Last day to save $500 for SANS San Diego 2013

@RISK: The Consensus Security Vulnerability Alert

Volume: IV, Issue: 26
July 1, 2005

SANS Newsletters Home

Security training news: Early registration is now open for SANS Network Security 2005 in New Orleans, October 24-30: 17 great tracks and the nicest weather in New Orleans. Details: http://www.sans.org/ns2005 West Coasters can look to SANS Silicon Valley in San Jose, Sept 24-30, for 12 immersion tracks and a vendor expo. Details: http://www.sans.org/siliconvalley2005/

@RISK is the SANS community's consensus bulletin summarizing the most important vulnerabilities and exploits identified during the past week and providing guidance on appropriate actions to protect your systems (PART I). It also includes a comprehensive list of all new vulnerabilities discovered in the past week (PART II).

Summary of the vulnerabilities reported this week:

    • Category
    • # of Updates & Vulnerabilities
    • Other Microsoft Products
    • 1 (#2, #5, #6)
    • Third Party Windows Apps
    • 4 (#4)
    • Mac Os
    • 1
    • Cross Platform
    • 7
    • Web Application
    • 29 (#1, #3)
    • Hardware
    • 1

********************* Sponsored Links: **********************************

1) Learn more about Radware at SANS Washington, DC, July 29-30, 2005 Download DefensePro whitepaper http://www.sans.org/info.php?id=811

2) Barbedwire Technologies addresses the dynamic state of network security vulnerabilities by providing a cost effective vulnerability assessment tool and tools to prevent and manage vulnerabilities. For more information go to www.barbedwiretech.com for data sheet go to http://www.sans.org/info.php?id=812

*************************************************************************

Table Of Contents
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys (www.qualys.com)
Other Microsoft Products
Third Party Windows Apps
Mac Os
Cross Platform
Web Application
Hardware
PART I Critical Vulnerabilities

Part I is compiled by Rohit Dhamankar (rohitd_at_tippingpoint.com) at TippingPoint, a division of 3Com, as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/cva/#process

Widely Deployed Software
  • (1) HIGH: phpBB Remote PHP Code Execution
  • Affected:
    • phpBB version 2.0.15 and prior

  • Description: phpBB is a widely used bulletin board software. The software is reportedly downloaded between 2000 and 4000 times everyday. phpBB's "viewtopic.php" script contains a vulnerability that can be exploited by a remote attacker to execute arbitrary PHP code on the server. The flaw exists because the input passed to the "highlight" parameter is not sanitized for escaping database delimiters such as single and double quotes. This can be leveraged to construct a specially crafted value for the "hightlight" parameter (enables a subsequent string to be interpreted as a PHP command). Exploit code has been publicly posted.

  • Status: phpBB has released version 2.0.16. Note that another flaw in the same script was exploited by Santy worm to deface thousands of websites in November 2004.

  • Council Site Actions: The affected software and/or configuration are not in production or widespread use, or are not officially supported at any of the council sites. They reported that no action was necessary.

  • References:
  • (2) LOW: Internet Explorer javaprxy.dll Heap Overflow
  • Affected:
    • IE 6.0

  • Description: Internet Explorer reportedly contains a heap corruption problem in handling certain COM object (javaprxy.dll). The discoverers state that during their testing they could successfully control the contents of a register when a specially crafted webpage instantiating the javaprxy.dll COM object was loaded in Internet Explorer. Hence, there is a possibility that the heap corruption can be exploited to execute arbitrary code. A proof-of-concept has been included in the public posting.

  • Status: Microsoft has been contacted. Note that javaprxy.dll is not installed by default on all Windows systems.

  • Council Site Actions: Most of the council sites are waiting on a formal response from the vendor and suggested remediation steps. One site commented they are planning to search-and-destroy this file using MS-SMS. They are treating this as very low vulnerability since it appears to only apply to on Win2K and WinME systems by default. They do not have WinME in their environment, and Win2K systems are not used for web-browsing.

  • References:
Other Software
Exploit Code
Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 26, 2005

This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 4396 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely.

