Last day to save $500 for SANS San Diego 2013

@RISK: The Consensus Security Vulnerability Alert

Volume: VII, Issue: 17
April 24, 2008

SANS Newsletters Home

It's a bad week! The widely used Intel wireless driver can get you infected if you are in range even if you are not connected. Multiple Adobe products have critical vulnerabilities for which Adobe has not yet made a patch available. Oracle has a critical (remote code execution) patch update, but many organizations don't install the patches for long periods of time. OpenOffice.org appears to have vulnerabilities that will open infected files even without user approval. Add to that Active X vulnerabilities in CA-Unicenter and other CA products and in Microsoft Works, and you have a LOT of people with a lot of vulnerabilities they do not know how to patch or they will not be patching soon. A bad week. BTW the only two practicable, large-scale solution to these problems and the hundreds of others like them that will be announced over the next few years is for Microsoft and Apple and the other system vendors to provide a service to other vendors to patch any software that runs on their operating systems. Longer term, the Phase II S-CAP initiative from NSA (with help from NIST) may provide an even more comprehensive solution. Alan

@RISK is the SANS community's consensus bulletin summarizing the most important vulnerabilities and exploits identified during the past week and providing guidance on appropriate actions to protect your systems (PART I). It also includes a comprehensive list of all new vulnerabilities discovered in the past week (PART II).

Summary of the vulnerabilities reported this week:

    • Category
    • # of Updates & Vulnerabilities
    • Platform Number of Updates and Vulnerabilities
    • - ------------------------ -------------------------------------
    • Windows
    • 2 (#5, #7)
    • Third Party Windows Apps
    • 8 (#1, #6, #8)
    • Linux
    • 5
    • Cross Platform
    • 22 (#2, #3, #4)
    • Web Application - Cross Site Scripting
    • 11
    • Web Application - SQL Injection
    • 17
    • Web Application
    • 21
    • Network Device
    • 2

******************** Sponsored By SANS Europe 2008 ********************

If you live in the US and missed all 4 chances to attend Ed Skoudis' extraordinary new Penetration Testing and Ethical Hacking course, (because they were all sold out in less than two weeks), we are running it again at SANS Europe in Amsterdam June 16-21. It's a great excuse to take your family to Europe this summer. And if you want to attend Intrusion Detection, Hacker Exploits, Security Essentials, Firewalls and Perimeter Protection, Auditing, Pen Testing Wireless, Securing Windows or other popular SANS courses, they are spread out over Amsterdam, Brussels and London 3 wonderful cities to visit wherever you live in the world. www.sans.org/SecureEurope08

*************************************************************************

TRAINING UPDATE Where can you find the newest Penetration Testing techniques, Application Pen Testing, Hacker Exploits, Secure Web Application Development, Security Essentials, Forensics, Wireless, Auditing, both new Pen Testing courses, CISSP, and SANS' other top-rated courses plus evening sessions with Internet Storm Center handlers. - - SANSFIRE 2008 in Washington DC (7/22-7/31) SANS' biggest summer program with many bonus sessions and a big exhibition of security products: http://www.sans.org/info/26774 - - London (6/2-6/7) and Amsterdam (6/16-6/21) http://www.sans.org/secureeurope08 - - San Diego (5/9-5/16) http://www.sans.org/securitywest08 - - Toronto (5/10-5/16) http://www.sans.org/toronto08 - - and in 100 other cites and online any time: www.sans.org

*************************************************************************

Table Of Contents
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys (www.qualys.com)
Windows
Third Party Windows Apps
Linux
Cross Platform
Web Application - Cross Site Scripting
Web Application - SQL Injection
Web Application
Network Device
PART I Critical Vulnerabilities

Part I for this issue has been compiled by Rob King at TippingPoint, a division of 3Com, as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/cva/#process

Widely Deployed Software
  • (1) CRITICAL: Intel Centrino Wireless Driver Buffer Overflow
  • Affected:
    • Intel Centrino 2200BG Wireless Device Driver

  • Description: The Intel Centrino 2200BG is a popular wireless network (802.11) card, commonly used in laptop computers. Its driver for Microsoft Windows contains a buffer overflow in its handling of wireless network traffic. A specially crafted wireless network frame could trigger this vulnerability, allowing an attacker to execute arbitrary code with kernel level privileges, completely compromising the vulnerable system. The wireless network interface on the vulnerable system need only be in range of the attacker; it need not be connected to any particular wireless network to be vulnerable. Full technical details and a proof-of-concept are publicly available for this vulnerability.

  • Status: Intel confirmed, updates available. The patch can be accessed through Intel site reverenced below.

  • References:
  • (2) CRITICAL: Adobe Multiple Products Bitmap Handling Buffer Overflow
  • Affected:
    • Adobe Photoshop Album Starter
    • Adobe After Effects CS3
    • Adobe Photoshop CS3

  • Description: Multiple Adobe products contain a buffer overflow in their handling of the Bitmap (BMP) image format. A specially crafted BMP image could trigger this buffer overflow. Successfully exploiting this buffer overflow would allow an attacker to execute arbitrary code with the privileges of the current user. Full technical details and a proof-of-concept are publicly available for this vulnerability. Note that, depending upon configuration, BMP files may be opened automatically by the vulnerable applications without first prompting the user.

  • Status: Adobe confirmed, no updates available.

  • References:
  • (5) HIGH: Microsoft Works ActiveX Control Remote Code Execution
  • Affected:
    • Microsoft Works 7, and possibly prior

  • Description: Microsoft Works is a popular office suite from Microsoft. Part of its functionality is provided by an ActiveX control, "WkImgSrv.dll". This control contains remote code execution vulnerability. A malicious web page that instantiates this control could trigger this vulnerability, allowing an attacker to execute arbitrary code with the privileges of the current user. Technical details, and a proof-of-concept are publicly available for this vulnerability.

