Next Page >>
section
* NAT for Session Initiation Protocol (SIP)
* NAT for H.323
The preferred method to verify whether NAT is enabled on a Cisco IOS
device is to log in to the device and issue the "show ip nat
statistics" command. If NAT is active the sections Outside interfaces
and Inside interfaces will each include at least one interface. The
following example shows a device on which the NAT feature is active:
Router#show ip nat statistics
|------------+--------------------------+---------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.1YI | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+--------------------------+---------------------------|
| 12.1YJ | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| Affected | | First Fixed Release for |
| 12.2-Based | First Fixed Release for | All Advisories in the |
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2EWA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+-----------------------+-----------------------|
| 12.2EY | Not vulnerable | 12.2(58)EY |
|------------+---------------------------+--------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.2IRC | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+---------------------------+--------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.2IRD | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
|------------+--------------------------+---------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.2CZ | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+--------------------------+---------------------------|
| 12.2DA | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| 12.2DD | Not Vulnerable | Vulnerable; first fixed |
| | | in 12.4T |
|------------+--------------------------+---------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.2CZ | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+--------------------------+---------------------------|
| 12.2DA | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| 12.2DD | Not Vulnerable | Vulnerable; first fixed |
| | | in 12.4T |
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2EWA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+-----------------------+-----------------------|
| 12.2EY | Not vulnerable | 12.2(58)EY |
|------------+--------------------+--------------------------|
| | | Vulnerable; contact your |
| | | support organization per |
| 12.2EWA | Not vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this |
| | | advisory. |
|------------+--------------------+--------------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+--------------------+--------------------------|
| 12.2EY | Not vulnerable | 12.2(58)EY |
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2EWA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+-----------------------+-----------------------|
| 12.2EY | Not vulnerable | 12.2(58)EY |
|------------+------------------+----------------------------|
| | | Vulnerable; contact your |
| | | support organization per |
| 12.2EWA | Not vulnerable | the instructions in the |
| | | Obtaining Fixed Software |
| | | section of this advisory. |
|------------+------------------+----------------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+------------------+----------------------------|
| 12.2EY | Not vulnerable | 12.2(58)EY |
|------------+------------------+----------------------------|
| | | vulnerable. |
|------------+--------------+--------------------------------|
| | | Vulnerable; contact your |
| | Not | support organization per the |
| 12.2EWA | vulnerable | instructions in the Obtaining |
| | | Fixed Software section of this |
| | | advisory. |
|------------+--------------+--------------------------------|
| 12.2EX | Not | 12.2(55)EX3 |
| | vulnerable | |
|------------+--------------+--------------------------------|
|------------+----------------+------------------------------|
| | | Vulnerable; contact your |
| | | support organization per the |
| 12.2EWA | Not vulnerable | instructions in the |
| | | Obtaining Fixed Software |
| | | section of this advisory. |
|------------+----------------+------------------------------|
| 12.2EX | 12.2(55)EX3 | 12.2(55)EX3 |
|------------+----------------+------------------------------|
| 12.2EY | 12.2(58)EY | 12.2(58)EY |
|------------+----------------+------------------------------|
|------------+---------------------------+--------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.3JEC | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+---------------------------+--------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.3JED | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
|------------+---------------------------+---------------------------|
| | Vulnerable; Contact your | Vulnerable; Contact your |
| | support organization per | support organization per |
| 12.4GC | the instructions in | the instructions in |
| | Obtaining Fixed Software | Obtaining Fixed Software |
| | section of this advisory | section of this advisory |
|------------+---------------------------+---------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.4JA | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
|------------+---------------------------------------+--------------|
| 12.2YG | Not Vulnerable | |
|------------+---------------------------------------+--------------|
| | Vulnerable; Contact your support | |
| 12.2YH | organization per the instructions in | |
| | Obtaining Fixed Software section of | |
| | this advisory | |
|------------+---------------------------------------+--------------|
| | Vulnerable; Contact your support | |
| 12.2YJ | organization per the instructions in | |
| | Obtaining Fixed Software section of | |
142 |public function getCommand( ipsRegistry $registry )
143 |{
144 | $_NOW = IPSDebug::getMemoryDebugFlag();
145 |
146 | $module = ipsRegistry::$current_module;
147 | $section = ipsRegistry::$current_section;
148 | $filepath = IPSLib::getAppDir( IPS_APP_COMPONENT ) .
'/' . self::$modules_dir . '/' . $module . '/';
149 |
150 | /* Got a section? */
151 | if ( ! $section )
####################
2. Vulnerabilities:
####################
2.1. Insecure Direct Object Reference [in "bs_login.asp"]. Everyone can change admin password.
2.1.1. Exploit:
Check the exploit section.
2.2. Insecure Direct Object Reference [in "bs_login.asp"]. Everyone can edit all the site info., such as admin email address.
2.2.1. Exploit:
Check the exploit section.
2.3. Insecure Direct Object Reference [in "bs_login.asp"]. Everyone can edit all the site design. (Also, all the site settings can be changed by other parameters)
2.3.1. Exploit:
configured for Cisco IOS SSL VPNs and is vulnerable:
If the output from show running-config | include webvpn contains
"webvpn gateway <word>" then the device is supporting the Cisco IOS
SSL VPN feature. A device is vulnerable if it has the inservice
command in at least one of the "webvpn gateway" sections and is
configured for HTTP port redirection. The following example shows a
vulnerable device configured with Cisco IOS SSL VPN:
Router#show running | section webvpn
webvpn gateway Gateway
Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst
6500 Series ASA Services Module are affected by multiple
vulnerabilities. Affected versions of Cisco ASA Software will vary
depending on the specific vulnerability. Consult the "Software
Versions and Fixes" section of this security advisory for more
information about the affected version.