  • 05.26.1 - CVE: Not Available
  • Platform: Other Microsoft Products
  • Title: Internet Explorer Javaprxy.DLL COM Object Instantiation Heap Overflow
  • Description: Microsoft Internet Explorer is prone to a heap-based buffer overflow vulnerability through the "javaprxy.dll" COM object. It is exposed when the object is instantiated by a malicious web page. Content that is passed to the browser after the object has been instantiated may cause heap-based memory to be corrupted. The issue was reported in Internet Explorer 6.0 releases on Windows XP SP2.
  • Ref: http://www.securityfocus.com/bid/14087/info
  • 05.26.2 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: BisonFTP Denial of Service
  • Description: SofoTex BisonFTP is an FTP server that vulnerable to a remote denial of service issue due to an error in the commands "cwd" and "ls" when handling long arguments more than 4300 bytes. SofoTex BisonFTP version V4R1 is vulnerable.
  • Ref: http://secunia.com/advisories/8072/
  • 05.26.3 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: RealNetworks Real and RealOne Player Unspecified MP3 ActiveX Control Execution Vulnerability
  • Description: RealNetworks Real and RealOne players are vulnerable to to an issue that could be exploited to overwrite an arbitrary file or execute an ActiveX control using a specially formatted malicious MP3 file. An attacker could exploit this issue to execute arbitrary code in the context of the victim client user. Please refer the link below for a list of vulnerable versions.
  • Ref: http://service.real.com/help/faq/security/050623_player/EN/
  • 05.26.4 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: IA eMailServer Remote Format String
  • Description: True North Software IA eMailServer is an IMAP server. A format string issue is exposed when a format specifier "%x" is passed as the second argument to the LIST command. IA eMailServer version 5.2.2 build 1051 is affecetd.
  • Ref: http://www.securityfocus.com/archive/1/401770
  • 05.26.5 - CVE: CAN-2005-1250
  • Platform: Third Party Windows Apps
  • Title: Ipswitch WhatsUp Professional SQL Injection
  • Description: Ipswitch WhatsUp Professional is a network monitoring and management application. It is vulnerable to an SQL injection issue due to insufficient sanitization of user-supplied input to the "password" and "User Name" fields of the "login.asp" script. Ipswitch WhatsUp Professional version 2005 SP1 is vulnerable.
  • Ref: http://www.idefense.com/application/poi/display?id=268&type=vulnerabilities&
    amp;flashstatus=true
  • 05.26.6 - CVE: CAN-2005-1623
  • Platform: Mac Os
  • Title: Adobe Acrobat/Adobe Reader Arbitrary File Execution
  • Description: Adobe Acrobat and Adobe Reader running on Mac OS X are reported to be vulnerable to an arbitrary file execution issue. This issue arises when an attacker crafts a PDF file and embeds malicious JavaScript code in the file. If a victim user opens this PDF file, the JavaScript code can call arbitrary executables residing on the computer.
  • Ref: http://www.securityfocus.com/bid/14076
  • 05.26.7 - CVE: Not Available
  • Platform: Cross Platform
  • Title: PostNuke XMLRPC Module Remote Code Injection
  • Description: PostNuke is a freely available web-based content management system. The xmlrpc module is a set of third party libraries shipped with PostNuke. It is vulnerable to a remote code injection issue due to an input validation error. An attacker could exploit this issue to run arbitrary code in the context of the web server. PostNuke 0.750 stable package and the 0.760 development tree packages are affected by this issue.
  • Ref: http://news.postnuke.com/modules.php?op=modload&name=News&file=article&a
    mp;sid=2699
  • 05.26.8 - CVE: CAN-2005-1923
  • Platform: Cross Platform
  • Title: ClamAV Cabinet File Parsing Remote Denial of Service
  • Description: ClamAV is a virus scanning utility. ClamAV is affected by a remote denial of service issue. ClamAV versions 0.85.1 and earlier are known to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/14089
  • 05.26.9 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Infradig Inframail Advantage Server Edition Multiple Remote Buffer Overflow
  • Description: Infradig Inframail Advantage Server Edition is a mail server. It is affected by multiple remote buffer overflow issues due to a lack of boundary checks performed by the application and may allow remote attackers to execute machine code in the context of the server process. Infradig Inframail Advantage Server version 6.37 is reportedly vulnerable.
  • Ref: http://www.securityfocus.com/archive/1/401878
  • 05.26.10 - CVE: CAN-2005-2073
  • Platform: Cross Platform
  • Title: IBM DB2 Universal Database Unspecified Authorization Bypass
  • Description: IBM DB2 Universal Database Server is affected by an authorization bypass vulnerability. IBM DB2 Universal Database versions 8.1.9 and earlier are known to be vulnerable.
  • Ref: http://www-1.ibm.com/support/docview.wss?uid=swg1IY73104
  • 05.26.11 - CVE: Not Available
  • Platform: Cross Platform
  • Title: ClamAV Unspecified Denial of Service
  • Description: Clam Anti-Virus is an open source virus scanning application. It is vulnerable to a denial of service due to an unspecified issue in the "libmspack" Quantum archive decompressor. Clam Anti-Virus versions 0.85.1 and earlier are vulnerable.
  • Ref: http://www.gentoo.org/security/en/glsa/glsa-200506-23.xml
  • 05.26.12 - CVE: CAN-2005-1766
  • Platform: Cross Platform
  • Title: RealPlayer RealText Parsing Heap Overflow
  • Description: RealNetworks RealPlayer is a media player. It is vulnerable to a remote heap overflow issue due to insufficient boundary checks of user-supplied data contained in RealText files. See the vendor advisory for detailed vulnerable versions.
  • Ref: http://service.real.com/help/faq/security/050623_player/EN/
  • 05.26.13 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Sendmail Milter Remote Denial of Service
  • Description: Sendmail is susceptible to a remote denial of service weakness in its milter (mail filter) interface. This issue exists due to overly long default timeouts configured for milters. Sendmail versions 8.12.11 and earlier are reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/14047
  • 05.26.14 - CVE: Not Available
  • Platform: Web Application
  • Title: CGI-Club imTRBBS Remote Command Execution
  • Description: imTRBBS is a web-based application implemented in Perl. It is reported to be vulnerable to a remote command execution issue due to improper sanitization of user-supplied data to the "im_trbbs.cgi" script. imTRBBS version 1.0.2 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/14091
  • 05.26.15 - CVE: Not Available
  • Platform: Web Application
  • Title: Dynamic Biz Website Builder Login.ASP SQL Injection
  • Description: Dynamic Biz Website Builder (QuickWeb) is a web-based application implemented in ASP. It is reported to be vulnerable to an SQL injection issue due to improper sanitization of user-supplied input to the "password" field of the "login.asp" script. Dynamic Biz Website Builder (QuickWeb) version 1.0 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/14083
  • 05.26.16 - CVE: Not Available
  • Platform: Web Application
  • Title: PHPBB Viewtopic.PHP Remote Code Execution
  • Description: phpBB is an open-source web forum application. It is vulnerable a remote PHP script injection issue in the "viewtopic.php" script due to a failure of the script code to properly sanitize user-supplied URI parameters. A remote attacker could exploit this issue to run arbitrary code in the context of the web server hosting the application. Please refer the following link for a list of vulnerable versions.
  • Ref: http://www.securityfocus.com/bid/14086/info
  • 05.26.17 - CVE: Not Available
  • Platform: Web Application
  • Title: Community Server Forums SearchResults.ASPX Cross-Site Scripting
  • Description: Community Server Forums is an online collaborative discussions system for adding discussion capabilities to any ASP.NET Web application. Community Server Forums is affected by a cross-site scripting vulnerability. All current versions are affected.
  • Ref: http://www.securityfocus.com/bid/14078
  • 05.26.18 - CVE: CAN-2005-2077
  • Platform: Web Application
  • Title: Hosting Controller Error.ASP Cross-Site Scripting
  • Description: Hosting Controller is an application that consolidates all hosting tasks into one interface. Hosting Controller is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the "error" parameter of "error.asp" script. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
  • Ref: http://www.securityfocus.com/bid/14080/
  • 05.26.19 - CVE: Not Available
  • Platform: Web Application
  • Title: JCDex Lite Index.PHP Remote File Include
  • Description: JCDex Lite is an integrated index page for the UBB.Threads forums. Insufficient sanitization of the "thispath" variable of the "index.php" script exposes the application to a remote file include issue. All current versions are affected.
  • Ref: http://www.securityfocus.com/bid/14081/info
  • 05.26.20 - CVE: Not Available
  • Platform: Web Application
  • Title: Plans Display Type Variable Cross-Site Scripting
  • Description: Plans is a web-based calendar application. It is vulnerable to a cross-site scripting issue in the "plans.cgi" script due to improper sanitization of the "display_type" variable. An attacker could exploit this issue to execute arbitrary script code in the browser of an unsuspecting user for stealing cookie based authentication credentials. Plans version 6.7.1 and earlier are vulnerable.
  • Ref: http://www.securityfocus.com/bid/14069/info
  • 05.26.21 - CVE: CAN-2005-2066
  • Platform: Web Application
  • Title: ASPNuke Comment_Post.ASP SQL Injection
  • Description: ASPNuke is web portal software. It is reported to be vulnerable to an SQL injection issue due to improper sanitization of user-supplied input to the "TaskID" parameter of the "comment_post.asp" script. ASPNuke version 0.80 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/14064
  • 05.26.22 - CVE: CAN-2005-2074, CAN-2005-2075
  • Platform: Web Application
  • Title: PHP-Fusion SUBMIT.PHP HTML Injection
