Next Page >>
web/based
____________________________________________________________________________
Armorlogic Profense Web Application Firewall 2.4 multiple vulnerabilities.
____________________________________________________________________________
An advisory by EnableSecurity.
Trustwave published a joint advisory named TWSL2009-001
ID: ES-20090500
Severity : High
Local/Remote : Remote
[Vulnerability Details]
Modsecurity is an Open source Web Application firewall which runs as an Apache
module. It has a comprehensive set of rules called 'ModSecurity Core
Rules' for common web application
attacks like SQL Injection, Cross-Site Scripting etc.
It is possible to bypass the ModSecurity Core Rules due to the
Trustwave's SpiderLabs Security Advisory TWSL2011-006:
IBM Web Application Firewall Bypass
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-006.txt
Published: 2011-06-21
Version: 1.0
Vendor: IBM
Product: IBM Web Application Firewall
444
Introduction:
=============
The Barracuda Web Application Firewall provides superior protection against hackers’ attempts to exploit vulnerabilities
in Web sites or Web applications to steal data, cause denial of service or deface Web sites. By integrating application
delivery capabilities, the Barracuda Web Application Firewall is an affordable and comprehensive application firewall
that can secure Web applications, as well as increase their performance and availability.
provide patches for the current vulnerable versions with the 2.7.3
ftf4 release before August, but this release was not confirmed yet
(see the timeline for more details). In the meantime, users can
mitigate these flaws by applying these countermeasures:
1. For [CVE-2010-1929 | 40480], establish a Web Application
Firewall rule for limiting the length of the parameters
'EnteredClassID' and 'NewClassName' in POST requests to the URI
'/nps/servlet/webacc/'.
2. For [CVE-2010-1930 | 40485], establish a Web Application
Firewall rule for limiting the length of the parameter 'Tree' in POST
Introduction
Internet security threats are migrating from pure network-level attacks
to web server and web application attacks. The web application itself
has become the new security perimeter, and is wide open to the new
generation of attacks. That's the reason why is very important for IT
security staff to have cutting- edge knowledge of web application
security vulnerability testing techniques and tools.
497
Introduction:
=============
osCMax is a powerful e-commerce/shopping cart web application. There are many advantages to using osCMax as your
e-commerce/shopping cart for your web site. It has all the features needed to run a successful internet store
and can be customized to whatever configuration you need. osCmax is community developed software that is free,
open source and hosted on your own web server. It is easy enough to use for small startup stores and feature
rich to support very large operations that need more advanced eCommerce features. There are no artificial limits
placed on the feature set, amount of products or sales amounts which is commonly seen with paid or
5-1-0-44-3
5-1-0-44-6
acs51a/admin#
* On the main login page of the Cisco Secure ACS web-based
interface, the version information is displayed on the left side
of the screen.
* From the Cisco Secure ACS web-based interface, log in and click
the "About" link at the top right corner of the screen.
> EVNNOTE LIKE '%SQL INJECTION TEST%')
) And
(EvnFolder='Files')
----- /Query 2 ---------------------------------------------------------
Data is only returned from the database to the web application when both
queries are syntactically correct. Due to a different nesting level of
parentheses around the SQL queries' user-manipulable parts, successful
(non-blind) SQL injection requires the use of two elements within the
original HTTP POST request.
####################
1. Description:
####################
Xigla company has several web based products (From content management systems to live help solutions) to enhance the websites.
1.1. Absolute Live Support XE: Absolute Live Support is a live customer support software for your web site that enables visitors to instantaneously communicate with your customer service personnel.
1.2. Absolute News Manager XE: Absolute News Manager is a powerful web site news and article content management system.
1.3. Absolute Banner Manager XE: Absolute Banner Manager is the most complete, robust and easy to use web based banner management and ad tracking software.
