Search:Vulnerability:19.08.2005 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Unauthorized Cisco Clean Access virus isolation solution API access
updated since 17.08.2005
Published: 19.08.2005
Source: FULL-DISCLOSURE
SecurityVulns ID: 5112
Type: local
Level: 5/10

Affected: CISCO : Cisco Clean Access 3.3
CISCO : Cisco Clean Access 3.4
CISCO : Cisco Clean Access 3.5
CVE: CVE-2005-4825 (Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332.)
CVE-2005-4825 (Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332.)
CVE-2005-4332 (Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admin/uploadclient.jsp, (2) apply_firmware_action.jsp, and (3) file.jsp.)

Original document llhansen-bugtraq_(at)_adams.edu, Cisco Clean Access Agent (Perfigo) bypass (19.08.2005)

CISCO, [Full-disclosure] Cisco Security Advisory: Cisco Clean Access Unauthenticated API Access (17.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Hauri antivirus directory traversal
Published: 19.08.2005
Source: SECUNIA
SecurityVulns ID: 5125
Type: remote
Level: 6/10
Description: Directory traversal during archive antiviral checking.

Affected: HAURI : ViRobot Expert 4.0
HAURI : ViRobot Linux Server 2.0

Original document SECUNIA, [SA15846] HAURI Anti-Virus Compressed Archive Directory Traversal (19.08.2005)

Discuss: Read or add your comments to this news (0 comments)

libtiff TIFF graphics library DoS
updated since 29.07.2005
Published: 19.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5055
Type: library
Level: 5/10
Description: Crash on zero YCbCr subsampling value.

Affected: LIBTIFF : libtiff 3.6
WXPYTHONGTK : wxPythonGTK 2.5

Original document MANDRIVA, MDKSA-2005:144 - Updated wxPythonGTK packages several vulnerabilities (19.08.2005)

Martin Pitt, [USN-156-1] TIFF vulnerability (29.07.2005)

Discuss: Read or add your comments to this news (0 comments)

tor anonymity, integrity and confidentiality loss
Published: 19.08.2005
Source: FULL-DISCLOSURE
SecurityVulns ID: 5124
Type: m-i-t-m
Level: 6/10
Description: DH handshake flaw causes situation first hop malicious server can lear all keay of client negotiation for the rest of the circuit.

Affected: TOR : tor 0.1

Original document Roger Dingledine, Tor security advisory: DH handshake flaw (19.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Multiple OpenVPN DoS conditions
Published: 19.08.2005
Source: SECUNIA
SecurityVulns ID: 5126
Type: remote
Level: 5/10
Description: Problem with OpenSSL errors handing, memory exhaustion, race conditions.

Affected: OPENVPN : OpenVPN 2.0

Original document SECUNIA, [SA16463] OpenVPN Multiple DoS Vulnerabilities (19.08.2005)

Discuss: Read or add your comments to this news (0 comments)

test server