  • Status: Microsoft has not confirmed, no updates available. Users can mitigate the impact of this vulnerability by disabling the affected control via Microsoft's "kill bit" mechanism using CLSID "00E1DB59-6EFD-4CE7-8C0A-2DA3BCAAD9C6".

  • References:
  • (6) HIGH: Computer Associates DSM ActiveX Control Remote Code Execution
  • Affected:
    • Computer Associates Unicenter Software Delivery
    • Computer Associates Unicenter Remote Control
    • Computer Associates Unicenter Desktop Management Bundle
    • Computer Associates Unicenter Asset Management
    • Computer Associates Remote Control
    • Computer Associates Desktop Management Suite
    • Computer Associates Desktop and Server Management
    • Computer Associates ARCserve Backup for Laptops and Desktops

  • Description: Multiple Computer Associates applications contain the "gui_cm_ctrls.ocx" ActiveX control, used by the "DSM" component of these applications. This control contains a remote code execution vulnerability in its handling of various method parameters. A specially crafted web page that instantiates this control could trigger this vulnerability, allowing an attacker to execute arbitrary code with the privileges of the current user. Some technical details are publicly available for this vulnerability.

  • Status: Computer Associates confirmed, updates available. Users can mitigate the impact of this vulnerability by disabling the affected control via Microsoft's "kill bit" mechanism using CLSID "E6239EB3-E0B0-46DA-A215-CFA9B3B740C5".

  • References:
  • (7) MODERATE: Microsoft Heartbeat ActiveX Control Buffer Overflow
  • Affected:
    • Microsoft HeartbeatCtl ActiveX Control

  • Description: The Microsoft HeartbeatCtl ActiveX control is used to play games on the Microsoft Network (MSN) Games site. This control contains a buffer overflow in its handling of its "Host" parameter. A specially crafted web page that instantiated this control could trigger this buffer overflow, and allow an attacker to execute arbitrary code with the privileges of the current user. Technical details for this vulnerability are publicly available.

  • Status: Microsoft confirmed, updates available. This vulnerability was silently patched in Microsoft Security Bulletin MS07-069. Users can mitigate the impact of this vulnerability by disabling the affected control via Microsoft's "kill bit" mechanism using CLSID "E5D419D6-A846-4514-9FAD-97E826C84822". Note that this will affect normal application functionality.

  • References:
Other Software
  • (8) CRITICAL: Big Ant Enterprise Messaging Buffer Overflow
  • Affected:
    • Big Ant Server versions 2.2 and prior

  • Description: Big Ant Server is an enterprise instant messaging server. It contains a buffer overflow in its handling of user requests. A specially crafted user request could trigger this buffer overflow. Successfully exploiting this vulnerability would allow an attacker to execute arbitrary code with the privileges of the vulnerable process. Full technical details and a proof-of-concept are publicly available for this vulnerability.

  • Status: Big Ant has not confirmed, no updates available. Users can mitigate the impact of this vulnerability by blocking TCP port 6080 at the network perimeter. Update (2008-05-19): BigAnt IM Server HTTP GET Request Remote Buffer Overflow Vulnerability has been fixed in new released BigAnt IM Server v2.35. New release can be downloaded from: http://www.bigantsoft.com/download.html

  • References:
Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 17, 2008

This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 5549 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely.

