Next Page >>
reporting
systems.
Besides the recommendation of a secure network architecture with strict
network access control measures, OS hardening and other sound system
administration practices a specific workaround for the vulnerability
reported in this advisory is provided below.
The vulnerability is located in the ODBC server service, vulnerable
organizations that do not require ODBC connectivity may disable the
service with no adverse effects to the CitectSCADA software.
Installations that require ODBC connectivity to SQL databases,
Products both on Mac OS 10.5 (Leopard) and iPhone 1.1.4,
and intends to send them in several phases to Apple Inc.
2008/03/08 Apple Inc. replies to n.runs AG providing their public
pgp key. Apple Inc. states that the Apple Inc. RFP will
be used instead of the n.runs RFP
2008/03/08 n.runs AG responds that vulnerability reporting will
only happen under n.runs AG RFP
2008/03/11 Apple Inc. confirms to n.runs AG that the n.runs AG RFP
is aligned to their RFP, and that n.runs may continue
with further communication and bug reporting
2008/03/11 n.runs AG sends PoCs for various issues to Apple Inc.
Availability Impact - Complete
CVSS Temporal Score - 5.9
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
SIP Inspection Denial of Service Vulnerabilities
+-----------------------------------------------
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official Fix
Report Confidence - Confirmed
CSCsq57091 - Memory corruption and traceback when inspecting malformed SIP packets
CVSS Base Score - 7.8
Access Vector - Network
Availability Impact - Complete
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsk21863 - DNS Response Parsing Stack Overflow
CVSS Base Score - 10.0
Access Vector - Network
Availability Impact - Complete
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtb31685 - CGI Command Injection
CVSS Base Score - 9.0
Access Vector - Network
Availability Impact - Complete
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtf97221 - CGI Command Injection
CVSS Base Score - 10
Access Vector - Network
Availability Impact - Complete
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtf01253 - Unauthenticated Java Servlet Access
CVSS Base Score - 10
Access Vector - Network
A persistent Cross Site Scripting vulnerability (XSS) was discovered
where an attacker
could plant an AP with maliciously crafted SSID in the general
vicinity of the wireless LAN
and might be able to trigger a XSS vulnerability in the reporting
sections of the ArubaOS
and AirWave Administration WebUIs.
AFFECTED VERSIONS
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsf30109 - IOS-XR SNMPv3 HMAC Authentication issue
- --------------------------------------------------------
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCsi98433 - CTLProvider leaks memory in certain scenarios
CVSS Base Score - 7.8
Access Vector - Network
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCsi98433 - CTLProvider leaks memory in certain scenarios
CVSS Base Score - 7.8
Access Vector - Network
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtg62855 ("Core dump when processing certain SIP packets")
CVSS Base Score - 7.8
Availability Impact - Complete
CVSS Temporal Score - 7.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtq63992 - CSM Arbitrary command execution vulnerability
CVSS Base Score - 9.0
Availability Impact Complete
CVSS Temporal Score - 8.3
Exploitability Functional
Remediation Level Official Fix
Report Confidence Confirmed
CSCtb83607 - Privilege escalation possible over HTTP protocol
CVSS Base Score - 9
Access Vector Network
Access Complexity Low
. Microsoft virtualization products that are based on Hyper-V technology.
6. *Vendor Information, Solutions and Workarounds*
This issue was reported to Microsoft in August 2009. The vendor has
acknowledged the report and after extensive analysis indicated that it
plans to solve the problem in future updates to the associated products.
We recommend affected users to run all mission critical Windows
applications on non-virtualized systems or to use virtualization
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc47823 - CCM Core at invalid Line# in SCCP RegAvailableLines and FwdStatReq
CVSS Base Score - 7.8
SQL-Ledger – several issues
===========================
Date released: 21.12.2009
Date reported: 28.07.2009
$Revision: 1.1 $
by Alexander Klink
Fraunhofer Institute for Secure Information Technology
alexander.klink@sit.fraunhofer.de
Availability Impact - None
CVSS Temporal Score - 6.8
Exploitability - High
Remediation Level - Official-Fix
Report Confidence - Confirmed
* Cisco ASA may crash with certain HTTP packets (CSCsv52239)
CVSS Base Score - 7.8
Access Vector - Network
Availability Impact - Complete
CVSS Temporal Score - 7.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* ANM invalid directory permissions (CSCsv70130)
CVSS Base Score - 9.0
Access Vector - Network
CVSS Temporal Score - 8.7
Exploitability - High
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsq32379 - DM Default Account Credentials
CVSS Base Score - 10
print '[-] Must specify a filename. Remember to change the pop pop ret
address! :)'
else:
createMaliciousFile(argv[1])
*Report Timeline*
2007-09-13: Email to IBM AIX security requesting security contact
information for Lotus Notes
2007-09-14: Reply from IBM AIX security team with contact information of
the IBM Lotus Notes security team
2007-09-17: Email to IBM Lotus Notes security notifying Core’s intent to
HTC has confirmed the existence of this vulnerability and it is working to release a hotfix to solve the issue. The temporary hotfix provided was named "LEO_S01175" but it still discloses the Twitter credentials by using HTTP instead of HTTPS.
We at Taddong honestly believe this finding must be publicly known by the information security community in order to take appropriate countermeasures and mitigate the vulnerable behavior. Therefore, we have tried to coordinate the release of this security advisory together with the vendor, following responsible disclosure principles. This vulnerability is especially relevant considering the extensive number of HTC mobile devices available in the market and the potential impact of the associated attacks.
-- Vulnerability report timeline:
2010-08-21: Taddong tries to report the vulnerability to HTC through the standard channels (web, e-mail...) without success.
2010-08-23: Taddong contacts other security researchers (Thanks Alberto!) previously involved in reporting vulnerabilities to HTC in order to identify a valid contact or notification channel to let HTC know about the issue.
2010-08-25: Taddong spends around a week trying to identify a secure channel to report the issue to HTC, without any success. Please, read "The Seven Deadly Sins of Security Vulnerability Reporting"!! [1]
2010-09-03: Taddong finally decides to notify HTC about the vulnerability through the only available (but insecure) web channel and sends a brief technical report.
=======
Summary
=======
Name: Websense (Triton 7.6) reflected XSS in report management UI
Release Date: 30 April 2012
Reference: NGS00137
Discoverer: Ben Williams <ben.williams@ngssecure.com>
Vendor: Websense
Vendor Reference:
Systems Affected:
=======
Summary
=======
Name: Websense (Triton 7.6) Authentication-bypass in report management UI
Release Date: 30 April 2012
Reference: NGS00138
Discoverer: Ben Williams <ben.williams@ngssecure.com>
Vendor: Websense
Vendor Reference:
Systems Affected:
=======
Summary
=======
Name: Websense (Triton 7.6) stored XSS in report management UI
Release Date: 30 April 2012
Reference: NGS00141
Discoverer: Ben Williams <ben.williams@ngssecure.com>
Vendor: Websense
Vendor Reference:
Systems Affected:
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
CVSS Temporal Score - 7.8
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc59231/CSCtd40661 - Unauthorized account creation
CVSS Base Score - 10
- -----/
8. *Report Timeline*
. 2009-08-25:
Core Security Technologies ask the Autodesk Assistance Team for a
security contact to report the vulnerability.
Next Page>>
|
