Next Page >>
modules
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Firewall Services Module Crafted ICMP Message
Vulnerability
Advisory ID: cisco-sa-20090819-fwsm
http://www.cisco.com/warp/public/707/cisco-sa-20090819-fwsm.shtml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE
Application Control Engine Module and Cisco ACE 4710 Application
Control Engine
Document ID: 109450
Advisory ID: cisco-sa-20090225-ace
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall
Services Module
Advisory ID: cisco-sa-20111005-fwsm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall
Services Module
Advisory ID: cisco-sa-20100804-fwsm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Firewall Services Module Skinny Client
Control Protocol Inspection Denial of Service Vulnerability
Advisory ID: cisco-sa-20100217-fwsm
http://www.cisco.com/warp/public/707/cisco-sa-20100217-fwsm.shtml
We are excited to announce the immediate availability of version 3.3 of
the Metasploit Framework. This release includes 446 exploits, 216
auxiliary modules, and hundreds of payloads, including an in-memory VNC
service and the Meterpreter. In addition, the Windows payloads now
support NX, DEP, IPv6, and the Windows 7 platform. More than 180 bugs
were fixed since last year’s release of version 3.2, making this one of
the more well-tested releases yet.
- http://www.metasploit.com/framework/download/
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE
Application Control Engine Module and Cisco ACE 4710 Application
Control Engine
Advisory ID: cisco-sa-20100811-ace
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco Firewall Services Module Skinny Client
Control Protocol Inspection Denial of Service Vulnerability
Document ID: 112893
Advisory ID: cisco-sa-20110223-fwsm
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Content Switching Module Memory Leak
Vulnerability
Advisory ID: cisco-sa-20080514-csm
http://www.cisco.com/warp/public/707/cisco-sa-20080514-csm.shtml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Content Switching Module Memory Leak
Vulnerability
Advisory ID: cisco-sa-20080514-csm
http://www.cisco.com/warp/public/707/cisco-sa-20080514-csm.shtml
This release includes a significant number of new features and
capabilities, many of which are highlighted below.
Version 3.2 includes exploit modules for recent Microsoft flaws, such
as MS08-041, MS08-053, MS08-059, MS08-067, MS08-068, and many more.
The module format has been changed in version 3.2. The new format
removes the previous naming and location restrictions and paved the way
to an improved module loading and caching backend. For users, this means
the memory reading aspect.
By making use of shared user memory at 0x7FFE0000, an attacker can
learn information, such as Windows drive, path, and version. More
importantly for a targeted attack, an attacker can also get the
name, path, version and base address of all loaded modules in the
process. This would essentially defeat address space randomization
(ASLR) in Windows Vista, since loaded modules tend to have the same
preferred address in all processes for each boot of the system.
Details:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Application Inspection Vulnerability in Cisco
Firewall Services Module
Advisory ID: cisco-sa-20071219-fwsm
============
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Denial of Service Vulnerabilities in Content
Switching Module
Document ID: 97826
Advisory ID: cisco-sa-20070905-csm
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in Firewall Services
Module
Advisory ID: cisco-sa-20071017-fwsm
http://www.cisco.com/warp/public/707/cisco-sa-20071017-fwsm.shtml
Summary
=======
A service policy bypass vulnerability exists in the Cisco Content
Services Gateway - Second Generation (CSG2), which runs on the
Cisco Service and Application Module for IP (SAMI). Under certain
configurations this vulnerability could allow:
* Customers to access sites that would normally match a billing
policy to be accessed without being charged to the end customer
* Customers to access sites that would normally be denied based on
- ESX 4.1
- ESX 4.0
The following Cisco products have the vulnerability:
- Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3b)
- Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3a)
- Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(3)
- Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(2)
- Cisco Nexus 1000V Virtual Ethernet Module Release 4.0(4) SV1(1)
Topic: pam_ssh improperly grants access when user account has
unencrypted SSH private keys
Category: contrib
Module: pam
Announced: 2011-12-23
Credits: Guy Helmer, Dag-Erling Smorgrav
Affects: All supported versions of FreeBSD.
Corrected: 2011-12-11 20:40:23 UTC (RELENG_7, 7.4-STABLE)
2011-12-23 15:00:37 UTC (RELENG_7_4, 7.4-RELEASE-p5)
Summary
=======
A denial of service (DoS) vulnerability exists in the Cisco Content
Services Gateway - Second Generation, that runs on the Cisco Service
and Application Module for IP (SAMI). An unauthenticated, remote
attacker could exploit this vulnerability by sending a series of
crafted ICMP packets to an affected device. Exploitation could cause
the device to reload.
