Next Page >>
right click
Windows Environment:
1. Locate the files "webengine.exe" and "freeaccess.spl". The files
are located in the "$NX_ROOT\bin" and "$NX_ROOT\bopcfg\www" directory
respectively.
2. Right click on each of the files and select Properties.
3. Select the General tab.
4. If either file timestamp is earlier than indicated in the below
table, the installation is vulnerable.
File Name
4. In the Distiller Settings section, next to the distiller name
Adobe PDF, clear the check box in the Enabled column.
5. Click Apply.
6. Click OK.
7. On the Windows Desktop, in Administrative Tools, open Services.
8. Right-click BlackBerry Attachment Service and click Stop.
9. Right-click BlackBerry Attachment Service and click Start.
10. Close Services.
In Microsoft Exchange and Novell GroupWise environments, complete the
following additional steps:
4. In the Distiller Settings section, next to the distiller name
Adobe PDF, clear the check box in the Enabled column.
5. Click Apply.
6. Click OK.
7. On the Windows Desktop, in Administrative Tools, open Services.
8. Right-click BlackBerry Attachment Service and click Stop.
9. Right-click BlackBerry Attachment Service and click Start.
10. Close Services.
In Microsoft Exchange and Novell GroupWise environments, complete the
following additional steps:
4. In the Distiller Settings section, next to the distiller name
Adobe PDF, clear the check box in the Enabled column.
5. Click Apply.
6. Click OK.
7. On the Windows Desktop, in Administrative Tools, open Services.
8. Right-click BlackBerry Attachment Service and click Stop.
9. Right-click BlackBerry Attachment Service and click Start.
10. Close Services.
In Microsoft Exchange and Novell GroupWise environments, complete the
following additional steps:
// 3. Choose Visual C++: Win32: Win32 Project
// 4. Enter "iebsfix1" for the name
// 5. In the Win32 Application Wizard, choose an
// "Application type" of "DLL", and under "Additional
// options", check "Empty project"
// 6. In the Solution Explorer, right-click on "Source Files",
// Add -> New Item
// 7. Choose "C++ File (.cpp)" and enter "iebsfix1.cpp" for
// the name
// 8. Paste all of this source code into the new .cpp file
// 9. In the Solution Explorer, right-click again on "Source
occurs when you are using Internet Explorer to print locally saved web pages
as PDF and affects all IE versions including IE8. It does not matter which
PDF generation software you are using like Adobe Acrobat Professional,
CutePDF, PrimoPDF, etc as long as you are invoking it from inside the IE
print function. In Windows, even when your default browser is not IE and if
you right click a file to select the PRINT from the context menu, then by
default it invokes the IE print handler. So, you will still see this issue
in the generated PDF.
This bug is NOT ABOUT the local disk path appearing in the FOOTER of your
pdf since it is clearly visible and already known by most people. This is
occurs when you are using Internet Explorer to print locally saved web pages
as PDF and affects all IE versions including IE8. It does not matter which
PDF generation software you are using like Adobe Acrobat Professional,
CutePDF, PrimoPDF, etc as long as you are invoking it from inside the IE
print function. In Windows, even when your default browser is not IE and if
you right click a file to select the PRINT from the context menu, then by
default it invokes the IE print handler. So, you will still see this issue
in the generated PDF.
This bug is NOT ABOUT the local disk path appearing in the FOOTER of your
pdf since it is clearly visible and already known by most people. This is
For Operations Manager for Windows v8.10 and v8.16
Verify the version of srcvw4.dll currently installed
Right-click on %OvInstallDir%\bin\srcvw4.dll
Select Properties
Switch to details tab
Check File version
v4.0.1.1 and earlier are vulnerable
the appropriate exploitation techniques for stack-based buffer overflows.
However, exploitation on a Lotus Notes email client requires that the user
attempts to view the attached file following this steps:
1- Select email containing the attachment
2- Right-click on attachment
3- Select “View€? to open the file inside of Lotus Notes.
Unfortunately, users can be lured into performing the steps above due to
the fact that it is possible to send a malicious attachment with a
seemingly innocuous file name and extension such and have the Lotus Note
C:\Program Files\CA\Unicenter DSM\BABLD\Server
CA Desktop Management Suite 11.1:
C:\Program Files\CA\Unicenter DSM\BABLD\Server
2. Right click on the file and select Properties.
3. Select the General tab.
4. If the file date is earlier than indicated in the below table,
the installation is vulnerable.
For products on Windows:
1. Using Windows Explorer, locate the file “gui_cm_ctrls.ocx”. By
default, the file is in the “C:\Program Files\CA\DSM\bin\”
directory.
2. Right click on the file and select Properties.
3. Select the Version tab.
4. If the file version is earlier than indicated in the list
below, the installation is vulnerable.
Product:
by completing the following steps:
Step 1. Choose "Start > Settings > Control Panel > Administrative Tools
> Services" to access the Services window.
Step 2. Right-click "CWCS tftp service" and select "Properties".
Step 3. Set the "Startup Type" to "Disabled".
Step 4. Click the "Stop" button to stop the TFTP service.
For products on Windows:
1. Using Windows Explorer, locate the file "arclib.dll". By
default, the file is located in the
"C:\Program Files\CA\SharedComponents\ScanEngine" directory (*).
2. Right click on the file and select Properties.
3. Select the Version tab.
4. If the file version is earlier than indicated below, the
installation is vulnerable.
File Name File Version
Problem Resolution:
A manual change is required on each Microsoft Windows IIS web server on which EMC SourceOne Mobile Services software is installed. This manual change is required for all existing installations of affected versions, even if the server has been upgraded to a non-affected version. Follow these steps to make the required change:
1. Open Windows Explorer and browse to the ExShortcut install directory. By default, this directory is the SourceOneInstallDrive:\SourceOneInstallDirectory\ExShortcut.
2. Right click on the Web.config file and click "Open With" then choose "Notepad".
3. Once the document has loaded into Notepad, find the following line:
<trace enabled="true" requestLimit="40" localOnly="false"/>
4. Change this line so that it is identical to the following:
<trace enabled="false" requestLimit="40" localOnly="true"/>
5. Save the Web.config document.
Example #2
Within the SugarCRM UI go to the Document List. Hover over the Document
Name you just created, right-click, and then copy the URL location. You
will see the URL does not have any of the scripting, it has been
replaced with queries directly to a Record variable within the
application. This would probably be the tact a Phisher would take.
1. Using Windows Explorer, locate the file "DBserver.dll". By
default, the file is located in the
"C:\Program Files\CA\BrightStor ARCserve Backup" directory.
2. Right click on the file and select Properties.
3. Select the General tab.
4. If the file timestamp is earlier than indicated in the table
below, the installation is vulnerable.
1. Click Start and then click Run. Enter regedit.exe in the text box and
click OK.
2. Navigate to
HKEY_CLASSES_ROOT\CLSID\{05300401-BCBC-11d0-85E3-00C04FD85AB4}.
3. Right click {05300401-BCBC-11d0-85E3-00C04FD85AB4} and select
Permissions.
4. Click Advanced.
5. Deselect Allow inheritable permissions from the parent to propagate
6. Click Remove, and then click OK. Click Yes and OK on subsequent screens.
The following steps allow you to determine if you have an affected
version of VMrc installed:
- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
VMrc is affected
1. Using Windows Explorer, locate the file "mng_core_com.dll". By
default in r12.0 and r12.5, the file is located in the
"C:\Program Files\CA\XOsoft\Manager" directory. For r15.0 sp1, the
file is located in the "C:\Program Files\CA\ARCserve RHA\Manager"
directory.
2. Right click on the file and select Properties.
3. Select the General tab.
4. If the file timestamp is earlier than indicated in the below
table, the installation is vulnerable.
Product
For products on Windows:
1. Using Windows Explorer, locate the file "alert.exe". By
default, the file is located in the
"C:\Program Files\CA\SharedComponents\Alert" directory.
2. Right click on the file and select Properties.
3. Select the Version tab.
4. If the file version is earlier than indicated in the below
table, the installation is vulnerable.
Product File Version
For products on Windows:
1. Using Windows Explorer, locate the file "arclib.dll". By
default, the file is located in the
"C:\Program Files\CA\SharedComponents\ScanEngine" directory (*).
2. Right click on the file and select Properties.
3. Select the Version tab.
4. If the file version is earlier than indicated below, the
installation is vulnerable.
File Name File Version
DDMI requires the Windows SNMP service for its operation. If necessary DDMI will install and configure the Windows SNMP service using the Windows default security settings. As a result the SNMP read community string may be set to public .
To modify the default security configuration of the of the Windows SNMP service:
Open the Windows Services Control Panel applet, select Administrative Tools and then select Services.
Select the SNMP Service, right click on it and select Properties and navigate to the Security tab.
Amend the security settings as required to change the default read community string to a value other than public.
Add the updated read community string to the appropriate DDM Inventory SNMP profile.
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
How to determine if the installation is affected
1. Using Windows Explorer, locate the files "mng_core_com.dll". By
default, the file is located in the
"C:\Program Files\CA\XOsoft\Manager" directory.
2. Right click on the file and select Properties.
3. Select the Version tab.
4. If the file version is previous than indicated in the below table,
the installation is vulnerable.
Product
specially crafted .blend file and enticing the user to open it.
These are the steps to reproduce the issue:
. Open the "Text Editor" Panel.
. Right click on the canvas and select "New".
. Write your python code there. For instance:
/-----
import os
os.system("calc.exe")
CA IT Client Manager r12
dtscore11.dll
C:\Program Files\CA\SC\DTS\bin
2. Right click on the file and select Properties.
3. Select the General tab.
4. If the file date is earlier than indicated in the below
table, the installation is vulnerable.
Product
1. Using Windows Explorer, locate the file "caloggerd.exe". By
default, the file is located in the
"C:\Program Files\CA\BrightStor ARCserve Backup" directory.
2. Right click on the file and select Properties.
3. Select the General tab.
4. If the file timestamp is earlier than indicated in the below
table, the installation is vulnerable.
Vulnerability description:
--------------------------
The problem specifically exists because SYSTEM privileges are not
dropped when accessing the GSC properties from the System Tray applet.
The vulnerability can be exploited by right-clicking the System Tray
icon, choosing "Log", right click "Event Viewer", "Open Log File...".
The opened file selected can be abused by navigating to C:\WINDOWS
\SYSTEM32\, right-clicking cmd.exe, then selecting "Open"; doing so
spawns a command shell with SYSTEM privileges.
4) Find the item for "DownloadManager Control" and verify that the
version is "2,2,4,8" or higher.
* If you wish to uninstall Download Manager, complete this last step:
5) Find the item for "DownloadManager Control", right-click and
select "Remove".
6) When prompted to confirm, choose "Yes".
For Java versions: The java version is not persistently installed. No
for Laptops & Desktops\server
Product: CA Desktop Management Suite 11.2 English
Directory Path: C:\Program Files\CA\DSM\BABLD\MGUI
Product: CA Desktop Management Suite 11.2 localized
Directory Path: C:\Program Files\CA\DSM\BABLD\MGUI
2. Right click on the files and select Properties.
3. Select the General tab.
4. If the file date is earlier than indicated in the below
table, the installation is vulnerable.
Product File Name File Date / Size
"SiteKiosk is a software for public access internet terminals and lets you turn any computer into a secure multilanguage Internet terminal (already 20 different languages included), allowing the user to access the Internet but protecting the underlying operating system and files. Possible uses include presentations, exhibitions, libraries, and more. SiteKiosk works with normal displays and Touchscreens. A keyboard doesn't even have to be attached -- text can be entered via a keypad with a mouse. Plentiful options let you decide the amount of security your kiosk needs, from hard-disk protection to prohibiting specific Websites. The program can be used with either a direct network connection or Dial-Up Networking, providing Internet access "on demand." Other features include multiple-window support, automatic shutdown/restart, Shell-Replacement, hard-disk protection, thorough event-logging support, Log-Out Button, content-advisor, great website filtering (with automatic update)
, an easy-to-use configuration wizard, and more. SiteKiosk supports different payment methods like coin machines, bill acceptors, smart cards and others. Also very nice is the webcam support which enables users to send voice, video and photo emails. It is also possible to administer terminals by remote. SiteKiosk uses Internet Explorer as its basis but presents a much simplified interface that even the novice user will understand. Excellent online help is included."
[x] Attack Information
SiteKiosk tries to block and avoid file downloads. If you click on a link which saves a file automatically on your hard drive (e.g. an exe download link) or if you right click something and select "save as..." a window will pop up which says that it isn't possible to download the file. But you can bypass the issue with a special url - you've got to use the "about:"-url. SiteKiosk uses the microsoft internet explorer engine to display web sites, so you can also use "about:" to display anything directloy from the url. For example "about:hello" will display the text "hello" directly in the browser. Of course you can use HTML too: "about:<b>hello</b>" will display the text "hello" bold. Normally this is harmless, but in SiteKiosk you can use it to download files.
[x] Exploit
Just access this url:
Next Page>>
|