  • Description: PHP-Fusion is a web content management system. It is vulnerable to an HTML injection issue with the "submit.php" script due to insufficient sanitization of user-supplied data. PHP-Fusion version 6.0.105 is vulnerable.
  • Ref: http://www.frsirt.com/english/advisories/2005/0888
  • 05.26.23 - CVE: CAN-2005-2062, CAN-2005-2063
  • Platform: Web Application
  • Title: ActiveBuyAndSell Multiple SQL Injection
  • Description: ActiveBuyandSell is software enabling users to coordinate over the web selling and buying of products. It is affected by multiple SQL injection vulnerabilities. ActiveBuyandSell versions 6.x and earlier are affected.
  • Ref: http://archives.neohapsis.com/archives/bugtraq/2005-06/0209.html
  • 05.26.24 - CVE: CAN-2005-2063
  • Platform: Web Application
  • Title: ActiveBuyAndSell SendPassword.ASP Cross-Site Scripting
  • Description: ActiveBuyandSell is software enabling users to coordinate over the Web the selling and buying of products. ActiveBuyandSell is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the "Title" parameter of the "sendpassword.asp". This may facilitate the theft of cookie-based authentication credentials as well as other attacks. This issue is reported to affect ActiveBuyandSell version 6.2.
  • Ref: http://www.securityfocus.com/bid/14068
  • 05.26.25 - CVE: Not Available
  • Platform: Web Application
  • Title: Mensajeitor IP Parameter HTML Injection
  • Description: Mensajeitor is a web-based comment system. It is reported to be vulnerable to an HTML injection issue due to improper sanitization of user-supplied input to the "IP" parameter. Mensajeitor version 1.8.9 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/14071
  • 05.26.26 - CVE: Not Available
  • Platform: Web Application
  • Title: WebCalendar Assistant_Edit.PHP Unauthorized Access
  • Description: WebCalendar is affected by an unauthorized access issue due to a failure in the application to perform proper authentication before permitting access to the "assistant_edit.php" script. WebCalendar versions 1.0.0 and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/14072/info
  • 05.26.27 - CVE: Not Available
  • Platform: Web Application
  • Title: Legal Case Management Log File Information Disclosure
  • Description: Legal Case Management is software aimed for use by not-for-profit legal advice centres. Legal Case Management is prone to an information disclosure vulnerability. This issue is a result of the application not requiring authentication before granting access to the log files generated by LCM. Information acquired from the log files may be used to aid in further attacks against the underlying system.
  • Ref: http://www.securityfocus.com/bid/14060/
  • 05.26.28 - CVE: Not Available
  • Platform: Web Application
  • Title: ASPNuke Multiple Cross-Site Scripting Vulnerabilities
  • Description: ASPNuke is web portal software implemented in ASP. Insufficient sanitization of user-supplied input exposes the application to a cross site scripting issue. All current versions are affected.
  • Ref: http://www.securityfocus.com/bid/14062
  • 05.26.29 - CVE: Not Available
  • Platform: Web Application
  • Title: K-COLLECT CSV-DB CSV_DB.CGI Remote Command Execution
  • Description: K-COLLECT CSV-DB is a web-based application implemented in Perl. It is reported to be vulnerable to remote command execution issue due to improper sanitization of user-supplied data for the "file" variable of the "csv_db.cgi" script. CSV-DB version 1.00 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/14059
  • 05.26.30 - CVE: CAN-2005-2065
  • Platform: Web Application
  • Title: ASPNuke Language_Select.ASP HTTP Response Splitting Vulnerability
  • Description: ASPNuke is Web portal software. It is prone to an HTTP response splitting vulnerability due to a failure in the application to properly sanitize user-supplied input in the "language_select.asp" script. A remote attacker may exploit this vulnerability to influence or misrepresent how Web content is served, cached or interpreted.
  • Ref: http://www.securityfocus.com/bid/14063/info
  • 05.26.31 - CVE: CAN-2005-2057, CAN-2005-2058, CAN-2005-2059,CAN-2005-2060, CAN-2005-2061
  • Platform: Web Application
  • Title: UBBCentral UBB.Threads Multiple Cross-Site Scripting
  • Description: UBB.Threads is a web based forum application that is implemented in PHP. It is affected by multiple cross-site scripting vulnerabilities. UBB.Threads versions 6.5.1.1 and earlier are known to be vulnerable.
  • Ref: http://www.gulftech.org/?node=research&article_id=00084-06232005
  • 05.26.32 - CVE: Not Available
  • Platform: Web Application
  • Title: UBBCentral UBB.Threads SQL Injection
  • Description: UBB.threads is a Web based forum application that is implemented in PHP. UBB.Threads is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. These vulnerabilities could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
  • Ref: http://www.gulftech.org/?node=research&article_id=00084-06232005
  • 05.26.33 - CVE: Not Available
  • Platform: Web Application
  • Title: UBBCentral UBB.Threads Local File Include
