Resumen de las últimas vulnerabilidades descubiertas y dentro de la base de datos de Qualys.
______________________________________________________________________
@RISK: The Consensus Security Vulnerability Alert
Week 24 2011
______________________________________________________________________
Summary of Updates and Vulnerabilities in this Consensus
Platform Number of Updates and Vulnerabilities
------------------------- -------------------------------------
Novell 2
Cross Platform 15 (#1,#2,#3)
Web Application - Cross Site Scripting 3
Web Application 1
Network Device 1
Hardware 5
***************************************************************************
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys
(www.qualys.com)
-- Novell
11.24.1 - Novell Data Synchronizer User Account Unspecified Unauthorized Access Vulnerability
11.24.2 - Novell iPrint Client Multiple Remote Code Execution Vulnerabilities
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys
(www.qualys.com)
-- Novell
11.24.1 - Novell Data Synchronizer User Account Unspecified Unauthorized Access Vulnerability
11.24.2 - Novell iPrint Client Multiple Remote Code Execution Vulnerabilities
-- Cross Platform
11.24.3 - Erlang/OTP SSH Library Random Number Generator Weakness
11.24.4 - Wireshark Multiple Denial of Service Vulnerabilities
11.24.5 - Citadel XML Parsing Denial of Service
11.24.6 - Ejabberd XML Parsing Denial of Service
11.24.7 - HP LoadRunner Virtual User Script Files Remote Buffer Overflow Vulnerability
11.24.8 - Cisco AnyConnect Secure Mobility Client Two Vulnerabilities
11.24.9 - Subversion "mod_dav_svn" Multiple Denial of Service and Information Disclosure Vulnerabilities 11.24.10 - Asterisk "C ontact" Header SIP Channel Driver Denial of Service Vulnerability
11.24.11 - VMware products "Mount.vmhgfs" Multiple Security Vulnerabilities
11.24.12 - Adobe Flash Player Cross-Site Scripting
11.24.13 - GeeNian OpenDrive Local Password Encryption Weakness
11.24.14 - LuaExpat SAX XML Parsing Denial of Service
11.24.15 - Prosody XML Parsing Denial of Service
11.24.16 - Google Chrome Multiple Security Vulnerabilities
11.24.17 - Oracle Java SE and Java for Business Multiple Remote Java Runtime Environment Vulnerabilities
11.24.3 - Erlang/OTP SSH Library Random Number Generator Weakness
11.24.4 - Wireshark Multiple Denial of Service Vulnerabilities
11.24.5 - Citadel XML Parsing Denial of Service
11.24.6 - Ejabberd XML Parsing Denial of Service
11.24.7 - HP LoadRunner Virtual User Script Files Remote Buffer Overflow Vulnerability
11.24.8 - Cisco AnyConnect Secure Mobility Client Two Vulnerabilities
11.24.9 - Subversion "mod_dav_svn" Multiple Denial of Service and Information Disclosure Vulnerabilities 11.24.10 - Asterisk "C ontact" Header SIP Channel Driver Denial of Service Vulnerability
11.24.11 - VMware products "Mount.vmhgfs" Multiple Security Vulnerabilities
11.24.12 - Adobe Flash Player Cross-Site Scripting
11.24.13 - GeeNian OpenDrive Local Password Encryption Weakness
11.24.14 - LuaExpat SAX XML Parsing Denial of Service
11.24.15 - Prosody XML Parsing Denial of Service
11.24.16 - Google Chrome Multiple Security Vulnerabilities
11.24.17 - Oracle Java SE and Java for Business Multiple Remote Java Runtime Environment Vulnerabilities
-- Web Application - Cross Site Scripting
11.24.18 - Nagios "expand" Parameter Cross-Site Scripting Vulnerability
11.24.19 - MultiModem iSMS Multiple Cross-Site Scripting Vulnerabilities 11.24.20 - vBulletin vBExperience "sortorder" Parameter Cross-Site Scripting Vulnerability
11.24.18 - Nagios "expand" Parameter Cross-Site Scripting Vulnerability
11.24.19 - MultiModem iSMS Multiple Cross-Site Scripting Vulnerabilities 11.24.20 - vBulletin vBExperience "sortorder" Parameter Cross-Site Scripting Vulnerability
-- Web Application
11.24.21 - WebSVN "path" Parameter Remote Command Injection Vulnerability
11.24.21 - WebSVN "path" Parameter Remote Command Injection Vulnerability
-- Network Device
11.24.22 - NetGear WNDAP350 Wireless Access Point Multiple Information Disclosure Vulnerabilities
11.24.22 - NetGear WNDAP350 Wireless Access Point Multiple Information Disclosure Vulnerabilities
-- Hardware
11.24.23 - Cisco CNS Network Registrar Default Credentials Authentication Bypass Vulnerability
11.24.24 - Cisco Media Experience Engine 5600 Default Credentials Authentication Bypass
11.24.25 - Cisco 7900 Series Unified IP Phone Multiple Vulnerabilities
11.24.26 - MODACOM URoad-5000 Security Bypass Vulnerability and Remote Command Execution Vulnerability
11.24.27 - IP Power 9258 TGI Scripts Unauthorized Access Vulnerability ______________________________________________________________________
PART I Critical Vulnerabilities
Part I for this issue has been compiled by Josh Bronson at TippingPoint, a division of HP, as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/risk/#process
*************************************************************
(1) HIGH: Oracle Java Multiple Security Vulnerabilities
Affected:
Oracle Java JDK and JRE 6 Update 25 and earlier Oracle Java JDK 5.0 Update 29 and earlier Oracle Java SDK 1.4.2_31 and earlier
Description: Oracle has released a patch addressing multiple security vulnerabilities in its Java virtual machine. The vulnerabilities include multiple buffer overflows in the code responsible for parsing ICC Color profiles and a command injection vulnerability in Java webstart. The buffer overflows result from errors allocating buffer sizes that are based on user-provided lengths, which can be caused to overflow in some cases, resulting in insufficient buffer space being allocated. The command injection vulnerability results from unsanitized parameters being passed to a java process on the command line, allowing an attacker to execute arbitrary code. By enticing a target to view a malicious site, an attacker can exploit these vulnerabilities on the target's machine with the permissions of the currently logged-in user.