  • 08.17.1 - CVE: CVE-2008-1436
  • Platform: Windows
  • Title: Microsoft Windows Privilege Escalation
  • Description: Microsoft Windows is exposed to a privilege escalation issue. Specifically, specially crafted code running in the context of the NetworkService or LocalService may gain access to resources in processes that run with the same privileges (NetworkService or LocalService) but can elevate their privileges to LocalSystem. Microsoft Windows XP Professional SP2 and all versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008 are affected.
  • Ref: http://www.securityfocus.com/archive/1/491140
  • 08.17.2 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Microsoft Works 7 "WkImgSrv.dll" ActiveX Control Remote Code Execution
  • Description: Microsoft Works 7 "WkImgSrv.dll" ActiveX control is an application for image manipulation. The application is exposed to a remote code execution issue because the application fails to perform adequate checks on user-supplied data. Microsoft Works 7 "WkImgSrv.dll" ActiveX control version 7.03.0616 is affected.
  • Ref: http://support.microsoft.com/kb/240797
  • 08.17.3 - CVE: CVE-2008-1786
  • Platform: Third Party Windows Apps
  • Title: Computer Associates DSM "gui_cm_ctrls.ocx" ActiveX Control Remote Code Execution
  • Description: Computer Associates DSM is a desktop and server management suite. The application is exposed to a remote code execution issue that occurs because the software fails to sufficiently validate function arguments used by the "gui_cm_ctrls.ocx" ActiveX control. Ref: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=174256
  • 08.17.4 - CVE: CVE-2008-1833
  • Platform: Third Party Windows Apps
  • Title: ClamAV "libclamav/pe.c" WWPACK File Heap-Based Buffer Overflow
  • Description: ClamAV is a multiplatform toolkit used for scanning email messages for viruses. The application is exposed to a heap-based buffer overflow issue because it fails to properly verify user-supplied data. ClamAV version 0.92.1 is affected. Ref: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=687
  • 08.17.5 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: SubEdit Player Subtitle File Remote Buffer Overflow
  • Description: SubEdit Player is a media player and subtitles editor for Microsoft Windows. The application is exposed to a buffer overflow issue because it fails to perform adequate boundary checks on user-supplied input. The issue occurs when the application handles files that contain overly long subtitle data. SubEdit Player Build 4066 is affected.
  • Ref: http://www.securityfocus.com/bid/28858
  • 08.17.6 - CVE: CVE-2007-6255
  • Platform: Third Party Windows Apps
  • Title: Microsoft "HeartbeatCtl" ActiveX Control Remote Buffer Overflow
  • Description: Microsoft "HeartbeatCtl" is an ActiveX control that allows users to play multiplayer games on the MSN Games website. The application is exposed to a remote buffer overflow issue because the application fails to perform adequate boundary checks on user-supplied input.
  • Ref: http://www.kb.cert.org/vuls/id/570089
  • 08.17.7 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Computer Associates eTrust Secure Content Manager Remote Denial of Service
  • Description: Computer Associates eTrust Secure Content Manager is a gateway application that monitors, filters and blocks possible threats from computers. The application is exposed to a remote denial of service issue that occurs in the "eCSqdmn" daemon, which is listening on TCP port 1882 by default.
  • Ref: http://aluigi.altervista.org/adv/ecsqdamn-adv.txt
  • 08.17.8 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Foxit Reader Multiple Remote Memory Corruption Vulnerabilities
  • Description: Foxit Reader is a PDF viewer application available for Microsoft Windows operating systems. The application is exposed to two remote memory corruption issues because it fails to handle specially crafted PDF files. Foxit Reader version 2.2 is affected.
  • Ref: http://www.vallejo.cc/proyectos/foxitreader2.htm
  • 08.17.9 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Apple Safari 3.1.1 For Windows Multiple Denial of Service and Spoofing Vulnerabilities
  • Description: Apple Safari is a web browser available for Mac OS X and Microsoft Windows. The application is exposed to multiple remote issues. Apple Safari version 3.1.1 for Windows is affected.
  • Ref: http://www.securityfocus.com/archive/1/491192
  • 08.17.10 - CVE: CVE-2008-1658
  • Platform: Linux
  • Title: PolicyKit Grant Helper Password Handling Local Format String
  • Description: PolicyKit is used to define and handle policies that allow unprivileged processes to communicate with privileges processes. The application is exposed to a local format string issue because it fails to sanitize user-supplied input before passing it to a formatted printing function. PolicyKit version 0.6 is affected.
  • Ref: https://bugzilla.redhat.com/show_bug.cgi?id=439982#add_comment
  • 08.17.11 - CVE: CVE-2008-1693
  • Platform: Linux
  • Title: Poppler and Xpdf PDF Rendering Library Embedded Font Remote Code Execution
  • Description: The Poppler PDF rendering library is a library that provides a programming interface for rendering PDF files. It is based on the Xpdf-3.0 codebase. The application is exposed to a remote code execution issue because it fails to properly validate user-supplied data.
  • Ref: http://rhn.redhat.com/errata/RHSA-2008-0238.html
  • 08.17.12 - CVE: CVE-2008-1694
  • Platform: Linux
  • Title: GNU Emacs Insecure Temporary File Creation
  • Description: Emacs is a freely available text editor. Emacs creates temporary files in an insecure manner. Specifically, the issue presents itself because the "ib-src/vcdiff" script file uses a temporary file with a predictable name. Emacs versions 21.4a and 22.2 are affected.
  • Ref: https://bugzilla.redhat.com/show_bug.cgi?id=208483
  • 08.17.13 - CVE: Not Available
  • Platform: Linux
  • Title: Acon Multiple Local Buffer Overflow Vulnerabilities
  • Description: Acon is a script that adds arabic text support in a Linux console. This setuid application is exposed to multiple issues because it fails to perform adequate boundary checks on user-supplied input. Acon version 1.0.5 is affected.
  • Ref: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476603
  • 08.17.14 - CVE: Not Available
  • Platform: Linux
  • Title: grsecurity Multiple RBAC Local Security Bypass Vulnerabilities
  • Description: grsecurity is a security application add on to the Linux kernel using multi-layered detection, prevention, and containment. The application is exposed to multiple local security bypass issues because it fails to handle return values to certain functions in the RBAC (Role-Based Access Control) system. grsecurity versions prior to 2.1.11-2.6.24.5 (2008-04-21) and 2.1.11-2.4.36.2 (2008-04-21) are affected.
  • Ref: http://www.securityfocus.com/bid/28889
  • 08.17.15 - CVE: CVE-2008-1024
  • Platform: Cross Platform
  • Title: Apple Safari File Download Remote Memory Corruption
  • Description: Apple Safari is a browser available for multiple operating systems. The application is exposed to a remote memory corruption issue that occurs when handling files with large names during a download operation. Apple Safari versions prior to 3.1.1 running on Microsoft Windows XP and Windows Vista are affected.
  • Ref: http://www.kb.cert.org/vuls/id/529441
  • 08.17.16 - CVE: CVE-2008-1026
  • Platform: Cross Platform
  • Title: Apple Safari WebKit JavaScript Regular Expression Repetition Counts Buffer Overflow
  • Description: Apple Safari is a browser available for Mac OS X and Microsoft Windows. Safari is exposed to a buffer overflow issue because it fails to properly bounds check user-supplied input before using it in an insufficiently sized buffer. Safari version 3.1.1 resolves this issue.
