Details
=======
The Cisco CSM is an integrated SLB line card for the Catalyst 6500 and
7600 Series that is designed to enhance the response time for client
traffic to end points including servers, caches, firewalls, Secure
Sockets Layer (SSL) devices, and VPN termination devices.
The Cisco CSM-S combines high-performance SLB with SSL offload. The
CSM-S is similar to the CSM; however, unlike the CSM, the CSM-S can
Details
=======
The Cisco AVS 3110 and 3120 are enterprise data center appliances for
improving web application performance, measuring end-user response
time, and managing application security. The Cisco AVS 3120 enforces
application security with an integrated web application firewall. The
Cisco AVS 3180 and 3180A Management Stations provide web-based tools for
the configuration and application performance monitoring for a cluster
of AVS 3110s and 3120s or individual nodes.
02-Jun-2011 - Notified vendor. Vendor response.
03-Jun-2011 - Vendor patched in CVS repository.
06-Jun-2011 - Vendor announces release of v4.0.7 & 4.2.3.
06-Jun-2011 - Disclosure.
We'd like to thank Squiz for their exceptional response time in
responding to, and addressing, these issues.
About OSI Security:
OSI Security is an independent network and computer security auditing
Details
=======
The Cisco CSM is an integrated SLB line card for the Catalyst 6500 and
7600 Series that is designed to enhance the response time for client
traffic to end points including servers, caches, firewalls, Secure
Sockets Layer (SSL) devices, and VPN termination devices.
The Cisco CSM-S combines high-performance SLB with SSL offload. The
CSM-S is similar to the CSM; however, unlike the CSM, the CSM-S can
Details
=======
The Catalyst CSM is an integrated Server Load Balancing line card for
the Catalyst 6500 and 7600 Series designed to enhance the response
time for client traffic to end points including servers, caches,
firewalls, Secure Sockets Layer (SSL) devices, and VPN termination
devices.
The Catalyst 6500 CSM-S combines high-performance server load
balancing (SLB) with Secure Socket Layer (SSL) offload. The CSM-S is
http://www.procheckup.com/Vulnerabilities.php
Credits: Amir Azam and Adrian Pastor of ProCheckUp Ltd. (www.procheckup.com)
ProCheckUp would like to thank Petr Skoda and the rest of the Moodle
team for their excellent response time and cooperation towards resolving
this matter.
Legal:
Copyright 2008 Procheckup Ltd. All rights reserved.
http://www.procheckup.com/Vulnerabilities.php
Credits: Richard Brain of ProCheckUp Ltd. (www.procheckup.com)
ProCheckUp would like to thank Petr Skoda and the rest of the Moodle
team for their excellent response time and cooperation towards resolving
this matter.
Legal:
Copyright 2008 Procheckup Ltd. All rights reserved.
http://www.procheckup.com/Vulnerabilities.php
Credits: Adrian Pastor and Amir Azam of ProCheckUp Ltd. (www.procheckup.com)
ProCheckUp would like to thank Petr Skoda and the rest of the Moodle
team for their excellent response time and cooperation towards resolving
this matter.
Legal:
Copyright 2008 Procheckup Ltd. All rights reserved.
Details
=======
CiscoWorks IPM is a troubleshooting application that gauges network
response time and availability. CiscoWorks IPM is available as a
component within the CiscoWorks LAN Management Solution (LMS) bundle.
CiscoWorks IPM versions 2.6 and earlier for Windows contain a buffer
overflow vulnerability when processing Common Object Request Broker
Architecture (CORBA) GIOP requests. By sending a crafted CORBA GIOP
request, a remote, unauthenticated attacker may be able to trigger
Details
=======
CiscoWorks IPM is a troubleshooting application that gauges network
response time and availability. It is available as a component within
the CiscoWorks LAN Management Solution (LMS) bundle. IPM version 2.6
for Solaris and Windows contains a process that causes a command
shell to automatically be bound to a randomly selected TCP port.
Remote, unauthenticated users are able to connect to the open port
and execute arbitrary commands with casuser privileges on Solaris