There are no workarounds available to mitigate exploitation of this
SEC Consult Security Advisory < 20091217-0 >
==========================================================================
title: Authentication bypass and file manipulation in
Sitecore Staging Module
products: Sitecore Staging Module
vulnerable version: Sitecore Staging Module <= 5.4.0 rev.080625
fixed version: Staging 5.4.0 rev.091111
impact: critical
homepage:
http://www.sitecore.net/en/Products/Sitecore-CMS.aspx
Description of vulnerable software:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MKPortal is a free Portal/Content Management System (CMS) which seamlessly
integrates with the most popular forum softwares. It uses the forum user
management system and other features and adds many powerful modules to create
and manage a light but powerful web site. MKPortal has an intuitive user
interface and is very simple to install and administer.
Homepage: http://www.mkportal.it/
The following products are affected by the vulnerability described in
this Security Advisory:
* Cisco 2100 Series Wireless LAN Controllers
* Cisco WLC526 Mobility Express Controller (AIR-WLC526-K9)
* Cisco NME-AIR-WLC Modules for Integrated Services Routers (ISRs)
* Cisco NM-AIR-WLC Modules for Integrated Services Routers (ISRs)
Note: The Cisco NM-AIR-WLC have reached End-of-Life and
End-of-Software Maintenance. Please refer to the following
document for more information:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security
Appliances and Cisco Catalyst 6500 Series ASA Services Module
Advisory ID: cisco-sa-20120314-asa
Revision 1.0
mod_ssl that specify a compression algorithm (CVE-2008-1678). Note
that this security issue does not really apply as zlib compression
is not enabled in the openssl build provided by Mandriva, but apache
is patched to address this issue anyway (conserns 2008.1 only).
mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server
2.2.11 allows remote attackers to obtain sensitive response data,
intended for a client that sent an earlier POST request with no
request body, via an HTTP request (CVE-2009-1191).
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the
The challenges and responses obtained are saved to the file
'fullcreds.log'.
(ii) msf_smb_weak_nonce.rb
This metasploit module will perform connections to the victim until
the server responds with one of the duplicate challenges stored in
'fullcreds.log'. The module will then send the corresponding response to
gain access to the victim's SMB service.
Finally, after successful exploitation, the module will create the
file 'owned.txt' in the ADMIN$ share (c:\windows) with the following
Index: lib/webrick/httpstatus.rb
===================================================================
--- lib/webrick/httpstatus.rb (revision 26065)
+++ lib/webrick/httpstatus.rb (working copy)
@@ -13,5 +13,15 @@ module WEBrick
module HTTPStatus
- class Status < StandardError; end
+ class Status < StandardError
+ def initialize(message, *rest)
#######################################################################
# COMPASS SECURITY ADVISORY http://www.csnc.ch/
#######################################################################
#
# CVE ID : CVE-2009-4505
# Product: OpenCMS OAMP Comments Module
# Vendor: Open Source, Alkacon GmbH (Cologne, Germany)
# Subject: Cross-site scripting (XSS)
# Risk: High
# Effect: Anonymously exploitable
# Author: Cyrill Brunschwiler (cyrill.brunschwiler@csnc.ch)
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Advisory Name: Coda Filesystem Kernel Memory Disclosure
Release Date: 2010-08-16
Application: Coda kernel module for NetBSD and FreeBSD
Versions: All known versions
Severity: Medium
Author: Dan Rosenberg < drosenberg (at) vsecurity (dot) com >
Vendor Status: Patch Released [2][3]
CVE Candidate: CVE-2010-3014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ESA-2011-012: Security update for EMC NetWorker Module for Microsoft Applications.
EMC Identifier: ESA-2011-012
CVE Identifier: CVE-2011-0647
Severity Rating: CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Vulnerable Products
+------------------
Cisco 1500 Series, 2000 Series, 2100 Series, 4400 Series, 4100
Series, 4200 Series, Wireless Services Modules (WiSM), WLC Modules
for Integrated Services Routers, and Cisco Catalyst 3750G Integrated
Wireless LAN Controllers are affected by one or more of the following
vulnerabilities:
* The malformed HTTP or HTTPS authentication response denial of
Next Page>>
|