Status: vendor confirmed, updates available
References:
Vendor Site
http://www.oracle.com
Oracle Patch Update Advisory
http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html
Zero Day Initiative Advisories
http://www.zerodayinitiative.com/advisories/ZDI-11-182
http://www.zerodayinitiative.com/advisories/ZDI-11-183
http://www.zerodayinitiative.com/advisories/ZDI-11-184
http://www.zerodayinitiative.com/advisories/ZDI-11-185
http://www.zerodayinitiative.com/advisories/ZDI-11-186
http://www.zerodayinitiative.com/advisories/ZDI-11-187
http://www.zerodayinitiative.com/advisories/ZDI-11-188
http://www.zerodayinitiative.com/advisories/ZDI-11-189
http://www.zerodayinitiative.com/advisories/ZDI-11-190
http://www.zerodayinitiative.com/advisories/ZDI-11-191
http://www.zerodayinitiative.com/advisories/ZDI-11-129
11.24.23 - Cisco CNS Network Registrar Default Credentials Authentication Bypass Vulnerability
11.24.24 - Cisco Media Experience Engine 5600 Default Credentials Authentication Bypass
11.24.25 - Cisco 7900 Series Unified IP Phone Multiple Vulnerabilities
11.24.26 - MODACOM URoad-5000 Security Bypass Vulnerability and Remote Command Execution Vulnerability
11.24.27 - IP Power 9258 TGI Scripts Unauthorized Access Vulnerability ______________________________________________________________________
PART I Critical Vulnerabilities
Part I for this issue has been compiled by Josh Bronson at TippingPoint, a division of HP, as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/risk/#process
*************************************************************
(1) HIGH: Oracle Java Multiple Security Vulnerabilities
Affected:
Oracle Java JDK and JRE 6 Update 25 and earlier Oracle Java JDK 5.0 Update 29 and earlier Oracle Java SDK 1.4.2_31 and earlier
Description: Oracle has released a patch addressing multiple security vulnerabilities in its Java virtual machine. The vulnerabilities include multiple buffer overflows in the code responsible for parsing ICC Color profiles and a command injection vulnerability in Java webstart. The buffer overflows result from errors allocating buffer sizes that are based on user-provided lengths, which can be caused to overflow in some cases, resulting in insufficient buffer space being allocated. The command injection vulnerability results from unsanitized parameters being passed to a java process on the command line, allowing an attacker to execute arbitrary code. By enticing a target to view a malicious site, an attacker can exploit these vulnerabilities on the target's machine with the permissions of the currently logged-in user.
Status: vendor confirmed, updates available
References:
Vendor Site
http://www.oracle.com
Oracle Patch Update Advisory
http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html
Zero Day Initiative Advisories
http://www.zerodayinitiative.com/advisories/ZDI-11-182
http://www.zerodayinitiative.com/advisories/ZDI-11-183
http://www.zerodayinitiative.com/advisories/ZDI-11-184
http://www.zerodayinitiative.com/advisories/ZDI-11-185
http://www.zerodayinitiative.com/advisories/ZDI-11-186
http://www.zerodayinitiative.com/advisories/ZDI-11-187
http://www.zerodayinitiative.com/advisories/ZDI-11-188
http://www.zerodayinitiative.com/advisories/ZDI-11-189
http://www.zerodayinitiative.com/advisories/ZDI-11-190
http://www.zerodayinitiative.com/advisories/ZDI-11-191
http://www.zerodayinitiative.com/advisories/ZDI-11-129
SecurityFocus BugTraq IDs
http://www.securityfocus.com/bid/48133
http://www.securityfocus.com/bid/48134
http://www.securityfocus.com/bid/48135
http://www.securityfocus.com/bid/48136
http://www.securityfocus.com/bid/48137
http://www.securityfocus.com/bid/48138
http://www.securityfocus.com/bid/48133
http://www.securityfocus.com/bid/48134
http://www.securityfocus.com/bid/48135
http://www.securityfocus.com/bid/48136
http://www.securityfocus.com/bid/48137
http://www.securityfocus.com/bid/48138
http://www.securityfocus.com/bid/48139
http://www.securityfocus.com/bid/48140
http://www.securityfocus.com/bid/48141
http://www.securityfocus.com/bid/48142
http://www.securityfocus.com/bid/48143
http://www.securityfocus.com/bid/48144
http://www.securityfocus.com/bid/48145
http://www.securityfocus.com/bid/48146
http://www.securityfocus.com/bid/48147
http://www.securityfocus.com/bid/48148
http://www.securityfocus.com/bid/48149
*************************************************************
(2) HIGH: Novell iPrint Multiple Vulnerabilities
Affected:
Novell iPrint Client prior to 5.64
Description: Novell has released a patch for multiple security vulnerabilities affecting iPrint, its enterprise printing environment.
The vulnerable code blindly copies user-provided data into a fixed-length buffer on the heap. Because the code can be instantiated as an ActiveX control, an attacker can entice a target into viewing a malicious site and exploit this vulnerability in order to execute arbitrary code on the target's machine. Code will execute in the security context of the browser, which is typically identical to the currently logged-in user.
Status: vendor confirmed, updates available
References:
Vendor Site
http://www.novell.com
Novell iPrint Security Advisories
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008720
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008722
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008723
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008724
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008726
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008727
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008728
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008729
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008730
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008731
Zero Day Initiative Advisories
http://www.zerodayinitiative.com/advisories/ZD I-11-172 /
http://www.zerodayinitiative.com/advisories/ZDI-11-173/
http://www.zerodayinitiative.com/advisories/ZDI-11-174/
http://www.zerodayinitiative.com/advisories/ZDI-11-175/
http://www.zerodayinitiative.com/advisories/ZDI-11-176/
http://www.zerodayinitiative.com/advisories/ZDI-11-177/
http://www.zerodayinitiative.com/advisories/ZDI-11-178/
http://www.zerodayinitiative.com/advisories/ZDI-11-179/
http://www.zerodayinitiative.com/advisories/ZDI-11-180/
http://www.zerodayinitiative.com/advisories/ZDI-11-181/
http://www.zerodayinitiative.com/advisories/ZDI-11-182/
SecurityFocus BugTraq ID
http://www.securityfocus.com/bid/48124
*************************************************************
(3) MEDIUM: Google Chrome Multiple Vulnerabilities
Affected:
Google Chrome prior to 12.0.742.91
Description: Google has released a patch addressing multiple security vulnerabilities in its Chrome web browser. Five of these issues are rated HIGH by Google, and three involve possible memory corruption issues of the type that can often lead to remote code execution. Public explanations of these vulnerabilities are not available.
Status: vendor confirmed, updates available
References:
Vendor Site
http://www.google.com
Google Stable Channel Update
http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+GoogleChromeReleases+%28Google+Chrome+Releases%29&utm_content=Fee
SecurityFocus BugTraq ID
http://www.securityfocus.com/bid/48129
*************************************************************
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys
(www.qualys.com)
This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 11378 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely.
______________________________________________________________________
11.24.1 CVE: CVE-2011-1711
Platform: Novell
Title: Novell Data Synchronizer U ser Acco unt Unspecified Unauthorized Access Vulnerability
Description: Novell Data Synchronizer is a data management application.
The software is exposed to an unspecified unauthorized access issue.
This issue is caused by an unspecified error within the Mobility Pack.
Data Synchronizer 1.1.2 and earlier are affected.
Ref: http://download.novell.com/Download?buildid=dq9zR9J9RzY~
______________________________________________________________________
11.24.2 CVE:
CVE-2011-1708,CVE-2011-1707,CVE-2011-1706,CVE-2011-1705,CVE-2011-1704,
CVE-2011-1703,CVE-2011-1702,CVE-2011-1701,CVE-2011-1700,CVE-2011-1699
Platform: Novell
Title: Novell iPrint Client Multiple Remote Code Execution Vulnerabilities
Description: Novell iPrint Client is a client application for printing over the Internet. The software is exposed to multiple remote code execution issues because of an error in the Netscape/ActiveX compatible browser plugins. Versions prior to Novell iPrint Client
5.64 are affected.
Ref: http://www.securityfocus.com/bid/48124/info
______________________________________________________________________
11.24.3 CVE: CVE-2011-0766
Platform: Cross Platform
Title: Erlang/OTP SSH Library Random Number Generator Weakness
Description: Erlang is a programming language. OTP is a set of Erlang libraries. Erlang/OTP is exposed to a random number generator weakness. This issue occurs because the SSH library uses a weak method to generate the seed used in various encryption and digital signature algorithms. Erlang/OTP ssh library versions before R14B03 are affected.
Ref: http://www.securityfocus.com/bid/47980/info
______________________________________________________________________
11.24.4 CVE: CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175
Platform: Cross Platform
Title: Wireshark Multiple Denial of Service Vulnerabilities
Description: Wireshark (formerly Ethereal) is an application for analyzing network traffic. The application is exposed to multiple vulnerabilities. A denial of service issue occurs due to an infinite loop caused in the DICOM dissector. A denial of service issue occurs due to a corrupted diameter dictionary file. A denial of service issue occurs due to a corrupted snoop file. A denial of service issue occurs due to malformed compressed captured data. A denial of service issue occurs due to a corrupted Visual Networks file. Wireshark versions 1.2.0 to
1.2.16 and 1.4.0 to 1.4.6 are affected.
Ref: http://www.wireshark.org/docs/relnotes/wireshark-1.4.7.html
http://www.wireshark.org/docs/relnotes/wireshark-1.2.17.html
______________________________________________________________________
11.24.5 CVE: CVE-2011-1756
Platform: Cross Platform
Title: Citadel XML Parsing Denial of Service
Description: Citadel is a messaging and collaboration system for groupware and BBS applications. The application is exposed to a denial of service issue. Specifically, the issue occurs because the application does not prevent entity expansion when processing crafted XML data.
Citadel version 7.83 is affected.
Ref: http://www.securityfocus.com/bid/48071/discuss
______________________________________________________________________
11.24.6 CVE: CVE-2011-1753
Platform: Cross Platform
Title: Ejabberd XML Parsing Denial of Service
Description: ejabberd is a Jabber/XMPP instant messaging server. The application is exposed to a denial of service issue. Specifically, the issue occurs because the application does not prevent entity expansion when processing crafted XML data. ejabberd version 2.1.6 is affected and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48072/discuss
______________________________________________________________________
11.24.7 CVE: Not Available
Platform: Cross Platform
Title: HP LoadRunner Virtual User Script Files Remote Buffer Overflow Vulnerability
Description: HP LoadRunner is a tool for testing system performance.
The software is exposed to a remote buffer overflow issue. This issue occurs because the application fails to handle specially crafted virtual user script files. All versions of LoadRunner are affected.
Ref: http://www.securityfocus.com/bid/48073/info
______________________________________________________________________
11.24.8 CVE: CVE-2011-2040,CVE-2011-2039,CVE-2011-2041
Platform: Cross Platform
Title: Cisco AnyConnect Secure Mobility Client Two Vulnerabilities
Description: Cisco AnyConnect Secure Mobility Client is a VPN client application that provides secure remote connections to specific Cisco devices. The software is exposed to multiple vulnerabilities. The helper application fails to validate the origin or authenticity of the client application. A local privilege escalation issue exists.
All versions prior to 2.3.254 on Windows and 2.5.x releases prior to 2.5.3041, 3.0.x releases prior to 3.0.629 on Linux/Unix are affected.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80123.shtml
______________________________________________________________________
11.24.9 CVE: CVE-2011-1921,CVE-2011-1783,CVE-2011-1752
Platform: Cross Platform
Title: Subversion "mod_dav_svn" Multiple Denial of Service and Information Disclosure Vulnerabilities
Description: Subversion is an open-source version control application available for numerous platforms. The application is exposed to two denial of service issues and an information disclosure issue that occurs in the "mod_dav_svn" module. Versions prior to Subversion 1.6.17 are affected.
Ref: http://subversion.apache.org/security/CVE-2011-1783-advisory.txt
http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
http://subversion.apache.org/security/CVE-2011-1921-advisory.txt
______________________________________________________________________
11.24.10 CVE: CVE-2011-2216
Platform: Cross Platfo rm
Ti tle: Asterisk "Contact" Header SIP Channel Driver Denial of Service Vulnerability
Description: Asterisk is an open-source PBX application available for multiple operating platforms. Asterisk is exposed to a denial of service issue in the Session Initiation Protocol channel driver.
Specifically, a specially crafted "Contact" header can trigger a segmentation fault due to a NULL pointer dereference error.
Asterisk Open Source 1.8.x are affected.
Ref: http://downloads.asterisk.org/pub/security/AST-2011-007.html
______________________________________________________________________
11.24.11 CVE: CVE-2011-2146,CVE-2011-2145,CVE-2011-1787
Platform: Cross Platform
Title: VMware products "Mount.vmhgfs" Multiple Security Vulnerabilities
Description: Multiple VMware products are exposed to an information disclosure issue and multiple privilege escalation issues that affect "Mount.vmhgfs". An information disclosure issue allows an attacker with access to the guest operating system to determine if a path exists in the host filesystem and determine if it is a file or directory, regardless of permissions. A privilege escalation issue stems from a race condition that occurs when an attacker mounts arbitrary directories in the guest filesystem. A privilege escalation issue allows an attacker to gain write access to an arbitrary file in the guest filesystem. VMware Workstation 7.1.x for Linux and Windows, VMware Player 3.1.x for Linux and Windows, VMware Fusion 3.1.x for OSX, VMware ESXi 3.5, 4.0, and 4.1, VMware ESX 3.5, 4.0, and 4.1 are affected.
Ref: http://www.vmware.com/security/advisories/VMSA-2011-0009.html
______________________________________________________________________
11.24.12 CVE: CVE-2011-2107
Platform: Cross Platform
Title: Adobe Flash Player Cross-Site Scripting
Description: Adobe Flash Player is a multimedia application available for multiple platforms. The application is exposed to an unspecified cross-site scripting issue. Adobe Flash Player 10.3.181.16 and prior versions for Windows, Macintosh, Linux and Solaris operating systems and Adobe Flash Player 10.3.185.22 and prior versions for Android are affected.
Ref: http://www.adobe.com/support/security/bulletins/apsb11-13.html
______________________________________________________________________
11.24.13 CVE: Not Available
Platform: Cross Platform
Title: GeeNian OpenDrive Local Password Encryption Weakness
Description: geeNian OpenDrive is a server based storage application.
The application is exposed to a password encryption weakness that allows local attackers to decrypt credentials stored in the Registry.
OpenDrive version 1.3.141 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48120/discuss
______________________________________________________________________
11.24.14 CVE: Not Available
Platform: Cross Platform
Title: LuaExpat SAX XML Parsing Denial of Service
Description: LuaExpat is a SAX XML parser based on the Expat library.
The application is exposed to a denial of service issue. Specifically, the issue occurs because the application fails to handle specially crafted XML data. Applications using the affected parser may consume system memory when processing large numbers of nested references.
Expat version 2.0.1 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48123/discuss
______________________________________________________________________
11.24.15 CVE: Not Available
Platform: Cross Platform
Title: Prosody XML Parsing Denial of Service
Description: Prosody is a communications server for Jabber/XMPP. The application is exposed to a denial of service issue. Specifically, the issue occurs because the application fails to handle specially crafted XML data. Applications using the affected parser may consume excessive system memory when processing large numbers of nested references.
Prosody versions prior to 0.8.1 are vulnerable.
Ref: http://www.securityfocus.com/bid/48125/discuss
______________________________________________________________________
11.24.16 CVE:
CVE-2011-2342,CVE-2011-2332,CVE-2011-1819,CVE-2011-1818,CVE-2011-1817,
CVE-2011-1816,CVE-2011-1815,CVE-2011-1814,CVE-2011-1813,CVE-2011-1812,
CVE-2011-1811,CVE-2011-1810,CVE-2011-1809,CVE-2011-1808
Platform: Cross Platform
Title: Google Chrome Multiple Security Vulnerabilities
Description: Google Chrome is a web browser for multiple platforms.
The application is exposed to multiple security issues. See reference for complete details. Versions prior to Chrome 12.0.742.91 are affected.
Ref: http://www.securityfocus.com/bid/48129/discuss
______________________________________________________________________
11.24.17 CVE:
CVE-2011-0865,CVE-2011-0814,CVE-2011-0869,CVE-2011-0815,CVE-2011-0867,
CVE-2011-0871,CVE-2011-0872,CVE-2011-0866,CVE-2011-0868,CVE-2011-0864,
CVE-2011-0863,CVE-2011-0788,CVE-2011-0862,CVE-2011-0817,CVE-2011-0786,
CVE-2011-0802,CVE-2011-0873
Platform: Cross Platform
Title: Oracle Java SE and Java for Business Multiple Remote Java Runtime Environment Vulnerabilities
Description: Java Runtime Environment (JRE) is a platform that supports the execution of programs that are developed using the Java programming language. The JRE platform also supports Java Applets, which can be loaded from Web pages. Oracle Java SE and Java for Business are exposed to multiple remote issues in Java Runtime Environment. These issues affect multiple subcomponents. JDK and JRE 6 Update 25 and earlier, JDK 5.0 Update 29 and earlier and SDK
1.4.2_31 and earlier are affected.
Ref:
http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html
______________________________________________________________________
11.24.18 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: Nagios "expand" Parameter Cross-Site Scripting Vulnerability
Description: Nagios is an open-source application designed to monitor networks and services for interruptions and to notify administrators when various events occur. The application is exposed to a cross-site scripting issue because it fails to sufficiently sanitize user-supplied data submitted to the "expand" parameter of the "config.cgi"
script. Nagios 3.2.3 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48087/info
______________________________________________________________________
11.24.19 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: MultiModem iSMS Multiple Cross-Si te Scrip ting Vulnerabilities
Description: MultiModem iSMS is an SMS text messaging application. The application is exposed to multiple issues. A cross-site scripting issue occurs in the "username" field. A cross-site scripting issue occurs when viewing the logs through the web management interface. MultiModem iSMS 1.47 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48094/info
______________________________________________________________________
11.24.20 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: vBulletin vBExperience "sortorder" Parameter Cross-Site Scripting Vulnerability
Description: vBulletin vBExperience is a web-based application implemented in PHP. The application is exposed to a cross-site scripting issue because it fails to sufficiently sanitize user-supplied data submitted to the "sortorder" parameter of the "xperience.php" script. vBulletin vBExperience 3.0 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48106/info
______________________________________________________________________
11.24.21 CVE: Not Available
Platform: Web Application
Title: WebSVN "path" Parameter Remote Command Injection Vulnerability
Description: WebSVN is an online viewer for SVN repositories. The application is exposed to a command injection issue because it fails to adequately sanitize user-supplied input submitted to the "path"
argument of the "websvn/dl.php" script. Specifically, the application fails to properly escape metacharacters included in the "path"
parameter before using them in an "exec()" function call. WebSVN version 2.3.2 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/archive/1/518245
______________________________________________________________________
11.24.22 CVE: Not Available
Platform: Network Device
Title: NetGear WNDAP350 Wireless Access Point Multiple Information Disclosure Vulnerabilities
Description: NetGear WNDAP350 is a wireless access point. NetGear WNDAP350 wireless access point is exposed to multiple remote information disclosure issues because it fails to restrict access to sensitive information. Specifically, attackers can access the "/var/config" file which contains sensitive information such as the administrator password and WPA2 keys. The file is accessible by downloading through the "downloadFile.php" and "BackupConfig.php"
scripts. WNDAP350 with firmware 2.0.1 and 2.0.9 are vulnerable and other firmware versions may also be affected.
Ref: http://www.securityfocus.com/bid/48085/discuss
______________________________________________________________________
11.24.23 CVE: CVE-2011-2024
Platform: Hardware
Title: Cisco CNS Network Registrar Default Credentials Authentication Bypass Vulnerability
Description: Cisco CNS Network Registrar devices provide DNS, DHCP, and IP address management. Cisco CNS Network Registrar is exposed to a remote authentication bypass issue. This issue occurs because the device contains a default password for the administrative account.
Cisco Network Registrar Software releases prior to 7.2 are affected.
Ref: http://www.cisco.com/warp/public/707/cisco-sa-20110601-cnr.shtml
______________________________________________________________________
11.24.24 CVE: CVE-2011-1623
Platform: Hardware
Title: Cisco Media Experience Engine 5600 Default Credentials Authentication Bypass
Description: Cisco Media Experience Engine 5600 is a modular media processing platform. Cisco Media Experience Engine 5600 is exposed to a remote authentication bypass issue. This issue occurs because the device contains a default password for the root account.
Cisco MXE 5600 devices that are running Cisco Media Processing Software releases prior to 1.2 are affected.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80122.shtml
______________________________________________________________________
11.24.25 CVE: CVE-2011-1637,CVE-2011-1603,CVE-2011-1602
Platform: Hardware
Title: Cisco 7900 Series Unified IP Phone Multiple Vulnerabilities
Description: Cisco 7900 Series Unified IP Phones are Voice over IP phone devices. Cisco 7900 Series Unified IP Phone devices are exposed multiple issues: a security bypass issue, that affects signature verification and two privilege escalation issues. Cisco Unified IP Phone 7975G, 7971G-GE, 7970G, 7965G, 7962G, 7961G, 7961G-GE, 7945G, 7942G, 7941G, 7941G-GE, 7931G, 7911G and 7906 are affected.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80111.shtml
______________________________________________________________________
11.24.26 CVE: Not Available
Platform: Hardware
Title: MODACOM URoad-5000 Security Bypass Vulnerability and Remote Command Execution Vulnerability
Description: MODACOM URoad-5000 is a wireless router. URoad-5000 is exposed to multiple remote issues. A security bypass issue occurs because the device is configured to use "admin" as the administrator username and password. Specifically, the device fails to prompt the user to change the administration credentials. A remote command execution issue affects the "gofrom/SystemCommad" method. MODACOM URoad-5000 firmware version 1450 is vulnerable; other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48089/discuss
______________________________________________________________________
11.24.27 CVE: Not Available
Platform: Hardware
Title: IP Power 9258 TGI Scripts Unauthorized Access Vulnerability
Description: IP Power 9258 is a switched power distribution unit. The device is exposed to an unauthorized access issue because it fails to properly restrict access to the scripts in the "/tgi/" folder.
Opengear IP Power 9258 units are affected.
Ref: http://www.securityfocus.com/bid/48104/info
______________________________________________________________________
http://www.securityfocus.com/bid/48140
http://www.securityfocus.com/bid/48141
http://www.securityfocus.com/bid/48142
http://www.securityfocus.com/bid/48143
http://www.securityfocus.com/bid/48144
http://www.securityfocus.com/bid/48145
http://www.securityfocus.com/bid/48146
http://www.securityfocus.com/bid/48147
http://www.securityfocus.com/bid/48148
http://www.securityfocus.com/bid/48149
*************************************************************
(2) HIGH: Novell iPrint Multiple Vulnerabilities
Affected:
Novell iPrint Client prior to 5.64
Description: Novell has released a patch for multiple security vulnerabilities affecting iPrint, its enterprise printing environment.
The vulnerable code blindly copies user-provided data into a fixed-length buffer on the heap. Because the code can be instantiated as an ActiveX control, an attacker can entice a target into viewing a malicious site and exploit this vulnerability in order to execute arbitrary code on the target's machine. Code will execute in the security context of the browser, which is typically identical to the currently logged-in user.
Status: vendor confirmed, updates available
References:
Vendor Site
http://www.novell.com
Novell iPrint Security Advisories
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008720
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008722
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008723
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008724
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008726
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008727
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008728
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008729
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008730
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008731
Zero Day Initiative Advisories
http://www.zerodayinitiative.com/advisories/ZD I-11-172 /
http://www.zerodayinitiative.com/advisories/ZDI-11-173/
http://www.zerodayinitiative.com/advisories/ZDI-11-174/
http://www.zerodayinitiative.com/advisories/ZDI-11-175/
http://www.zerodayinitiative.com/advisories/ZDI-11-176/
http://www.zerodayinitiative.com/advisories/ZDI-11-177/
http://www.zerodayinitiative.com/advisories/ZDI-11-178/
http://www.zerodayinitiative.com/advisories/ZDI-11-179/
http://www.zerodayinitiative.com/advisories/ZDI-11-180/
http://www.zerodayinitiative.com/advisories/ZDI-11-181/
http://www.zerodayinitiative.com/advisories/ZDI-11-182/
SecurityFocus BugTraq ID
http://www.securityfocus.com/bid/48124
*************************************************************
(3) MEDIUM: Google Chrome Multiple Vulnerabilities
Affected:
Google Chrome prior to 12.0.742.91
Description: Google has released a patch addressing multiple security vulnerabilities in its Chrome web browser. Five of these issues are rated HIGH by Google, and three involve possible memory corruption issues of the type that can often lead to remote code execution. Public explanations of these vulnerabilities are not available.
Status: vendor confirmed, updates available
References:
Vendor Site
http://www.google.com
Google Stable Channel Update
http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+GoogleChromeReleases+%28Google+Chrome+Releases%29&utm_content=Fee
SecurityFocus BugTraq ID
http://www.securityfocus.com/bid/48129
*************************************************************
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys
(www.qualys.com)
This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 11378 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely.
______________________________________________________________________
11.24.1 CVE: CVE-2011-1711
Platform: Novell
Title: Novell Data Synchronizer U ser Acco unt Unspecified Unauthorized Access Vulnerability
Description: Novell Data Synchronizer is a data management application.
The software is exposed to an unspecified unauthorized access issue.
This issue is caused by an unspecified error within the Mobility Pack.
Data Synchronizer 1.1.2 and earlier are affected.
Ref: http://download.novell.com/Download?buildid=dq9zR9J9RzY~
______________________________________________________________________
11.24.2 CVE:
CVE-2011-1708,CVE-2011-1707,CVE-2011-1706,CVE-2011-1705,CVE-2011-1704,
CVE-2011-1703,CVE-2011-1702,CVE-2011-1701,CVE-2011-1700,CVE-2011-1699
Platform: Novell
Title: Novell iPrint Client Multiple Remote Code Execution Vulnerabilities
Description: Novell iPrint Client is a client application for printing over the Internet. The software is exposed to multiple remote code execution issues because of an error in the Netscape/ActiveX compatible browser plugins. Versions prior to Novell iPrint Client
5.64 are affected.
Ref: http://www.securityfocus.com/bid/48124/info
______________________________________________________________________
11.24.3 CVE: CVE-2011-0766
Platform: Cross Platform
Title: Erlang/OTP SSH Library Random Number Generator Weakness
Description: Erlang is a programming language. OTP is a set of Erlang libraries. Erlang/OTP is exposed to a random number generator weakness. This issue occurs because the SSH library uses a weak method to generate the seed used in various encryption and digital signature algorithms. Erlang/OTP ssh library versions before R14B03 are affected.
Ref: http://www.securityfocus.com/bid/47980/info
______________________________________________________________________
11.24.4 CVE: CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175
Platform: Cross Platform
Title: Wireshark Multiple Denial of Service Vulnerabilities
Description: Wireshark (formerly Ethereal) is an application for analyzing network traffic. The application is exposed to multiple vulnerabilities. A denial of service issue occurs due to an infinite loop caused in the DICOM dissector. A denial of service issue occurs due to a corrupted diameter dictionary file. A denial of service issue occurs due to a corrupted snoop file. A denial of service issue occurs due to malformed compressed captured data. A denial of service issue occurs due to a corrupted Visual Networks file. Wireshark versions 1.2.0 to
1.2.16 and 1.4.0 to 1.4.6 are affected.
Ref: http://www.wireshark.org/docs/relnotes/wireshark-1.4.7.html
http://www.wireshark.org/docs/relnotes/wireshark-1.2.17.html
______________________________________________________________________
11.24.5 CVE: CVE-2011-1756
Platform: Cross Platform
Title: Citadel XML Parsing Denial of Service
Description: Citadel is a messaging and collaboration system for groupware and BBS applications. The application is exposed to a denial of service issue. Specifically, the issue occurs because the application does not prevent entity expansion when processing crafted XML data.
Citadel version 7.83 is affected.
Ref: http://www.securityfocus.com/bid/48071/discuss
______________________________________________________________________
11.24.6 CVE: CVE-2011-1753
Platform: Cross Platform
Title: Ejabberd XML Parsing Denial of Service
Description: ejabberd is a Jabber/XMPP instant messaging server. The application is exposed to a denial of service issue. Specifically, the issue occurs because the application does not prevent entity expansion when processing crafted XML data. ejabberd version 2.1.6 is affected and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48072/discuss
______________________________________________________________________
11.24.7 CVE: Not Available
Platform: Cross Platform
Title: HP LoadRunner Virtual User Script Files Remote Buffer Overflow Vulnerability
Description: HP LoadRunner is a tool for testing system performance.
The software is exposed to a remote buffer overflow issue. This issue occurs because the application fails to handle specially crafted virtual user script files. All versions of LoadRunner are affected.
Ref: http://www.securityfocus.com/bid/48073/info
______________________________________________________________________
11.24.8 CVE: CVE-2011-2040,CVE-2011-2039,CVE-2011-2041
Platform: Cross Platform
Title: Cisco AnyConnect Secure Mobility Client Two Vulnerabilities
Description: Cisco AnyConnect Secure Mobility Client is a VPN client application that provides secure remote connections to specific Cisco devices. The software is exposed to multiple vulnerabilities. The helper application fails to validate the origin or authenticity of the client application. A local privilege escalation issue exists.
All versions prior to 2.3.254 on Windows and 2.5.x releases prior to 2.5.3041, 3.0.x releases prior to 3.0.629 on Linux/Unix are affected.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80123.shtml
______________________________________________________________________
11.24.9 CVE: CVE-2011-1921,CVE-2011-1783,CVE-2011-1752
Platform: Cross Platform
Title: Subversion "mod_dav_svn" Multiple Denial of Service and Information Disclosure Vulnerabilities
Description: Subversion is an open-source version control application available for numerous platforms. The application is exposed to two denial of service issues and an information disclosure issue that occurs in the "mod_dav_svn" module. Versions prior to Subversion 1.6.17 are affected.
Ref: http://subversion.apache.org/security/CVE-2011-1783-advisory.txt
http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
http://subversion.apache.org/security/CVE-2011-1921-advisory.txt
______________________________________________________________________
11.24.10 CVE: CVE-2011-2216
Platform: Cross Platfo rm
Ti tle: Asterisk "Contact" Header SIP Channel Driver Denial of Service Vulnerability
Description: Asterisk is an open-source PBX application available for multiple operating platforms. Asterisk is exposed to a denial of service issue in the Session Initiation Protocol channel driver.
Specifically, a specially crafted "Contact" header can trigger a segmentation fault due to a NULL pointer dereference error.
Asterisk Open Source 1.8.x are affected.
Ref: http://downloads.asterisk.org/pub/security/AST-2011-007.html
______________________________________________________________________
11.24.11 CVE: CVE-2011-2146,CVE-2011-2145,CVE-2011-1787
Platform: Cross Platform
Title: VMware products "Mount.vmhgfs" Multiple Security Vulnerabilities
Description: Multiple VMware products are exposed to an information disclosure issue and multiple privilege escalation issues that affect "Mount.vmhgfs". An information disclosure issue allows an attacker with access to the guest operating system to determine if a path exists in the host filesystem and determine if it is a file or directory, regardless of permissions. A privilege escalation issue stems from a race condition that occurs when an attacker mounts arbitrary directories in the guest filesystem. A privilege escalation issue allows an attacker to gain write access to an arbitrary file in the guest filesystem. VMware Workstation 7.1.x for Linux and Windows, VMware Player 3.1.x for Linux and Windows, VMware Fusion 3.1.x for OSX, VMware ESXi 3.5, 4.0, and 4.1, VMware ESX 3.5, 4.0, and 4.1 are affected.
Ref: http://www.vmware.com/security/advisories/VMSA-2011-0009.html
______________________________________________________________________
11.24.12 CVE: CVE-2011-2107
Platform: Cross Platform
Title: Adobe Flash Player Cross-Site Scripting
Description: Adobe Flash Player is a multimedia application available for multiple platforms. The application is exposed to an unspecified cross-site scripting issue. Adobe Flash Player 10.3.181.16 and prior versions for Windows, Macintosh, Linux and Solaris operating systems and Adobe Flash Player 10.3.185.22 and prior versions for Android are affected.
Ref: http://www.adobe.com/support/security/bulletins/apsb11-13.html
______________________________________________________________________
11.24.13 CVE: Not Available
Platform: Cross Platform
Title: GeeNian OpenDrive Local Password Encryption Weakness
Description: geeNian OpenDrive is a server based storage application.
The application is exposed to a password encryption weakness that allows local attackers to decrypt credentials stored in the Registry.
OpenDrive version 1.3.141 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48120/discuss
______________________________________________________________________
11.24.14 CVE: Not Available
Platform: Cross Platform
Title: LuaExpat SAX XML Parsing Denial of Service
Description: LuaExpat is a SAX XML parser based on the Expat library.
The application is exposed to a denial of service issue. Specifically, the issue occurs because the application fails to handle specially crafted XML data. Applications using the affected parser may consume system memory when processing large numbers of nested references.
Expat version 2.0.1 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48123/discuss
______________________________________________________________________
11.24.15 CVE: Not Available
Platform: Cross Platform
Title: Prosody XML Parsing Denial of Service
Description: Prosody is a communications server for Jabber/XMPP. The application is exposed to a denial of service issue. Specifically, the issue occurs because the application fails to handle specially crafted XML data. Applications using the affected parser may consume excessive system memory when processing large numbers of nested references.
Prosody versions prior to 0.8.1 are vulnerable.
Ref: http://www.securityfocus.com/bid/48125/discuss
______________________________________________________________________
11.24.16 CVE:
CVE-2011-2342,CVE-2011-2332,CVE-2011-1819,CVE-2011-1818,CVE-2011-1817,
CVE-2011-1816,CVE-2011-1815,CVE-2011-1814,CVE-2011-1813,CVE-2011-1812,
CVE-2011-1811,CVE-2011-1810,CVE-2011-1809,CVE-2011-1808
Platform: Cross Platform
Title: Google Chrome Multiple Security Vulnerabilities
Description: Google Chrome is a web browser for multiple platforms.
The application is exposed to multiple security issues. See reference for complete details. Versions prior to Chrome 12.0.742.91 are affected.