  • Ref: http://support.apple.com/kb/HT1467
  • 08.17.17 - CVE: CVE-2007-5745, CVE-2007-5746, CVE-2007-5747,CVE-2008-0320
  • Platform: Cross Platform
  • Title: OpenOffice Multiple Heap-Based Buffer Overflow Vulnerabilities
  • Description: OpenOffice is a suite of office applications for multiple operating platforms. The application is exposed to multiple issues. OpenOffice 2 versions prior to 2.4 are affected. The OLE and EMF file issues also affect OpenOffice version 1.1. Ref: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=693
  • 08.17.18 - CVE: CVE-2008-1096
  • Platform: Cross Platform
  • Title: ImageMagick Malformed XCF File Heap-Based Buffer Overflow
  • Description: ImageMagick is an image editing suite that includes a library and command-line utilities supporting numerous image formats. It is exposed to a heap-based buffer overflow issue because the application fails to perform adequate boundary checks on user-supplied data. ImageMagick versions 6.2.8-0 and earlier are affected.
  • Ref: http://rhn.redhat.com/errata/RHSA-2008-0145.html
  • 08.17.19 - CVE: CVE-2008-1097
  • Platform: Cross Platform
  • Title: ImageMagick Malformed PCX File Heap-Based Buffer Overflow
  • Description: ImageMagick is an image editing suite that includes a library and command line utilities supporting numerous image formats. ImageMagick is exposed to a heap-based buffer overflow issue because the application fails to perform adequate boundary checks on user-supplied data. ImageMagick versions 6.2.8-0 and 6.2.4-5 are affected.
  • Ref: http://rhn.redhat.com/errata/RHSA-2008-0145.html
  • 08.17.20 - CVE: Not Available
  • Platform: Cross Platform
  • Title: xine-lib NES Sound Format Demuxer "demux_nsf.c" Buffer Overflow
  • Description: The "xine-lib" library allows various media players to play various media formats. The library is a plugin for RealMedia. The library is exposed to a buffer overflow issue because it fails to perform adequate boundary checks on user-supplied data when processing it with the NES Sound Format demuxer. xine-lib versions 1.1.12 and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/28816
  • 08.17.21 - CVE: CVE-2008-1380
  • Platform: Cross Platform
  • Title: Mozilla Firefox/SeaMonkey JavaScript Garbage Collector Memory Corruption
  • Description: The Mozilla Foundation has released a security advisory disclosing a memory corruption issue that affects Mozilla Firefox, SeaMonkey and potentially Thunderbird. The issue stems from an unspecified error in the JavaScript garbage collector and was introduced by security fixes for issues described in MFSA 2008-15 (BID 28448). Mozilla Firefox version 2.0.0.13 and Mozilla SeaMonkey version 1.1.9 are affected.
  • Ref: http://rhn.redhat.com/errata/RHSA-2008-0222.html
  • 08.17.22 - CVE: Not Available
  • Platform: Cross Platform
  • Title: BS.Player SRT File Remote Buffer Overflow
  • Description: BS.Player is a media player designed to handle multiple media file formats. The application is exposed to a buffer overflow issue because it fails to perform adequate boundary checks on user-supplied input. The issue occurs when the application handles SRT files that contain overly long subtitle data. BS.Player version 2.27.959 is affected.
  • Ref: http://www.securityfocus.com/bid/28811
  • 08.17.23 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Cecilia Insecure Temporary File Creation
  • Description: Cecilia is a graphical user interface to Csound. Cecilia creates temporary files in an insecure manner. Specifically the issue presents itself because the "locateCsound()" function in the "lib/prefs.tcl" file uses a temporary file with a fixed name "/tmp/csvers". Cecilia version 2.0.5 is affected.
  • Ref: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476321
  • 08.17.24 - CVE: Not Available
  • Platform: Cross Platform
  • Title: IBM DB2 Universal Database JAR File Processing Multiple Denial of Service Vulnerabilities
  • Description: IBM DB2 Universal Database Server is exposed to multiple denial of service issues. IBM DB2 Universal Database versions 8, 9, and 9.5 on Microsoft Windows platforms are affected.
  • Ref: http://www-1.ibm.com/support/docview.wss?uid=swg21287889
  • 08.17.25 - CVE: Not Available
  • Platform: Cross Platform
  • Title: IBM DB2 "NNSTAT" Procedure Arbitrary File Overwrite
  • Description: IBM DB2 is a database server. The "NNSTAT" procedure retrieves statistics for one or more nicknames. The application is exposed to an issue that lets attackers overwrite arbitrary files.
  • Ref: http://www.securityfocus.com/archive/1/491073
  • 08.17.26 - CVE: Not Available
  • Platform: Cross Platform
  • Title: IBM DB2 Universal Database ADMIN_SP_C and ADMIN_SP_C2 Procedures Remote Code Execution
  • Description: IBM DB2 Universal Database Server is exposed to a remote code execution issue. It may be exploited by authenticated attackers that issue the "ADMIN_SP_C" or "ADMIN_SP_C2" procedures with specially-crafted arguments.
  • Ref: http://www.securityfocus.com/archive/1/491075
  • 08.17.27 - CVE: CVE-2007-6714
  • Platform: Cross Platform
  • Title: DBMail Authentication Bypass
  • Description: DBMail is an application that stores emails in an SQL based database. The application is exposed to an issue that may let attackers authenticate without a valid password in some configurations. This vulnerability is known to occur when the "authldap" module is used with an Active Directory server.
  • Ref: http://www.dbmail.org/index.php?page=news&id=44
  • 08.17.28 - CVE: CVE-2008-1558
  • Platform: Cross Platform
  • Title: MPlayer "sdpplin_parse()" RTSP Integer Overflow
  • Description: MPlayer is a media player. MPlayer is exposed to an interger overflow issue because it fails to perform adequate checks on externally-supplied input. The vulnerability exists in the "sdpplin_parse()" function.
  • Ref: http://www.securityfocus.com/bid/28851
  • 08.17.29 - CVE: CVE-2008-1771
  • Platform: Cross Platform
  • Title: Firefly Media Server "Content-Length" Buffer Overflow
  • Description: Firefly Media Server (formerly known as mt-daapd) is a multiplatform digital music server. The application is exposed to a buffer overflow issue because it fails to perform adequate checks on user-supplied input. The issue exists due to an integer overflow error in the "ws_getpostvars()" function in the "src/webserver.c" file. Firefly Media Server versions prior to 0.2.4.2 are affected. Ref: http://sourceforge.net/project/shownotes.php?release_id=593465&group_id=98211
  • 08.17.30 - CVE: Not Available
  • Platform: Cross Platform
  • Title: MoinMoin Multiple ACL Security Bypass Vulnerabilities
  • Description: MoinMoin is an open source wiki. The application is exposed to multiple security bypass issues because it fails to properly handle Access Control List (ACL) entries. MoinMoin versions prior to 1.6.3 are affected.
  • Ref: http://moinmo.in/SecurityFixes
  • 08.17.31 - CVE: CVE-2008-1102
  • Platform: Cross Platform
  • Title: Blender "radiance_hdr.c" Remote Buffer Overflow
  • Description: Blender is an open source suite for creating 3D content. The application is exposed to a buffer overflow issue because it fails to perform adequate boundary checks on user-supplied input. Blender version 2.45 is affected.
  • Ref: http://secunia.com/secunia_research/2008-16/advisory/
  • 08.17.32 - CVE: CVE-2008-1765
  • Platform: Cross Platform
  • Title: Multiple Adobe Products Image Header Buffer Overflow
  • Description: Multiple Adobe products are exposed to a buffer overflow issue because they fail to perform adequate boundary checks on user-supplied input. The issue occurs when handling malformed image header data in image files.
  • Ref: http://www.adobe.com/support/security/advisories/apsa08-04.html
  • 08.17.33 - CVE: Not Available
  • Platform: Cross Platform
  • Title: muCommander "credentials.xml" Local Information Disclosure
  • Description: muCommander is a cross-platform file manager application. The application is exposed to a local information disclosure issue because the application fails to set secure permissions for the "credentials.xml" file. muCommander versions prior to 0.8.2 are affected.
  • Ref: http://www.mucommander.com/changes.php
  • 08.17.34 - CVE: CVE-2008-1834
  • Platform: Cross Platform
  • Title: Swfdec Untrusted Sandbox Remote Information Disclosure
  • Description: Swfdec is a decoding and rendering library for Macromedia Flash animation files. It can be used in conjunction with web browsers to view Flash files. The application is exposed to a remote information disclosure issue due to a failure of the software to securely implement restricted sandboxes for Macromedia Flash animation files. Swfdec versions prior to 0.6.4 are affected.
  • Ref: http://lists.freedesktop.org/archives/swfdec/2008-April/001321.html
  • 08.17.35 - CVE: Not Available
  • Platform: Cross Platform
  • Title: SIPp "call.cpp" Remote Buffer Overflow
  • Description: SIPp is an Open Source test tool for the SIP protocol. The application is exposed to a buffer overflow issue because it fails to perform adequate boundary checks on user-supplied input. SIPp version 3.0 is affected. Ref: http://sourceforge.net/project/shownotes.php?release_id=593806&group_id=104305
  • 08.17.36 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Mozilla Firefox "document.write()" Denial of Service
  • Description: Mozilla Firefox is a browser available for multiple platforms. The browser is exposed to a remote denial of service issue because it fails to handle excessive data sent in an infinite loop to the "document.write()" JavaScript function. Firefox version 3 Beta 5 is affected.
  • Ref: http://www.securityfocus.com/archive/1/491196
  • 08.17.37 - CVE: CVE-2008-1025
  • Platform: Web Application - Cross Site Scripting
  • Title: Apple Safari WebKit URI Handling Cross-Site Scripting
  • Description: Apple Safari is a browser available for Mac OS X and Microsoft Windows. Safari WebKit is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input. Safari version 3.1.1 resolves this issue.
  • Ref: http://support.apple.com/kb/HT1467
  • 08.17.38 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: Blogator-script "bs_auth.php" Cross-Site Scripting
  • Description: Blogator-script is a blog application. The application is exposed to a cross-site scripting issue because it fails to adequately sanitize user-supplied input to the "msg" parameter of the "Blogator-script/bs_auth.php" script. Blogator-script version 0.95 is affected.
  • Ref: http://www.securityfocus.com/bid/28810
  • 08.17.39 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: MyBoard "rep.php" Cross-Site Scripting
  • Description: MyBoard is a web-based forum application. The application is exposed to a cross-site scripting issue because it fails to sanitize user-supplied input to the "id" parameter of the "rep.php" script. MyBoard version 1.0.12 is affected.
  • Ref: http://www.securityfocus.com/bid/28823
  • 08.17.40 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: Php-Stats "admin.php" Multiple Cross-Site Scripting Vulnerabilities
  • Description: Php-Stats a PHP-based tool for creating statistical information about a file tree. The application is exposed to multiple cross-site scripting issues because it fails to properly sanitize user-supplied input to the following parameters of the "admin.php" script. Php-Stats version 0.1.9.1 is affected.
  • Ref: http://www.securityfocus.com/bid/28824
  • 08.17.41 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: EsContacts "msg" Parameter Multiple Cross-Site Scripting Vulnerabilities
  • Description: EsContacts is a PHP-based contact management application. The application is exposed to multiple cross-site scripting issues because it fails to properly sanitize user-supplied input.
  • Ref: http://www.securityfocus.com/bid/28825
  • 08.17.42 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: Wikepage Opus "wiki" Parameter Cross-Site Scripting
  • Description: Wikepage Opus is a PHP-based blog application. The application is exposed to a cross-site scripting issue because it fails to sanitize user-supplied input to the "wiki" parameter of the "index.php" script. Wikepage Opus version 13 2007.2 is affected.
  • Ref: http://www.securityfocus.com/archive/1/491065
  • 08.17.43 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: uTorrent WebUI Cross-Site Request Forgery
  • Description: uTorrent WebUI is a web-based administrative interface for the uTorrent BitTorrent client application. The application is exposed to a cross-site request forgery issue. uTorrent WebUI version 0.310 beta 2 is affected.
  • Ref: http://www.securityfocus.com/archive/1/491066
  • 08.17.44 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: Advanced Electron Forum "beg" Parameter Cross-Site Scripting
  • Description: Advanced Electron Forum (AEF) is a PHP-based web forum application. The application is exposed to a cross-site scripting issue because it fails to sanitize user-supplied input to the "beg" parameter of the "index.php" script.
  • Ref: http://www.securityfocus.com/bid/28865
  • 08.17.45 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: ContRay "search" Parameter Cross-Site Scripting
  • Description: ContRay is a web-based content manager. The application is exposed to a cross-site scripting issue because it fails to sanitize user-supplied input to the "search" parameter of the "cgi-bin/contray/search.cgi" script.
  • Ref: http://www.securityfocus.com/bid/28883
  • 08.17.46 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: EncapsGallery Cross-Site Scripting Vulnerability and File Upload
  • Description: EncapsGallery is a photo gallery application. The application is exposed to two issues because it fails to sanitize user-supplied input. EncapsGallery version 2.0.2 is affected and version 2.0.4 is affected to the file upload issue only.
  • Ref: http://www.securityfocus.com/bid/28887
  • 08.17.47 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: Akiva WebBoard HTML Injection
  • Description: Akiva WebBoard is a web-based application for social networking. The application is exposed to an HTML injection issue when handling specially crafted values of form field parameters of the profile update page. Akiva WebBoard version 8.0 is affected.
  • Ref: http://www.securityfocus.com/bid/28895
  • 08.17.48 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Mambo and Joomla! Jom Comment Component User Credential SQL Injection
  • Description: Jom Comment is a component for the Mambo and Joomla! content managers. The component is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. The issue occurs in the username and password fields. Jom Comment version 2.0 build 345 is affected. Ref: http://www.securityfocus.com/bid/28812http://www.securityfocus.com/bid/28812
  • 08.17.49 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: XplodPHP AutoTutorials "id" Parameter SQL Injection
  • Description: XplodPHP AutoTutorials is an application for managing online tutorials. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "viewcat.php" component before using it in an SQL query. AutoTutorials version 2.1 is affected.
  • Ref: http://www.securityfocus.com/bid/28808
  • 08.17.50 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: CoBaLT "adminler.asp" SQL Injection
  • Description: CoBaLT is a web-based application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied input to the "id" parameter of the "cobalt/cobalt_v2_yonetim/adminler.asp" script before using it in an SQL query. CoBaLT version 2.0 is affected.