Cisco PIX Security Appliances may be affected by some of the
vulnerabilities described in this security advisory. Cisco PIX has
reached end of maintenance support. Cisco PIX Security Appliance
4. Select the Version link, which is displayed on the right side of
the top of the page.
5. The Client Build version is displayed in a pop-up window.
There is currently no fixed version for the WBS 25-based WebEx
meeting service. This section of the Security Advisory will be
updated when fixed version information is available.
For the WBS 23 version:
Servers that run WBS 23-based WebEx meeting service display version
####################
2. Vulnerabilities:
####################
2.1. Injection Flaws, Cross Site Scripting (XSS). SQL Injection in "/ansFAQ.asp" in "id" parameter. Reflected XSS attack in "/ansFAQ.asp" in "topic" and "button" parameters.
2.1.1. Exploit:
Check the exploit/POC section.
2.2. Injection Flaws. SQL Injection in "preview.asp" in "template_id" parameter.
2.2.1. Exploit:
Check the exploit/POC section.
2.3. Information Leakage. Database path disclosure in "/cms/include/trigger.asp" and/or "/cms/include/common2.asp".
2.3.1. Exploit:
####################
2. Vulnerabilities:
####################
2.1. Directory Traversal in "/download.php" in "dfile" parameter.
2.1.1. Exploit:
Check the exploit/POC section.
2.2. Injection Flaws. SQL Injection in "/rating.php" in "book_id" parameter.
2.2.1. Exploit:
Check the exploit/POC section.
2.3. Cross Site Scripting (XSS). Reflected XSS attack in "/login.php" in URL parameters.
2.3.1. Exploit:
####################
2. Vulnerabilities:
####################
2.1. Directory Traversal in "/download.php" in "dfile" parameter.
2.1.1. Exploit:
Check the exploit/POC section.
2.2. Injection Flaws. SQL Injection in "/rating.php" in "book_id" parameter.
2.2.1. Exploit:
Check the exploit/POC section.
2.3. Cross Site Scripting (XSS). Reflected XSS attack in "/login.php" in URL parameters.
2.3.1. Exploit:
####################
2. Vulnerabilities:
####################
2.1. Directory Traversal in "/download.php" in "dfile" parameter.
2.1.1. Exploit:
Check the exploit/POC section.
2.2. Injection Flaws. SQL Injection in "/rating.php" in "book_id" parameter.
2.2.1. Exploit:
Check the exploit/POC section.
2.3. Cross Site Scripting (XSS). Reflected XSS attack in "/login.php" in URL parameters.
2.3.1. Exploit:
####################
2. Vulnerabilities:
####################
2.1. Injection Flaws, Cross Site Scripting (XSS). SQL Injection in "/ansFAQ.asp" in "id" parameter. Reflected XSS attack in "/ansFAQ.asp" in "topic" and "button" parameters.
2.1.1. Exploit:
Check the exploit/POC section.
2.2. Injection Flaws. SQL Injection in "preview.asp" in "template_id" parameter.
2.2.1. Exploit:
Check the exploit/POC section.
2.3. Information Leakage. Database path disclosure in "/cms/include/trigger.asp" and/or "/cms/include/common2.asp".
2.3.1. Exploit:
####################
2. Vulnerabilities:
####################
2.1. Injection Flaws, Cross Site Scripting (XSS). SQL Injection in "/ansFAQ.asp" in "id" parameter. Reflected XSS attack in "/ansFAQ.asp" in "topic" and "button" parameters.
2.1.1. Exploit:
Check the exploit/POC section.
2.2. Injection Flaws. SQL Injection in "preview.asp" in "template_id" parameter.
2.2.1. Exploit:
Check the exploit/POC section.
2.3. Information Leakage. Database path disclosure in "/cms/include/trigger.asp" and/or "/cms/include/common2.asp".
2.3.1. Exploit:
- -----/
According to the .MBM format [3], the structure of an MBM is the
following (beginning with a Header Section):
/-----
Offset Size Data Description
0000 ID 37 00 00 10 UID1: Header Section layout
8. *Technical Description*
8.1 A Reflected Cross Site Scripting vulnerability was found in the
"productStoreId" variable within the 'Export Product Listing' section.
When rendering menu widget item links of type hidden-form, the hidden
input value attributes were not being html encoded. In many cases these
hidden input values are derived from request parameters and could be used
in a Reflected Cross-Site Scripting attack.
Details:
========
Multiple persistent input validation vulnerabilities are detected in the Kayako Fusion v4.51.1891 Web Application.
The vulnerability typus allows an attacker to inject own malicious script code in the vulnerable module on application side (persistent).
The first vulnerability is located in the Tickets section when processing to request via the the `Escalation` module the bound
vulnerable add_tags & remove_tags application parameters. The persistent injected script code will be executed directly out of
the `add` section when processing to edit the earlier inserted dbms context.
The secound vulnerability is located in the Base section when processing to request via the `Manage` module the bound vulnerable
`CustomFieldGroup > eMail` application listing. The persistent injected script code will be executed directly out of the `usergroup`
server is running software version T27 SP25 EP4.
To determine whether a Cisco WebEx meeting site is running an
affected version of the WebEx client build, users can log in to
their Cisco WebEx meeting site and go to the Support > Downloads
section. The version of the WebEx client build will be displayed
on the right side of the page under "About Support Center." See
"Software Versions and Fixes" for details.
Cisco recommends that users upgrade to the most current version
of the player that is available from www.webex.com/
Next Page>>
|