  • Description: UBB.threads is a Web based forum application that is implemented in PHP. UBB.Threads is prone to a local file include vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary server-side script code that resides on an affected computer with the privileges of the Web server process. This may potentially facilitate unauthorized access.
  • Ref: http://www.gulftech.org/?node=research&article_id=00084-06232005
  • 05.26.34 - CVE: Not Available
  • Platform: Web Application
  • Title: UBB.Threads Multiple HTTP Response Splitting Vulnerabilities
  • Description: UBB.threads is a web-based forum application. It is affected by multiple HTTP response splitting issues due to insufficient sanitization of the "cat" parameter of the "toggleshow.php", "togglecats.php" and "showprofile.php" scripts. All current versions are affected.
  • Ref: http://www.gulftech.org/?node=research&article_id=00084-06232005
  • 05.26.35 - CVE: Not Available
  • Platform: Web Application
  • Title: PHP-Nuke Avatar HTML Injection Vulnerability
  • Description: PHP-Nuke is a web content management system. It is vulnerable to an HTML injection issue due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. An attacker could exploit this issue to steal cookie-based authentication credentials and other attacks. PHP-Nuke versions 7.7 and earlier are vulnerable.
  • Ref: http://www.securityfocus.com/archive/1/401682
  • 05.26.36 - CVE: Not Available
  • Platform: Web Application
  • Title: CarLine Forum Russian Board Multiple Input Validation Vulnerabilities
  • Description: CarLine Forum Russian Board is a web-based forum. Insufficient sanitization of user-supplied input in various PHP scripts exposes the application to multiple cross-site scripting and SQL injection issues. Russian Board version 4.2 is affected.
  • Ref: http://www.securityfocus.com/bid/14045/info
  • 05.26.37 - CVE: Not Available
  • Platform: Web Application
  • Title: Whois.Cart Profile.PHP Cross-Site Scripting
  • Description: Whois.Cart is a shopping cart and billing management system. Insufficient sanitization of the "page" parameter in the "profile.php" script exposes a cross-site scripting issue in the application. All current versions are affected.
  • Ref: http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0304.html
  • 05.26.38 - CVE: Not Available
  • Platform: Web Application
  • Title: Whois.Cart Index.PHP Directory Traversal
  • Description: Whois.Cart is a billing management system implemented in PHP. It is vulnerable to a directory traversal issue due to a failure in the application to properly sanitize user-supplied input to the "index.php" script. An attacker could exploit this issue to get access to sensitive information. Whois.Cart versions 2.2.77 and earlier are vulnerable.
  • Ref: http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0304.html
  • 05.26.39 - CVE: Not Available
  • Platform: Web Application
  • Title: DUforum Multiple SQL Injection Vulnerabilities
  • Description: DUforum is a message board application. Insufficient sanitization of multiple .asp scripts expose various SQL injection issues in the application allowing remote attackers to pass malicious input to database queries. All current versions are affected.
  • Ref: http://www.securityfocus.com/bid/14035/info
  • 05.26.40 - CVE: Not Available
  • Platform: Web Application
  • Title: RaXnet Cacti Graph_Image.PHP Remote Command Execution
  • Description: RaXnet Cacti is a front-end to RRDTool. Insufficient sanitization of the "graph_start" parameter of the "graph_image.php" script exposes the application to a remote command execution issue. Cacti versions 0.8.6d and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/14042
  • 05.26.41 - CVE: Not Available
  • Platform: Web Application
  • Title: Simple Machines Msg Parameter SQL Injection
  • Description: Simple Machines Forum (SMF) is an open-source web forum application that is written in PHP. Simple Machines is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the "msg" parameter before using it in an SQL query. This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. This issue is reported to affect Simple Machines version 1.0.4.
  • Ref: http://www.securityfocus.com/bid/14043/
  • 05.26.42 - CVE: CAN-2005-1236
  • Platform: Web Application
  • Title: DUportal Pro Multiple SQL Injection Vulnerabilities
  • Description: DUportal Pro is a content management system. It is vulnerable to multiple SQL injection issues due to insufficient sanitization of user-supplied input before using it in SQL queries. DUware DUportal Pro version 3.4.3 is vulnerable.
  • Ref: http://www.digitalparadox.org/advisories/dup.txt
  • 05.26.43 - CVE: Not Available
  • Platform: Hardware
  • Title: Dominion SX Multiple Vulnerabilities
  • Description: Raritan Dominion SX is a hardware console server for local and remote access to managed servers. It is vulnerable to multiple vulnerabilities such as gaining unauthorized access or elevate privileges. Raritan Dominion versions SX16, SX32, SX4, SX8, and SXA-48 are reported to be vulnerable.
  • Ref: http://secunia.com/advisories/15853/