  • Ref: http://www.securityfocus.com/bid/28831
  • 08.17.51 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: TLM CMS Multiple SQL Injection Vulnerabilities
  • Description: TLM CMS is a content management system. The application is exposed to multiple SQL injection issues because it fails to sufficiently sanitize user-supplied data to the following scripts and parameters: "a-bmembres.php: nom" and "goodies.php: idnews". TLM CMS version 3.1 is affected.
  • Ref: http://www.securityfocus.com/bid/28837
  • 08.17.52 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: 5th Avenue Shoppe "category_list.php" SQL Injection
  • Description: 5th Avenue Shoppe is a shopping cart application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "category_ID" parameter of the "category_list.php" script before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/491069
  • 08.17.53 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Voice of Web AllMyGuests "AMG_id" SQL Injection
  • Description: Voice of Web AllMyGuests is a guestbook. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "AMG_id" parameter of the "index.php" script before using it in an SQL query.
  • Ref: http://www.milw0rm.com/exploits/5469
  • 08.17.54 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Simple Customer "contact.php" SQL Injection
  • Description: Simple Customer is a web-based application to keep track of clients, customers and contacts. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "contact.php" script before using it in an SQL query. Simple Customer version 1.2 is affected.
  • Ref: http://www.securityfocus.com/bid/28852
  • 08.17.55 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: YourFreeWorld Apartment Search Script "listtest.php" SQL Injection
  • Description: Apartment Search Script is a web-based application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "r" parameter of the "listtest.php" script before using it in an SQL query.
  • Ref: http://www.securityfocus.com/bid/28853
  • 08.17.56 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: PHP-Fusion "submit.php" SQL Injection
  • Description: PHP-Fusion is a content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "submit_info[]" parameter of the "submit.php" script before using it in an SQL query. PHP-Fusion version 6.00.307 is affected.
  • Ref: http://www.securityfocus.com/bid/28855
  • 08.17.57 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: XOOPS Recette "detail.php" SQL Injection
  • Description: Recette is a XOOPS module for cookbook management. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "detail.php" script before using it in an SQL query. XOOPS Recette version 2.2 is affected.
  • Ref: http://www.securityfocus.com/bid/28859
  • 08.17.58 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: W1L3D4 Philboard Multiple SQL Injection Vulnerabilities
  • Description: Philboard is a web-based forum. The application is exposed to multiple SQL injection issues because it fails to sufficiently sanitize user-supplied data. Philboard version 1.0 is affected.
  • Ref: http://www.securityfocus.com/bid/28871
  • 08.17.59 - CVE: CVE-2008-1613
  • Platform: Web Application - SQL Injection
  • Title: RedDot CMS "ioRD.asp" SQL Injection
  • Description: RedDot CMS is a content management application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "LngId" parameter of the "ioRD.asp" script before using it in an SQL query. RedDot CMS versions prior to 7.5.1.86 are affected.
  • Ref: http://www.securityfocus.com/archive/1/491139
  • 08.17.60 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Tr Script News "news.php" SQL Injection
  • Description: Tr Script News is a news application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "nb" parameter of the "news.php" script before using it in an SQL query. Tr Script News version 2.1 is affected.
  • Ref: http://www.securityfocus.com/bid/28876
  • 08.17.61 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: XOOPS Article Module "article.php" SQL Injection
  • Description: Article is a PHP-based component for the XOOPS content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "article.php" script before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/491150
  • 08.17.62 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Crazy Goomba "commentaires.php" SQL Injection
  • Description: Crazy Goomba is a web-based application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "commentaires.php" script before using it in an SQL query. Crazy Goomba version 1.2.1 is affected. Ref: http://www.z0rlu.ownspace.org/index.php?/archives/58-Crazy-Goomba-1.2.1-SQL-inj.html
  • 08.17.63 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo FlippingBook Component "book_id" Parameter SQL Injection
  • Description: The FlippingBook component is an album and presentation component for the Joomla! and Mambo content managers. The component is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "book_id" parameter of the "com_flippingbook" component before using it in an SQL query.
  • Ref: http://www.securityfocus.com/bid/28886
  • 08.17.64 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: WordPress wpSS Spreadsheet Plugin "ss_id" Parameter SQL Injection
  • Description: The WordPress Spreadsheet (wpSS) is a plugin for the WordPress web-based publishing application. The plugin is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "ss_id" parameter of the "ss_load.php" script before using it in an SQL query. wpSS versions 0.6 and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/28894
  • 08.17.65 - CVE: Not Available
  • Platform: Web Application
  • Title: eGroupWare Unspecified Arbitrary File Upload
  • Description: eGroupWare is a web-based groupware application. The application is exposed to an arbitrary file upload issue that stems from an unspecified error related to FCKEditor. eGroupWare versions prior to 1.4.004 are affected.
  • Ref: http://www.egroupware.org/news
  • 08.17.66 - CVE: Not Available
  • Platform: Web Application
  • Title: Carbon Communities Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
  • Description: Carbon Communities is a forum and bulletin board application. The application is exposed to multiple input validation issues. Carbon Communities version 2.4 is affected.
  • Ref: http://www.securityfocus.com/archive/1/490923
  • 08.17.67 - CVE: Not Available
  • Platform: Web Application
  • Title: e107 123 FlashChat Module "123flashchat.php" Remote File Include
  • Description: 123 FlashChat is a chat module for the e107 content manager. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "e107path" parameter of the "123flashchat.php" script.
  • Ref: http://www.securityfocus.com/bid/28828
  • 08.17.68 - CVE: Not Available
  • Platform: Web Application
  • Title: SunShop Shopping Cart "adminindex.php" Multiple SQL Injection Vulnerabilities
  • Description: SunShop Shopping Cart is a web-based ecommerce application. The application is exposed to multiple SQL injection issues because it fails to sufficiently sanitize user-supplied data to the "orderby" and "sort" parameters in the "admin/adminindex.php" script before using it in an SQL query. SunShop Shopping Cart version 4.1.0 is affected.
  • Ref: http://www.securityfocus.com/bid/28832
  • 08.17.69 - CVE: Not Available
  • Platform: Web Application
  • Title: Exponent CMS Multiple HTML Injection Vulnerabilities
  • Description: Exponent CMS is an open-source content manager application. It is exposed to multiple HTML injection issues because it fails to sufficiently sanitize user-supplied input. Exponent CMS version 0.97.0-alpha and all earlier versions are affected. Ref: http://www.exponentcms.org/index.php?action=view&id=64&module=newsmodule&src=%40random44fe03276195
  • 08.17.70 - CVE: Not Available
  • Platform: Web Application