Ref: http://www.securityfocus.com/bid/48129/discuss
______________________________________________________________________
11.24.17 CVE:
CVE-2011-0865,CVE-2011-0814,CVE-2011-0869,CVE-2011-0815,CVE-2011-0867,
CVE-2011-0871,CVE-2011-0872,CVE-2011-0866,CVE-2011-0868,CVE-2011-0864,
CVE-2011-0863,CVE-2011-0788,CVE-2011-0862,CVE-2011-0817,CVE-2011-0786,
CVE-2011-0802,CVE-2011-0873
Platform: Cross Platform
Title: Oracle Java SE and Java for Business Multiple Remote Java Runtime Environment Vulnerabilities
Description: Java Runtime Environment (JRE) is a platform that supports the execution of programs that are developed using the Java programming language. The JRE platform also supports Java Applets, which can be loaded from Web pages. Oracle Java SE and Java for Business are exposed to multiple remote issues in Java Runtime Environment. These issues affect multiple subcomponents. JDK and JRE 6 Update 25 and earlier, JDK 5.0 Update 29 and earlier and SDK
1.4.2_31 and earlier are affected.
Ref:
http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html
______________________________________________________________________
11.24.18 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: Nagios "expand" Parameter Cross-Site Scripting Vulnerability
Description: Nagios is an open-source application designed to monitor networks and services for interruptions and to notify administrators when various events occur. The application is exposed to a cross-site scripting issue because it fails to sufficiently sanitize user-supplied data submitted to the "expand" parameter of the "config.cgi"
script. Nagios 3.2.3 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48087/info
______________________________________________________________________
11.24.19 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: MultiModem iSMS Multiple Cross-Si te Scrip ting Vulnerabilities
Description: MultiModem iSMS is an SMS text messaging application. The application is exposed to multiple issues. A cross-site scripting issue occurs in the "username" field. A cross-site scripting issue occurs when viewing the logs through the web management interface. MultiModem iSMS 1.47 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48094/info
______________________________________________________________________
11.24.20 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: vBulletin vBExperience "sortorder" Parameter Cross-Site Scripting Vulnerability
Description: vBulletin vBExperience is a web-based application implemented in PHP. The application is exposed to a cross-site scripting issue because it fails to sufficiently sanitize user-supplied data submitted to the "sortorder" parameter of the "xperience.php" script. vBulletin vBExperience 3.0 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48106/info
______________________________________________________________________
11.24.21 CVE: Not Available
Platform: Web Application
Title: WebSVN "path" Parameter Remote Command Injection Vulnerability
Description: WebSVN is an online viewer for SVN repositories. The application is exposed to a command injection issue because it fails to adequately sanitize user-supplied input submitted to the "path"
argument of the "websvn/dl.php" script. Specifically, the application fails to properly escape metacharacters included in the "path"
parameter before using them in an "exec()" function call. WebSVN version 2.3.2 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/archive/1/518245
______________________________________________________________________
11.24.22 CVE: Not Available
Platform: Network Device
Title: NetGear WNDAP350 Wireless Access Point Multiple Information Disclosure Vulnerabilities
Description: NetGear WNDAP350 is a wireless access point. NetGear WNDAP350 wireless access point is exposed to multiple remote information disclosure issues because it fails to restrict access to sensitive information. Specifically, attackers can access the "/var/config" file which contains sensitive information such as the administrator password and WPA2 keys. The file is accessible by downloading through the "downloadFile.php" and "BackupConfig.php"
scripts. WNDAP350 with firmware 2.0.1 and 2.0.9 are vulnerable and other firmware versions may also be affected.
Ref: http://www.securityfocus.com/bid/48085/discuss
______________________________________________________________________
11.24.23 CVE: CVE-2011-2024
Platform: Hardware
Title: Cisco CNS Network Registrar Default Credentials Authentication Bypass Vulnerability
Description: Cisco CNS Network Registrar devices provide DNS, DHCP, and IP address management. Cisco CNS Network Registrar is exposed to a remote authentication bypass issue. This issue occurs because the device contains a default password for the administrative account.
Cisco Network Registrar Software releases prior to 7.2 are affected.
Ref: http://www.cisco.com/warp/public/707/cisco-sa-20110601-cnr.shtml
______________________________________________________________________
11.24.24 CVE: CVE-2011-1623
Platform: Hardware
Title: Cisco Media Experience Engine 5600 Default Credentials Authentication Bypass
Description: Cisco Media Experience Engine 5600 is a modular media processing platform. Cisco Media Experience Engine 5600 is exposed to a remote authentication bypass issue. This issue occurs because the device contains a default password for the root account.
Cisco MXE 5600 devices that are running Cisco Media Processing Software releases prior to 1.2 are affected.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80122.shtml
______________________________________________________________________
11.24.25 CVE: CVE-2011-1637,CVE-2011-1603,CVE-2011-1602
Platform: Hardware
Title: Cisco 7900 Series Unified IP Phone Multiple Vulnerabilities
Description: Cisco 7900 Series Unified IP Phones are Voice over IP phone devices. Cisco 7900 Series Unified IP Phone devices are exposed multiple issues: a security bypass issue, that affects signature verification and two privilege escalation issues. Cisco Unified IP Phone 7975G, 7971G-GE, 7970G, 7965G, 7962G, 7961G, 7961G-GE, 7945G, 7942G, 7941G, 7941G-GE, 7931G, 7911G and 7906 are affected.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80111.shtml
______________________________________________________________________
11.24.26 CVE: Not Available
Platform: Hardware
Title: MODACOM URoad-5000 Security Bypass Vulnerability and Remote Command Execution Vulnerability
Description: MODACOM URoad-5000 is a wireless router. URoad-5000 is exposed to multiple remote issues. A security bypass issue occurs because the device is configured to use "admin" as the administrator username and password. Specifically, the device fails to prompt the user to change the administration credentials. A remote command execution issue affects the "gofrom/SystemCommad" method. MODACOM URoad-5000 firmware version 1450 is vulnerable; other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48089/discuss
______________________________________________________________________
11.24.27 CVE: Not Available
Platform: Hardware
Title: IP Power 9258 TGI Scripts Unauthorized Access Vulnerability
Description: IP Power 9258 is a switched power distribution unit. The device is exposed to an unauthorized access issue because it fails to properly restrict access to the scripts in the "/tgi/" folder.
Opengear IP Power 9258 units are affected.
Ref: http://www.securityfocus.com/bid/48104/info
______________________________________________________________________