(c) 2005. All rights reserved. The information contained in this newsletter, including any external links, is provided "AS IS," with no express or implied warranty, for informational purposes only. In some cases, copyright for material in this newsletter may be held by a party other than Qualys (as indicated herein) and permission to use such material must be requested from the copyright owner.

==end==

Subscriptions: @RISK is distributed free of charge to people responsible for managing and securing information systems and networks. You may forward this newsletter to others with such responsibility inside or outside your organization.

Just amazing content and instruction, it's really a 'must do' for any info sec professional.
-Mark Austin, PHH Mortgage

Forensics 526

Latest Whitepapers

Building and Maintaining a "Certifiable" Workforce
By Robert J. Mavretich

How Can You Build and Leverage SNORT IDS Metrics to Reduce Risk?
By Tim Proffitt

Daisy Chain Authentication
By Courtney Imbert

Latest Tweets

NEW #SANS Survey: Security Analytics & Intelligence 2nd [...]
October 1, 2013 - 6:30 PM

Tips on how to convince your boss to let you train online wi [...]
October 1, 2013 - 6:23 PM

#2 Tip on how 2 convince your boss 2 let u train online: Fle [...]
October 1, 2013 - 3:00 PM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"It was a great learning experience that helped open my eyes wider. The instructor's knowledge was fantastic."
- Manuja Wikesekera, Melbourne Cricket Club

"Because of the use of real-world examples it's easier to apply what you learn."
- Danny Hill, Friedkin Companies, Inc.

"The perfect balance of theory and hands-on experience."
- James D. Perry II, University of Tennessee