  • Title: Grape Web Statistics "functions.php" Remote File Include
  • Description: Grape Web Statistics is a PHP-based application that allows site administrators to keep track of web site statistics. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "location" parameter of the "function.php" script. Grade Web Statistics version 0.2a is affected.
  • Ref: http://www.securityfocus.com/bid/28838
  • 08.17.71 - CVE: Not Available
  • Platform: Web Application
  • Title: LightNEasy 1.2.2 Flat Multiple Input Validation Vulnerabilities
  • Description: LightNEasy is a web-based content manager. The application is exposed to multiple input validation issues. LightNEasy version 1.2.2 flat is affected.
  • Ref: http://www.securityfocus.com/archive/1/491064
  • 08.17.72 - CVE: CVE-2008-1734
  • Platform: Web Application
  • Title: PHP Toolkit Quote Parameter Information Disclosure and Denial of Service
  • Description: PHP Toolkit is an application that manages multiple installations of PHP. The application is exposed to an information disclosure and denial of service issue because the application does not quote parameters passed to the "tr" command. This issue only occurs when converting a file containing a filename with a single lower case character.
  • Ref: http://www.securityfocus.com/bid/28844
  • 08.17.73 - CVE: Not Available
  • Platform: Web Application
  • Title: WordPress "cat" Parameter Directory Traversal
  • Description: WordPress is a freely available application for personal publishing. WordPress is exposed to a directory traversal issue because it fails to sufficiently sanitize user-supplied input to the "cat" parameter of the "index.php" script. WordPress version 2.3.3 is affected.
  • Ref: http://trac.wordpress.org/changeset/7586
  • 08.17.74 - CVE: Not Available
  • Platform: Web Application
  • Title: TorrentFlux Cross-Site Request Forgery and Remote PHP Script Code Execution Vulnerabilities
  • Description: TorrentFlux is a front end management application for BitTorrent. TorrentFlux is exposed to a cross-site request forgery and remote PHP script code execution issue. TorrentFlux version 2.3 is affected.
  • Ref: http://www.securityfocus.com/archive/1/491066
  • 08.17.75 - CVE: Not Available
  • Platform: Web Application
  • Title: Azureus HTML WebUI Cross-Site Request Forgery
  • Description: Azureus HTML WebUI is a web-based administrative interface for the Azureus BitTorrent client application. The application is exposed to a cross-site request forgery issue. uTorrent WebUI version 0.310 beta 2 is affected. Ref: http://azureus.sourceforge.net/plugin_details.php?plugin=azhtmlwebui
  • 08.17.76 - CVE: Not Available
  • Platform: Web Application
  • Title: openInvoice Security Bypass Vulnerabilities
  • Description: openInvoice is a web-based invoicing tool. The application is exposed to multiple security bypass issues because it fails to properly validate user credentials before allowing access to the admin area. openInvoice version 0.90 Beta is affected.
  • Ref: http://www.securityfocus.com/bid/28854
  • 08.17.77 - CVE: Not Available
  • Platform: Web Application
  • Title: phShoutBox Cookie Security Bypass
  • Description: phShoutBox is a web-based shoutbox application. The application is exposed to a security bypass issue because it fails to properly validate user credentials before allowing access to the admin area. phShoutBox versions 1.5 Final and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/28856
  • 08.17.78 - CVE: Not Available
  • Platform: Web Application
  • Title: Chimaera Project Aterr Multiple Local File Include Vulnerabilities
  • Description: Aterr is a threaded forum system. The application is exposed to local file include issues because it fails to properly sanitize user-supplied input to the "class" parameter of the "include/functions.inc.php" script and "file" parameter of the "include/common.inc.php" script. Aterr version 0.9.1 is affected.
  • Ref: http://www.securityfocus.com/bid/28861
  • 08.17.79 - CVE: Not Available
  • Platform: Web Application
  • Title: Host Directory PRO Cookie Security Bypass
  • Description: Host Directory PRO is a web-based application to create hosting directories. The application is exposed to a security bypass issue because it fails to properly validate user credentials before allowing access to the admin area.
  • Ref: http://www.securityfocus.com/bid/28863
  • 08.17.80 - CVE: Not Available
  • Platform: Web Application
  • Title: PortailPHP "mod_search" Remote File Include
  • Description: PortailPHP is a content management application. The application is exposed to a remote file include issue because it fails to properly sanitize user-supplied input in the "chemin" parameter of the "mod_search/index.php" script. PortailPHP version 2.0 is affected.
  • Ref: http://www.securityfocus.com/bid/28867
  • 08.17.81 - CVE: Not Available
  • Platform: Web Application
  • Title: SMF Audio CAPTCHA Security Bypass
  • Description: SMF (Simple Machine Forum) is a web-based forum application. The application is exposed to a security bypass issue that occurs in the audio CAPTCHA. To circumvent the audio CAPTCHA test, the attacker would need to perform 14,000 Hamming distance calculations.
  • Ref: http://www.securityfocus.com/archive/1/491127
  • 08.17.82 - CVE: Not Available
  • Platform: Web Application
  • Title: Acidcat CMS Multiple Input Validation Vulnerabilities
  • Description: Acidcat CMS is an ASP based content manager. The application is exposed to multiple input validation issues. Acidcat CMS version 3.1 is affected.
  • Ref: http://www.securityfocus.com/archive/1/491129
  • 08.17.83 - CVE: Not Available
  • Platform: Web Application
  • Title: Kubelance "ipn.php" Local File Include
  • Description: Kubelance is a PHP-based application that allows users to post and bid on jobs and projects. The application is exposed to a local file include issue because it fails to properly sanitize user-supplied input to the "i" parameter of the "ipn.php" script. Kubelance version 1.6.4 is affected.
  • Ref: http://www.securityfocus.com/bid/28873
  • 08.17.84 - CVE: CVE-2008-1385, CVE-2008-1386
  • Platform: Web Application
  • Title: S9Y Serendipity HTML Injection and Cross-Site Scripting Vulnerabilities
  • Description: Serendipity is a web-log application. The application is exposed to multiple input validation issues because it fails to properly sanitize user-supplied input. S9Y Serendipity version 1.3 is affected.
  • Ref: http://int21.de/cve/CVE-2008-1386-s9y.html
  • 08.17.85 - CVE: Not Available
  • Platform: Web Application
  • Title: QIP Unspecified Remote Memory Corruption
  • Description: QIP is an instant messenger application. The application is exposed to a memory corruption issue due to an unspecified error when processing messages.
  • Ref: http://www.securityfocus.com/bid/28896
  • 08.17.86 - CVE: CVE-2008-1155
  • Platform: Network Device
  • Title: Cisco Network Admission Control Shared Secret Information Disclosure
  • Description: Cisco Network Admission Control (NAC) appliance is a networking device for ensuring endpoint device security policy compliance. The appliance is exposed to a remote information disclosure issue because it fails to securely transmit error log data over the network.
  • Ref: http://www.securityfocus.com/archive/1/490958
  • 08.17.87 - CVE: Not Available
  • Platform: Network Device
  • Title: Multiple Wireless Routers Predictable Default WEP/WPA Key Security Bypass
  • Description: Multiple wireless routers are exposed to an issue that can allow an attacker to predict their default WEP/WPA encryption keys. Specifically, the algorithm to generate default SSID and encryption key values are based on a hash of the device's serial number.
  • Ref: http://www.securityfocus.com/archive/1/491206