1.4. Absolute Form Processor XE: The Absolute Form Processor is a powerful tool for processing your web based HTML forms. You don’t have to waste time developing server code, validation rules , form mailers or auto responders for your web forms, this application does all this for you.
1.5. Absolute Image Gallery XE: The complete and powerful media gallery software that makes creating and maintaining images and multimedia galleries a snap. The code resides on your web server and searches your web site for new images and files to add to your gallery.
CSS10-01: Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vulnerability
April 5, 2010
BACKGROUND
==========
The Imperva SecureSphere Web Application Firewall protects web
applications and sensitive data against sophisticated attacks and
brute force attacks, stops online identity theft, and prevents data
leaks from applications. The Imperva SecureSphere Database Firewall
monitors and proactively protects databases from internal abuse,
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Web-based
Management Vulnerability
Document ID: 97836
Advisory ID: cisco-sa-20071017-IPCC
Security Advisory
---------------------------------------
Vulnerable Software: radware AppWall Web Application Firewall
Vulnerable Version: Gateway Version 4.6.0.2 / AppWall Version
1.0.2.6
Homepage: http://www.radware.com/
Found by: Michael Kirchner, Wolfgang Neudorfer,
Lukas Nothdurfter (Team h4ck!nb3rg)
Impact: Source code disclosure on management interface
Security Advisory
---------------------------------------
Vulnerable Software: Artofdefence Hyperguard Web Application Firewall
Vulnerable Version: 3 branches: prior to 3.1.1-11637; prior to
3.0.3-11636; prior to 2.5.5-11635 (Apache Plug-in)
Homepage: http://www.artofdefence.com/
Found by: Michael Kirchner, Wolfgang Neudorfer,
Lukas Nothdurfter (Team h4ck!nb3rg)
Impact: Remote Denial of Service
Security Advisory
---------------------------------------
Vulnerable Software: phion airlock Web Application Firewall
Vulnerable Version: 4.1-10.41
Homepage: http://www.phion.com/
Found by: Michael Kirchner, Wolfgang Neudorfer,
Lukas Nothdurfter (Team h4ck!nb3rg)
Impact: Remote Denial of Service via Management
Interface (unauthenticated) and Command Execution
7. *Technical Description / Proof of Concept Code*
Cross-Site Scripting (commonly referred to as XSS) bugs arise from a web
application's improper encoding or filtering of input obtained from
untrusted sources. These bugs allow an attacker to inject malicious tags
and/or script code that is later executed in the context of a web
browser when the user accesses the vulnerable web site. The injected
code then takes advantage of the trust relationship between the web
browser and the vulnerable web application. Attacks that exploit XSS
of PoC code, discussion of fixes, etc.
___________________________________________________________________________
Overview:
Hash tables are a commonly used data structure in most programming
languages. Web application servers or platforms commonly parse
attacker-controlled POST form data into hash tables automatically, so
that they can be accessed by application developers.
If the language does not provide a randomized hash function or the
application server does not recognize attacks using multi-collisions, an
(sorry for the span and for receiving multiple copies of this)
Best regards,
2nd. OWASP Ibero-American Web-Applications Security conference 2010 (IBWAS’10)
ISCTE – Lisbon University Institute
25th – 26th November 2010
Lisboa, Portugal
http://www.ibwas.com
Published: 2010-02-08 Version: 1.1
SpiderLabs has documented view state tampering
vulnerabilities in three products from separate vendors.
View states are used by some web application frameworks to
store the state of HTML GUI controls. View states are
typically stored in hidden client-side input fields,
although server-side storage is widely supported.
The affected vendors generally recommend that client-side
> Researcher : Mesut Timur <mesut [at] mavitunasecurity [dot] com>
> Advisory Reference : NS-11-004
>
> Description
> ------------------
> Redmine is a flexible project management web application written using
> Ruby on Rails framework.
>
> Details
> -------------------
> Redmine is affected by a XSS vulnerability in versions from 1.0.1 to 1.1.1.
