Next Page >>
system configuration
files, input passed to the content of these feedbacks is not properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site
Solution: This issue can be solved activating "Secure Editing" in Portal
(System Configuration -> System Configuration -> Knowledge management (in detailed Navigation) -> Utilities -> Editing -> HTML Editing)
Hence this issue can be solved via configuration - for more details see
http://help.sap.com/saphelp_nw70/helpdata/EN/44/4cd511c6233f8ee10000000a1553f7/frameset.htm
NetWeaver 04 (6.40) SP17: http://help.sap.com/saphelp_nw04/helpdata/en/44/4d3ef6b5ac2152e10000000a114a6b/frameset.htm
8.14.1 Proof of concept exploit
To view the /etc/passwd file
1) Browse to
http://localhost/test/cutenews/index.php?mod=options&action=syscon
2) Change the skin variable on the System Configuration
3) Intercept the POST and change the form variables, i.e.
save_con%5Bskin%5D=../../../../../../../../../../../../../../../../etc/passwd%00
4) Load any page and the /etc/passwd will be included
To execute abitrary code
=======
Cisco Wireless Control System (WCS) contains a SQL injection
vulnerability that could allow an authenticated attacker full access
to the vulnerable device, including modification of system
configuration; create, modify and delete users; or modify the
configuration of wireless devices managed by WCS.
Cisco has released free software updates that address this
vulnerability.
=======
Cisco TelePresence Recording Server Software Release 1.7.2.0 includes
a root administrator account that is enabled by default. Successful
exploitation of the vulnerability could allow a remote attacker to
use these default credentials to modify the system configuration and
settings.
A workaround exists to mitigate this vulnerability.
Cisco has released free software updates that address this
Copyright (c) 1995-2004 by Cisco Systems
NMP S/W compiled on Aug 27 2004, 20:05:14
System Bootstrap Version: 7.1(1)
System Boot Image File is 'disk0:cat6000-sup2k8.7-6-9.bin'
System Configuration register is 0x2102
Hardware Version: 3.0 Model: WS-C6506 Serial #: TBA05360375
PS1 Module: WS-CAC-1300W Serial #: ACP05061071
PS2 Module: WS-CAC-1300W Serial #: ACP05060407
This device is very common due to the affordable price and versatility.
For these reasons it is widely installed by large telecom providers in all Europe
(e.g. In Poland, Orange is currently deploying this device for its residential DSL).
This device is prone to an authentication bypass vulnerability which permits
to retrieve the complete system configuration as well as the services
credentials (e.g. web console, wifi network).
====================================================
4) Vulnerability Details
If the procedure above is not chosen, the vulnerability can be worked around by limiting login access and restricting privileges for Storage Essentials users.
Limit login access to the Storage Essentials management server file system to those who need to know the access credentials of the elements managed by Storage Essentials.
Do not give users “Domain Admin” privileges unless necessary.
Do not give users a role with “System Configuration” rights unless necessary.
PRODUCT SPECIFIC INFORMATION
None
HISTORY
Non-vulnerable versions of the conversion utility force the administrator to
change both account passwords.
More information about the conversion utility is available in the Conversion of
a WLSE Autonomous Deployment to a WCS Controller Deployment appendix in the
Cisco Wireless Control System Configuration Guide.
Vulnerability Scoring Details
=============================
Cisco is providing scores for the vulnerabilities in this advisory based on the
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://corporate.secunia.com/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
8) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://corporate.secunia.com/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://corporate.secunia.com/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
The Management Center for Cisco Security Agent is affected by a
vulnerability that could allow an unauthenticated attacker to perform
remote code execution on the affected device. A successful exploit
could allow the attacker to modify agent policies and system
configuration and perform other administrative tasks.
Note: This vulnerability can be exploited only by sending certain
packets to the web management interface, which by default listens on
TCP port 443.
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
8) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
Next Page>>
|
