Next Page >>
http upload
Hash: SHA1
Cisco Security Response: Cisco IOS Cross-Site Scripting
Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sr-20090114-http.shtml
Revision 1.0
For Public Release 2009 January 14 1600 UTC (GMT)
Virtual Security Research, LLC.
http://www.vsecurity.com/
Security Advisory
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Advisory Name: Multiple Cisco CSS / ACE Client Certificate and HTTP Header
Manipulation Vulnerabilities
Cisco Security Advisory: Cisco IOS Software Firewall Application
Inspection Control Vulnerability
Advisory ID: cisco-sa-20080924-iosfw
http://www.cisco.com/warp/public/707/cisco-sa-20080924-iosfw.shtml
Revision 1.0
For Public Release 2008 September 24 1600 UTC (GMT)
A DoS vulnerability exists in NetCache proxies of at least some areas
of Speedy Argentina ISP (201.255.64/18), by which a URL could be rendered
inaccessible by means of the prefetch cache control directive.
The procedure is very simple, sending several times a simple GET
HTTP/1.1 request to the victim URL will make the proxies no longer
serve it. Users will be waiting for about two minutes and then the TCP
connection will be closed, which depending on the user agent it will
be interpreted as a valid zero-length HTTP 0.9 reply or an error.
It is worth noting that this attack affects the URL EXACTLY. For
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
Advisory ID: cisco-sa-20090727-wlc
http://www.cisco.com/warp/public/707/cisco-sa-20090727-wlc.shtml
Revision 1.0
For Public Release 2009 July 27 1600 UTC (GMT)
====================
Vulnerability :
When used as a Server Load Balancer and/or SSL offloader it's possible
to do requests
to the backend without leaving any ip address in the http server logs.
it's possible
then to do any L7 http attacks anonymousely.
A Bug request has been opened at cisco TAC, it has been classified
"work as designed"
advisory recently concerning some XSS/CSRF holes in the IOS..
quote{
Document ID: 98605
http://www.cisco.com/warp/public/707/cisco-sr-20090114-http.shtml
Revision 1.0
For Public Release 2009 January 14 1600 UTC (GMT)
Cisco Response:
"Two separate Cisco IOS® Hypertext Transfer Protocol (HTTP) cross-site
scripting (XSS) vulnerabilities have been reported to Cisco [...]
Cisco Security Advisory: Multiple Vulnerabilities in Firewall Services
Module
Advisory ID: cisco-sa-20071017-fwsm
http://www.cisco.com/warp/public/707/cisco-sa-20071017-fwsm.shtml
Revision 1.0
For Public Release 2007 October 17 1600 UTC (GMT)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Adaptive
Security Appliance and Cisco PIX Security Appliances
Advisory ID: cisco-sa-20090408-asa
http://www.cisco.com/warp/public/707/cisco-sa-20090408-asa.shtml
Revision 1.0
For Public Release 2009 April 08 1600 UTC (GMT)
these vulnerabilities. Cisco has made free software available to
address this issue for affected customers.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20080213-phone.shtml
Affected Products
=================
Vulnerable Products
Title: Simple PHP Blog (sphpblog) <= 0.5.1 Multiple Vulnerabilities
Vendor: http://sourceforge.net/projects/sphpblog/
Advisory: http://acid-root.new.fr/?0:15
Author: DarkFig < gmdarkfig (at) gmail (dot) com >
Released on: 2007/10/21
Changelog: ----------
L M H T
Summary: Ip Spoofing [X] [_] [_] [X]
Vuln name: GCALDaemon Remote DoS
Systems affected: GCALDaemon 1.0-beta13 (all platforms)
Systems not affected: -
Severity: Low
Local/Remote: Remote
Vendor URL: http://gcaldaemon.sourceforge.net/
Author(s): Luca "ikki" Carettoni - luca.carettoni@securenetwork.it
Vendor disclosure: 22nd August 2007
Vendor acknowledged: 22nd August 2007
Vendor patch release: n/a
Public disclosure: 18th September 2007
vulnerability may allow a Man-in-the-Middle (MITM) attacker to inject
arbitrary data into the beginning of the application protocol stream
protected by TLS.
The only ArubaOS component that seems affected by this issue is the
HTTPS WebUI administration interface. If a client browser (victim) is
configured to authenticate to the WebUI over HTTPS using a client
certificate, an attacker can potentially use the victim's credentials
temporarily to execute arbitrary HTTP request for each initiation of an
HTTPS session from the victim to the WebUI. This would happen without
any HTTPS/TLS warnings to the victim. This condition can essentially be
Name Multiple Vulnerabilities in FormMail
Systems Affected FormMail 1.92 and possibly earlier versions
Severity Medium
Impact (CVSSv2) Medium 4.3/10, vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Vendor http://www.scriptarchive.com/formmail.html
Advisory http://www.ush.it/team/ush/hack-formmail_192/adv.txt
Authors Francesco "ascii" Ongaro (ascii AT ush DOT it)
Giovanni "evilaliv3" Pellerano (evilaliv3 AT ush DOT it)
Antonio "s4tan" Parata (s4tan AT ush DOT it)
Date 20090511
PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method
Vulnerability found: 7 November 2007
Vendor contacted: 14 November 2007
Risk factor: N/A
The reason why we didn't consider this vulnerability a security risk is because the attacker needs to force the victim's browser to submit a malformed HTTP method.