(Copy of the Vendor Homepage: http://en.wikipedia.org/wiki/DirectAdmin )
Abstract:
=========
A Vulnerability Laboratory Researcher discovered a Cross Site Scripting Vulnerability on DirectAdmins Management Web-Application.
Report-Timeline:
================
2012-03-31: Vendor Notification
II. DESCRIPTION
Stefan Friedli at scip AG (Switzerland) found an input validation error
within the current release, which enabled an attacker to perform various
web-based attacks.
The initial logon script at /Login/Login, that is being used for
unauthenticated users to log in, fails to perform proper input
validation on the data that is being submitted via HTTP POST. While
certain fields are escaped before being sent back to users browser, the
renders the XSS protection for the time parameter ineffective. An
attacker can therefore perform an XSS attack using the time attribute.
Mitigation:
6.0.x users should do one of the following:
- remove the examples web application
- apply this patch http://svn.apache.org/viewvc?rev=750924&view=rev
- upgrade to 6.0.19 when released
5.5.x users should do one of the following:
- remove the examples web application
- apply this patch http://svn.apache.org/viewvc?rev=750928&view=rev
Details
=======
The Cisco AVS 3110 and 3120 are enterprise data center appliances for
improving web application performance, measuring end-user response
time, and managing application security. The Cisco AVS 3120 enforces
application security with an integrated web application firewall. The
Cisco AVS 3180 and 3180A Management Stations provide web-based tools for
the configuration and application performance monitoring for a cluster
of AVS 3110s and 3120s or individual nodes.
Description:
------------
Cyrill Brunschwiler, Security Analyst at Compass Security Network
Computing,
Switzerland discovered a web application issue based OS command
execution flaw
in the OpenKM solution. OpenKM does allow administrative users (having
the
AdminRole) to run bean shell scripts. Due to the flaw, an attacker could
lure
Published: 2010-02-08 Version: 1.1
SpiderLabs has documented view state tampering
vulnerabilities in three products from separate vendors.
View states are used by some web application frameworks to
store the state of HTML GUI controls. View states are
typically stored in hidden client-side input fields,
although server-side storage is widely supported.
The affected vendors generally recommend that client-side
Details:
========
1.1
A remote SQL Injection vulnerability is detected on LandShops Web Application v0.9.2.
The vulnerability allows an attacker (remote) or local low privileged user account to inject/execute own sql commands
on the affected application dbms. Successful exploitation of the vulnerability results in dbms & application compromise.
Vulnerable Module(s):
[+] admin/action/objects.php [OB_ID=106]
Moderator note: this copy of the post has a corrected URL.
CORE GRASP for PHP is a web-application protection software aimed at
detecting and blocking injection vulnerabilities and privacy violations.
As mentioned during its presentation at Black Hat USA 2007, GRASP is
being released as open source under the Apache 2.0 license and can be
obtained from http://grasp.coresecurity.com/.
The present implementation protects PHP 5.2.3 against SQL-injection
attacks for the MySQL engine, it can be installed with almost the same
Published: 2010-02-08 Version: 1.1
SpiderLabs has documented view state tampering
vulnerabilities in three products from separate vendors.
View states are used by some web application frameworks to
store the state of HTML GUI controls. View states are
typically stored in hidden client-side input fields,
although server-side storage is widely supported.
The affected vendors generally recommend that client-side
CORE GRASP for PHP is a web-application protection software aimed at
detecting and blocking injection vulnerabilities and privacy violations.
As mentioned during its presentation at Black Hat USA 2007, GRASP is
being released as open source under the Apache 2.0 license and can be
obtained from http://gasp.coresecurity.com/.
The present implementation protects PHP 5.2.3 against SQL-injection
attacks for the MySQL engine, it can be installed with almost the same
effort as the PHP engine, both in Unix and Windows systems, and
protection is immediate with any PHP web application running in the
Next Page>>
|
