA Personal Firewall 2008 (v10.0) with Engine version 1.2.260 and
Potential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, cross-site request forgery (CSRF)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, or cross-site request forgery (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
References: CVE-2007-6420, CVE-2008-1232, CVE-2008-1947, CVE-2008-2364, CVE-2008-2370, CVE-2008-2938, CVE-2008-2939, CVE-2008-3658
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.01.01 or v2.0.59.07.02 or earlier or Tomcat-based Servelet Engine v5.5.27.01 or earlier
#######################################################################
Luigi Auriemma
Application: Unreal engine 3
http://www.unrealtechnology.com
Versions: the bug affects various games which use the Unreal engine
3 like Unreal Tournament 3 1.3, Frontlines: Fuel of War
1.1.1 and so on
Turning Point: Fall of Liberty is NOT vulnerable
Potential Security Impact: Remote Denial of Service (DoS), execution of arbitrary code
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), or execution of arbitrary code. Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
References: CVE-2007-4465, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.03 or v2.0.59.09 or earlier or Tomcat-based Servelet Engine v5.5.27.01 or earlier
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01908935
Version: 1
HPSBUX02466 SSRT090192 rev.1 - HP-UX Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-10-21
Last Updated: 2009-10-21
http://labs.idefense.com/intelligence/vulnerabilities/
Feb 26, 2008
I. BACKGROUND
Symantec Scan Engine is a standalone Anti-Virus Engine that exposes a
scanning Application Programming Interface (API) directly to developers
who wish to integrate protection into their own custom applications.
More information is available on the vendor's site at the following
URL.
CA20091008-01: Security Notice for CA Anti-Virus Engine
Issued: October 8, 2009
CA's support is alerting customers to multiple security risks
associated with CA Anti-Virus Engine. Vulnerabilities exist in
the arclib component that can allow a remote attacker to cause a
#######################################################################
Luigi Auriemma
Application: Unreal engine
http://www.unrealtechnology.com
Versions: the games which have been tested and resulted vulnerable
are Unreal Tournament 3 1.3, Unreal Tournament 2003 and
2004, Dead Man's Hand, Pariah, WarPath, Postal2, Shadow
Ops and possibly others.
Potential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, cross-site request forgery (CSRF)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, or cross-site request forgery (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
References: CVE-2007-6420, CVE-2008-1232, CVE-2008-1947, CVE-2008-2364, CVE-2008-2370, CVE-2008-2938, CVE-2008-2939, CVE-2008-3658
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.01.01 or v2.0.59.07.02 or earlier or Tomcat-based Servelet Engine v5.5.27.01.01 or earlier
(MFSA 2008-34)
CVE-2008-2798
Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered
crashes in the layout engine, which might allow the execution of
arbitrary code. (MFSA 2008-21)
CVE-2008-2799
Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in
overflow in the parser for UTF-8 URLs, which may lead to the execution
of arbitrary code. (MFSA 2008-37)
CVE-2008-1380
It was discovered that crashes in the Javascript engine could
potentially lead to the execution of arbitrary code. (MFSA 2008-20)
CVE-2008-3835
"moz_bug_r_a4" discovered that the same-origin check in
Title: CA20090615-01: CA ARCserve Backup Message Engine Denial of
Service Vulnerabilities
CA Advisory Reference: CA20090615-01
CA Advisory Date: 2009-06-15
Next Page>>
|