1. DESCRIPTION
There is a DoS vulnerability in Cisco Linksys router WRH54G http service. Any anonymous attacker could crash the http service easily by sending a malformed http request, and needn't any privilege.
When the device attempts to process the malformed request, it will be possible to corrupt sensitive memory. Although unconfirmed, it may also be possible to modify various configuration settings or execute malicious code.
After being attacked, Cisco Linksys router can't be accessed remotely by any user. Http service is not recovered and the attacked router can not be managed without a hard reboot. A reboot of router may cause network disconnected.
Further more, the firewall can still route packets.
Name Multiple Vulnerabilities in Jetty
Systems Affected Jetty 7.0.0 and earlier versions
Severity Medium
Impact (CVSSv2) Medium 5/10, vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Vendor http://www.mortbay.org/jetty/
Advisory http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt
Authors Francesco "ascii" Ongaro (ascii AT ush DOT it)
Giovanni "evilaliv3" Pellerano (evilaliv3 AT ush DOT it)
Antonio "s4tan" Parata (s4tan AT ush DOT it)
Date 20091024
On July 15 OuTian reported a vulnerability in Apache Tomcat[2] whereby
overwide byte sequences in utf-8 could bypass both Apache Tomcat access
control restrictions as well as path decoding logic.
On July 17 Simon Ryeo reported[3] a variation of the same vulnerability in
Apache httpd server when proxying content generated from Tomcat.
Remy Maucherat wrote a patch to address this particular expression of the
vector for Tomcat 6.0.x[4] which also mitigates against any similar but as
yet undiscovered decoding vulnerabilities. This patch has also been ported
to 5.5.x[5] and 4.1.x[6]. On July 31st the Apache Software Foundation
Multiple Adobe Products
XML External Entity And XML Injection Vulnerabilities
CVE: CVE-2009-3960
Adobe PSIRT: APSB10-05 - http://www.adobe.com/support/security/bulletins/apsb10-05.html
Link: http://www.security-assessment.com/files/advisories/2010-02-22_Multiple_Adobe_Products-XML_External_Entity_and_XML_Injection.pdf
+-----------+
|Description|
+-----------+
Advisory: Geo++(R) GNCASTER: Faulty implementation of HTTP Digest
Authentication
During a penetration test, RedTeam Pentesting discovered that the
GNCaster software has multiple bugs in its implementation of HTTP Digest
Authentication.
Details
=======
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:323
http://www.mandriva.com/security/
_______________________________________________________________________
Package : apache
Date : December 7, 2009
Affected: 2008.0
Title: CA20090429-01: CA ARCserve Backup Apache HTTP Server
Multiple Vulnerabilities
CA Advisory Reference: CA20090429-01
CA Advisory Date: 2009-04-29
BugSec | Security Advisory
Moshe Ben-Abu | Security Expert
Advisory URL (PDF):
http://www.bugsec.com/up_files/OpenNMS_Multiple_Vulnerabilities.pdf
- Table of Contents -
OPENNMS MULTIPLE VULNERABILITIES 1
Cisco Security Advisory: Vulnerability in Cisco IOS While Processing
SSL Packet
Advisory ID: cisco-sa-20080924-ssl
http://www.cisco.com/warp/public/707/cisco-sa-20080924-ssl.shtml
Revision 1.0
For Public Release 2008 September 24 1600 UTC (GMT)
Rapid7 Advisory R7-0033
Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting
Discovered: July 25, 2008
Published: August 5, 2008
Revision: 1.1
http://www.rapid7.com/advisories/R7-0033
CVE: CVE-2008-2939
Document ID: 105444
Advisory ID: cisco-sa-20080604-asa
http://www.cisco.com/warp/public/707/cisco-sa-20080604-asa.shtml
Revision 1.0
For Public Release 2008 June 04 1600 UTC (GMT)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
0. ORIGINAL ADVISORY
~~~~~~~~~~~~~~~~~~~~
http://o0o.nu/~meder/o0o_bypassing_servlet_input_validation_filters.txt
I. BACKGROUND
~~~~~~~~~~~~~
NOTE: This advisory will use OWASP's Stinger and Struts framework to
Document ID: 111014
Advisory ID: cisco-sa-20100526-mediator
http://www.cisco.com/warp/public/707/cisco-sa-20100526-mediator.shtml
Revision 1.0
For Public Release 2010 May 26 1600 UTC (GMT)
Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver,
Yaws and Boa log escape sequence injection
Name Nginx, Varnish, Cherokee, thttpd, mini-httpd,
WEBrick, Orion, AOLserver, Yaws and Boa log escape
sequence injection
Systems Affected nginx 0.7.64
Varnish 2.0.6
Cherokee 0.99.30
mini_httpd 1.19
SecureWorks Security Advisory SWRX-2010-001
Cisco ASA HTTP Response Splitting Vulnerability
Advisory Information
Title: Cisco ASA HTTP Response Splitting Vulnerability
Advisory ID: SWRX-2010-001
Advisory URL: http://www.secureworks.com/ctu/advisories/SWRX-2010-001
Date published: Thursday, June 24, 2010
CVE: CVE-2008-7257
Next Page>>
|
