Computer Security
[EN] securityvulns.ru no-pyccku


Cisco Linksys Wag120n crossite request forgery
Published:28.02.2011
Source:
SecurityVulns ID:11468
Type:remote
Threat Level:
4/10
Description:Web interface crossite request forgery.
Affected:LINKSYS : Linksys WAG120N
Original documentdocumentirancrash_(at)_gmail.com, Linksys Cisco Wag120N CSRF Vulnerability (28.02.2011)

Cisco FWSM / ASA DoS
Published:28.02.2011
Source:
SecurityVulns ID:11470
Type:remote
Threat Level:
6/10
Description:SCCP DoS, packets flood DoS.
Affected:CISCO : Catalyst 6500
 CISCO : Cisco 7600
 CISCO : Cisco ASA 5500
CVE:CVE-2011-0394 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952.)
 CVE-2011-0393 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1 and 7.2 before 7.2(5.2), 8.0 before 8.0(5.21), 8.1 before 8.1(2.49), 8.2 before 8.2(3.6), and 8.3 before 8.3(2.7) and Cisco PIX Security Appliances 500 series devices, when transparent firewall mode is configured but IPv6 is not configured, allow remote attackers to cause a denial of service (packet buffer exhaustion and device outage) via IPv6 traffic, aka Bug ID CSCtj04707.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability (28.02.2011)
 documentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances (28.02.2011)

CA Internet Security / CA Host-Based Intrusion Prevention System code execution
updated since 24.02.2011
Published:28.02.2011
Source:
SecurityVulns ID:11457
Type:client
Threat Level:
6/10
Description:SetXml and Save methods of HIPSEngine component allows to save file to any location.
CVE:CVE-2011-1036 (The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.)
Original documentdocumentCA, CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System (28.02.2011)
 documentZDI, ZDI-11-093: CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability (24.02.2011)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:28.02.2011
Source:
SecurityVulns ID:11465
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPMYADMIN : phpMyAdmin 2.11
 PHPMYADMIN : phpMyAdmin 3.3
 IMAGEVIEW : Imageview 6.0
CVE:CVE-2011-0986 (phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file.)
Original documentdocumentMustLive, Уязвимости в phpMyAdmin (28.02.2011)
 documentdifficult-511_(at)_hotmail.com, Imageview v6.0 Remote [and] Local Directory Traversal Vulnerability (28.02.2011)

Cisco Telepresence multiple security vulnerabilities
Published:28.02.2011
Source:
SecurityVulns ID:11469
Type:remote
Threat Level:
7/10
Description:Unauthorized access, commands injection, information leakage, code execution.
Affected:CISCO : Cisco TelePresence 500
 CISCO : Cisco TelePresence 1300
 CISCO : Cisco TelePresence 3000
 CISCO : Cisco TelePresence 3200
 CISCO : Cisco TelePresence 1000
 CISCO : Cisco TelePresence 1100
 CISCO : TelePresence 1.7
CVE:CVE-2011-0392 (Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833.)
 CVE-2011-0391 (Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad hoc recording" issue, aka Bug ID CSCtf97205.)
 CVE-2011-0390 (The XML-RPC implementation on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, 1.6.x, and 1.7.0 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka Bug ID CSCtj44534.)
 CVE-2011-0389 (Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allow remote attackers to cause a denial of service (process crash) via a crafted Real-Time Transport Control Protocol (RTCP) UDP packet, aka Bug ID CSCth60993.)
 CVE-2011-0388 (Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825.)
 CVE-2011-0387 (The administrative web interface on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote authenticated users to cause a denial of service or have unspecified other impact via vectors involving access to a servlet, aka Bug ID CSCtf97164.)
 CVE-2011-0386 (The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739.)
 CVE-2011-0385 (The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth61065.)
 CVE-2011-0384 (The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug ID CSCtf01253.)
 CVE-2011-0383 (The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008.)
 CVE-2011-0382 (The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a "command injection vulnerability," aka Bug ID CSCtf97221.)
 CVE-2011-0381 (Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to perform unspecified actions and consequently execute arbitrary code via a crafted request to the Java RMI interface, related to a "command injection vulnerability," aka Bug ID CSCtf97085.)
 CVE-2011-0380 (Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication and invoke arbitrary methods via a malformed SOAP request, aka Bug ID CSCtc59562.)
 CVE-2011-0379 (Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote attackers to execute arbitrary code via a crafted Cisco Discovery Protocol packet, aka Bug IDs CSCtd75769, CSCtd75766, CSCtd75754, and CSCtd75761.)
 CVE-2011-0379 (Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote attackers to execute arbitrary code via a crafted Cisco Discovery Protocol packet, aka Bug IDs CSCtd75769, CSCtd75766, CSCtd75754, and CSCtd75761.)
 CVE-2011-0378 (The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587.)
 CVE-2011-0377 (Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed TelePresence Manager that supplies an invalid IP address, aka Bug ID CSCth03605.)
 CVE-2011-0376 (The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x, 1.6.0, and 1.6.1 allows remote attackers to obtain sensitive information via a GET request, aka Bug ID CSCte43876.)
 CVE-2011-0375 (The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCth24671.)
 CVE-2011-0374 (The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31659.)
 CVE-2011-0373 (The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31685.)
 CVE-2011-0372 (The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31640.)
Original documentdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager (28.02.2011)
 documentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch (28.02.2011)
 documentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch (28.02.2011)
 documentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server (28.02.2011)
 documentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices (28.02.2011)

HP Web Jetadmin unauthorized access
Published:28.02.2011
Source:
SecurityVulns ID:11464
Type:local
Threat Level:
4/10
Affected:HP : Web Jetadmin 10.2
CVE:CVE-2011-0278 (Unspecified vulnerability in HP Web Jetadmin 10.2 Service Release 3 and 4 allows local users to bypass intended access restrictions via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBPI02635 SSRT100391 rev.1 - HP Web Jetadmin Running on Windows, Local Unauthorized Access to Managed Resources (28.02.2011)

pam-pgsql buffer overflow
Published:28.02.2011
Source:
SecurityVulns ID:11466
Type:library
Threat Level:
6/10
Description:Buffer overflow via IP address.
Affected:LINUX : pam-pgsql 0.7
Original documentdocumentDEBIAN, [SECURITY] [DSA 2173-1] pam-pgsql security update (28.02.2011)

Altigen VoIP Phone Systems buffer overflow
Published:28.02.2011
Source:
SecurityVulns ID:11467
Type:remote
Threat Level:
6/10
Description:Heap buffer overflow on SIP/TLS (TCP/5061) network packet parsing.
Original documentdocumentPatrick Kelley, DoS Condition with Altigen VoIP Phone Systems (28.02.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod