Next Page >>
performing
include this information in your submission and we will do our best to
accommodate you.
Note: If the presentation is based upon code or a particular
technique, the presenter must be one of the developers of the code or
technique and be prepared to perform a demonstration.
We look forward to reviewing your submissions, and anticipate another
great line-up for this year's conference. Once again, if you have any
questions about your submission, please email cfp [at] layerone [dot]
info. Thank you for your interest, and we look forward to seeing you
2.Vulnerability description
---------------------------
Microsoft Server Message Block (SMB) Protocol is a Microsoft network
file sharing protocol also used for sharing printers, communications
abstractions such as named pipes and mailslots, and performing Remote
Procedure Calls (DCE/RPC over SMB) [1].
NTLM (NT Lan Manager) is a challenge-response authentication protocol
used by the SMB protocol [2].
Call For Papers
The 2008 Workshop on Security and High Performance Computing Systems
(http://www.diiga.univpm.it/~spalazzi/nicosia/)
As part of The 2008 International Conference
High Performance Computing & Simulation (HPCS’08)
and in conjunction with
The 22nd European Conference on Modelling and Simulation (ECMS 2008)
Nicosia, Cyprus
Unauthenticated Java Servlet Access
+----------------------------------
A number of sensitive Java Servlets delivered via a Java Servlet
framework within the Cisco TelePresence Recording Server could allow
a remote, unauthenticated attacker to perform actions that should be
restricted to administrative users. To successfully exploit this
vulnerability, the attacker would need the ability to submit a
crafted request to an affected device on TCP port 80, TCP port 443,
or TCP port 8080.
exists on the local computer and it is not directly configurable through
Internet Explorer security options by the user.
Internet Explorer users or Administrators can assign specific websites
or domains to any of the available zone except the Local Machine Zone.
The ability for a given website to perform security-sensitive operations
on the web browser is determined by the *Security Level* of the zone to
which the site was assigned. Each zone can be set to one of three preset
security levels (High, Medium-High, Medium) or to a custom level with
security policy settings specified by the user or administrator.
remote attacker can abuse this to execute remote code under the context
of the SYSTEM user.
-- Vendor Response:
BMC Software states:
BMC Performance Assurance for Servers
Versions 7.4.00, 7.4.10, 7.4.15, 7.5.00, 7.5.10 January, 2011 Tracking
number QM001683974: Potential vulnerability in network-accessible binary
Service Daemon and Manager Daemon
BMC Software is alerting users of the following products to a potential
Unauthenticated Java Servlet Access
+----------------------------------
A number of sensitive Java Servlets delivered via a Java Servlet
framework in the Cisco Telepresence Multipoint Switch could allow a
remote, unauthenticated attacker to perform actions that should be
restricted to administrative users only. The attacker would need the
ability to submit a crafted request to an affected device on TCP port
80, 443, or 8080.
An attacker must perform a three-way TCP handshake and establish a
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01621724
Version: 1
HPSBMA02390 SSRT071481 rev.1 - HP OpenView Performance Agent, HP Performance Agent, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-12-08
Last Updated: 2008-12-08
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02695453
Version: 1
HPSBMA02627 SSRT090246 rev.1 - HP OpenView Performance Insight Server, Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-01-31
Last Updated: 2011-01-31
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02695453
Version: 2
HPSBMA02627 SSRT090246 rev.2 - HP OpenView Performance Insight Server, Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-01-31
Last Updated: 2011-06-14
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02942411
Version: 2
HPSBMU02695 SSRT100480 rev.2 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access, Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-08-08
Last Updated: 2011-08-12
requests.
Java Servlets provide a filter component which can dynamically intercept
requests and responses to transform information contained in the
requests or responses[1]. Servlet filters are often recommended as an
effective way to perform input validation in Java web applications due
to the centralized nature and little modifications required to the
application's code.
Open Web Application Security Project (OWASP) has developed Stinger,
which aims to provide a centralized input validation component which can
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02153865
Version: 1
HPSBMA02528 SSRT100106 rev.1 - HP Performance Center Agent on Windows, Remote Unauthenticated Arbitrary Code Execution
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-05-10
Last Updated: 2010-05-10
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01622011
Version: 1
HPSBMA02396 SSRT080175 rev.1 - HP OpenView Performance Agent and HP Performance Agent Running on Windows, Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-04-08
Last Updated: 2009-04-08
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02574359
Version: 1
HPSBMA02600 SSRT100239 rev.1 - HP Insight Control Performance Management for Windows, Remote Arbitrary File Download
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-10-28
Last Updated: 2010-10-28
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02790298
Version: 1
HPSBMA02660 SSRT100433 rev.1 - HP Performance Insight Running on HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access to Sensitive Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-04-19
Last Updated: 2011-04-19
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02942411
Version: 1
HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-08-08
Last Updated: 2011-08-08
Synchronizer client successfully authenticates to a Cisco Unified
Communications Manager device over a HTTPS connection, the Cisco
Unified Communications Manager returns credentials for a user account
that is used to manage the Cisco Unified Communications Manager
directory service. If an attacker is able to intercept the
credentials, they can perform unauthorized modifications to the Cisco
Unified Communications Manager configuration and extend their
privileges. The IP Phone PAB Synchronizer client has been redesigned
to allow address book synchronization without requiring the directory
service credentials. This vulnerability does not allow an attacker to
gain access to the underlying platform operating system of any Cisco
Product Description
-------------------
From [1]:
"The Cisco CSS 11500 Series Content Services Switch is a high-performance,
high-availability modular architecture for Web infrastructures. As the
premiere switch for the Cisco Web Network Services Software, the Cisco
CSS 11500 Series helps businesses to build global Web networks
optimized for content delivery and e-commerce. By activating HTTP
headers, the CSS 11500 Series helps to ensure availability, optimize
As a result, the entire attack surface of MSHTML is exposed to remote IM
peers. By having a way of sending data straight to the MSHTML library,
attackers could abuse such high-risk attack vector to:
- - Execute arbitrary shell commands in the victim‟s workstation.