(c) 2008. All rights reserved. The information contained in this newsletter, including any external links, is provided "AS IS," with no express or implied warranty, for informational purposes only. In some cases, copyright for material in this newsletter may be held by a party other than Qualys (as indicated herein) and permission to use such material must be requested from the copyright owner.

Subscriptions: @RISK is distributed free of charge by the SANS Institute to people responsible for managing and securing information systems and networks. You may forward this newsletter to others with such responsibility inside or outside your organization.

SANS delivers the best training I have seen in the industry.
-Brian Hughes, Idaho State University

SANS Golden Gate 2013 - San Francisco

Latest Whitepapers

Building and Maintaining a "Certifiable" Workforce
By Robert J. Mavretich

How Can You Build and Leverage SNORT IDS Metrics to Reduce Risk?
By Tim Proffitt

Daisy Chain Authentication
By Courtney Imbert

Latest Tweets

NEW #SANS Survey: Security Analytics & Intelligence 2nd [...]
October 1, 2013 - 6:30 PM

Tips on how to convince your boss to let you train online wi [...]
October 1, 2013 - 6:23 PM

#2 Tip on how 2 convince your boss 2 let u train online: Fle [...]
October 1, 2013 - 3:00 PM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"SANS is a great place to enhance your technical and hands-on skills and tools. I thoroughly recommend it."
- Aaron Waugh, Datacom NZ Ltd

"Just amazing content and instruction, it's really a 'must do' for any info sec professional."
- Mark Austin, PHH Mortgage

"SANS is far more in-depth than other training I have attended."
- Frank Rajnai, Sears Canada Inc