- - Direct the embedded IE to perform arbitrary HTTP requests (CSRF)
- - Include HTML controls (links, images, forms…) in IM text messages in
order to trick users into revealing sensitive information or performing
harmful actions against their accounts/workstation/etc.
- - Run JavaScript code within IE to enhance the attacks mentioned above.
- - Instantiate ActiveX controls, which attackers could use to target
As a result, the entire attack surface of MSHTML is exposed to remote IM
peers. By having a way of sending data straight to the MSHTML library,
attackers could abuse such high-risk attack vector to:
- - Execute arbitrary shell commands in the victim‟s workstation.
- - Direct the embedded IE to perform arbitrary HTTP requests (CSRF)
- - Include HTML controls (links, images, forms…) in IM text messages in
order to trick users into revealing sensitive information or performing
harmful actions against their accounts/workstation/etc.
- - Run JavaScript code within IE to enhance the attacks mentioned above.
- - Instantiate ActiveX controls, which attackers could use to target
TelePresence endpoint devices that could allow a remote,
authenticated attacker to execute arbitrary commands with elevated
privileges. To exploit these vulnerabilities, an attacker must submit
a malformed request to an affected device via TCP port 8082.
An attacker must perform a three-way TCP handshake and establish a
valid session to exploit this vulnerability.
* Cisco TelePresence endpoint - CSCtb31640 ( registered customers
only) has been assigned the CVE identifier CVE-2011-0372
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02181353
Version: 1
HPSBMA02535 SSRT100029 rev.1 - HP Performance Manager, Remote Unauthorized Access, Cross Site Scripting (XSS), Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-05-17
Last Updated: 2010-05-17
-----BEGIN PGP SIGNED MESSAGE-----
CA20100223-01: Security Notice for CA eHealth Performance Manager
Issued: February 23, 2010
CA's support is alerting customers to a security risk with CA eHealth
Performance Manager. A cross-site scripting vulnerability exists that
can allow a remote attacker to potentially gain sensitive
information. CA has provided guidance to remediate the vulnerability.
-- Affected Vendor:
Hewlett-Packard
-- Affected Products:
HP OpenView Internet Service
HP OpenView Performance Manager
HP OpenView Performance Agent
HP OpenView Reporter
HP OpenView Operations
HP OpenView Operations Manager for Windows
HP OpenView Service Quality Manager
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02563642
Version: 1
HPSBMA02602 SSRT100317 rev.1 - HP Insight Control Performance Management for Windows, Remote Cross Site Scripting (XSS), Privilege Escalation, Cross Site Request Forgery (CSRF)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-10-28
Last Updated: 2010-10-28
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02680678
Version: 2
HPSBMA02624 SSRT100195 rev.2 - HP LoadRunner and HP Performace Center, Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-01-12
Last Updated: 2011-01-24
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02748970
Version: 1
HPSBMA02664 SSRT100417 rev.1 - HP Insight Control Performance Management for Windows, Remote Privilege Elevation, Cross Site Request Forgery (CSRF)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-04-20
Last Updated: 2011-04-20
Scientific Atlanta, a Cisco company (www.cisco.com), produces the WebSTAR line
of cable modems, which are widely deployed by cable providers, especially for
home usage. Certain versions of the firmware for the DPC2100 model feature a
web interface that is vulnerable to the following issues. Testing was
performed on a DPC2100R2 modem, with firmware v2.0.2r1256-060303. Other
WebSTAR modems and firmware versions may be vulnerable as well.
1. Cross-site request forgery (CSRF). Several features provided by the web
interface fail to properly establish sessions that restrict access to
authorized users, including forms for changing the administrative password,
Not Affected:
Unknown
Description:
Affected devices do not perform proper authentication of incoming SMS
Provisioning messages.
The following behaviors have been verified on affected devices:
1.Source of provisioning message is never displayed to user.
Next Page>>
|
