Last day to save $500 for SANS San Diego 2013

@RISK: The Consensus Security Vulnerability Alert

Volume: VII, Issue: 8
February 21, 2008

SANS Newsletters Home

If you are not yet persuaded that storage products are a primary target of the attackers, just look back over the last two years at all the vulnerabilities in CA and Veritas back-up products. This week it is another Veritas one and one from EMC. One of the great truths of vulnerability counting is that high numbers of discovered vulnerabilities point to primary attack targets. So it would be smart to have a good answer when your CEO asks: How good is your program for keeping our back-up products patched?

Alan

@RISK is the SANS community's consensus bulletin summarizing the most important vulnerabilities and exploits identified during the past week and providing guidance on appropriate actions to protect your systems (PART I). It also includes a comprehensive list of all new vulnerabilities discovered in the past week (PART II).

Summary of the vulnerabilities reported this week:

    • Category
    • # of Updates & Vulnerabilities
    • Summary of Updates and Vulnerabilities in this Consensus
    • Platform Number of Updates and Vulnerabilities
    • - ------------------------ -------------------------------------
    • Third Party Windows Apps
    • 8 (#1, #2)
    • Mac Os
    • 1
    • Linux
    • 2
    • Cross Platform
    • 9 (#3)
    • Network Device
    • 1 (#4)
    • Web Application - Cross Site Scripting
    • 7
    • Web Application - SQL Injection
    • 48
    • Web Application
    • 15

************************* Sponsored By SANS *****************************

SANS OnSite Training Your Location! Your Schedule! Lower Cost! Contact us by March 31 and receive additional free seats (up to $25,000 value)

"Additionally, if you answer four simple questions, and place an order by June 30, 2007 for a SANS OnSite class, we will provide you with one free bonus seat in your OnSite class (up to $5,100 value). More importantly, theses questions will help us assist you in creating a training solution that meets both your professional development and budgetary needs."

Click here today! http://www.sans.org/info/24354

*************************************************************************

TRAINING UPDATE Where can you find the newest Penetration Testing techniques, Application Pen Testing, Hacker Exploits, Secure Web Application Development, Security Essentials, Forensics, Wireless, Auditing, CISSP, and SANS' other top-rated courses?

- - SANS 2008 in Orlando (4/18-4/25) SANS' biggest program with myriad bonus sessions and a huge exhibition of security products: http://www.sans.org/sans2008

- - Washington DC (Tyson's) 3/24-3/31 http://www.sans.org/tysonscorner08

- - San Diego (5/9-5/16) http://www.sans.org/securitywest08

- - Toronto (5/10-5/16) http://www.sans.org/toronto08

- - and in 100 other cites and on line any-time: www.sans.org

*************************************************************************

Table Of Contents
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys (www.qualys.com)
Third Party Windows Apps
Mac Os
Linux
Cross Platform
Web Application - Cross Site Scripting
Web Application - SQL Injection
Web Application
PART I Critical Vulnerabilities

Part I for this issue has been compiled by Rob King at TippingPoint, a division of 3Com, as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/cva/#process

Widely Deployed Software
  • (1) CRITICAL: Symantec Veritas Storage Foundation Administrator Service Buffer Overflow
  • Affected:
    • Symantec Veritas Storage Foundation versions 5.0 and prior

  • Description: Veritas Storage Foundation is an enterprise storage management application from Symantec. It provides an administration service that is network accessible. This administration service has a flaw in its handling of user data An overlong request could trigger a heap buffer overflow. Successfully exploiting this buffer overflow would allow an attacker to execute arbitrary code with the privileges of the vulnerable process (usually SYSTEM). Some technical details for this vulnerability are publicly available.

  • Status: Vendor confirmed, updates available. Users can mitigate the impact of this vulnerability by blocking access to UDP port 3207 at the network perimeter, if possible.

  • References:
  • (2) CRITICAL: EMC RepliStor Multiple Vulnerabilities
  • Affected:
    • EMC RepliStor versions 6.2 and prior

  • Description: EMC RepliStor is a popular enterprise backup application. It contains multiple vulnerabilities in its handling of compressed data. A specially crafted request containing compressed data could trigger one of these vulnerabilities, leading to a heap buffer overflow. Successfully exploiting one of these overflows would allow an attacker to execute arbitrary code with the privileges of the vulnerable process (usually SYSTEM). No authentication is necessary to exploit these vulnerabilities.

  • Status: EMC confirmed, updates available. Users can mitigate the impact of these vulnerabilities by blocking TCP ports 7144 and 7145 at the network perimeter, if possible.

  • References:
  • (3) HIGH: Opera Multiple Vulnerabilities
  • Affected:
    • Opera versions 9.25 and prior

  • Description: Opera is a popular cross-platform web browser. It contains multiple vulnerabilities in its handling of certain HTML constructs. A specially crafted web page could exploit one of these vulnerabilities to execute arbitrary JavaScript code in a different security context than the page that sourced the script. Additionally, a flaw in the rendering of certain elements could lead a user into believing that a file input form is another kind of form, potentially leading to an arbitrary file upload vulnerability with user interaction. Some technical details are publicly available for these vulnerabilities.

  • Status: Opera confirmed, updates available.

  • References:
Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 8, 2008

This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 5549 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely.

  • 08.08.1 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Teamtek Universal FTP Server CWD, LIST, and PORT Commands Remote Denial of Service Vulnerabilities
  • Description: Universal FTP is an FTP server for Microsoft Windows. Universal FTP is exposed to multiple remote denial of service issues because it fails to handle exceptional conditions. These issues occur when the "CWD", "LIST", and "PORT" commands are passed unexpected data. Universal FTP Server version 1.0.44 is affected.
  • Ref: http://www.securityfocus.com/archive/1/488142
  • 08.08.2 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Sami FTP Server Multiple Commands Remote Denial of Service Vulnerabilities
  • Description: Sami FTP Server is a File Transfer Protocol server for various Microsoft Windows platforms. The application is exposed to multiple remote denial of service issues because it fails to handle exceptional conditions. Sami FTP Server versions in the 2.0 series are affected.
  • Ref: http://www.securityfocus.com/archive/1/488198
  • 08.08.3 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: freeSSHd "SSH2_MSG_NEWKEYS" Packet Remote Denial of Service
  • Description: freeSSHd is a free implementation of an SSH server for windows. freeSSHd is exposed to a remote denial of service issue due to a NULL-pointer access and can be triggered by sending the "SSH2_MSG_NEWKEYS" packet as a first command. freeSSHd versions 1.2.0 and earlier are affected.
  • Ref: http://aluigi.altervista.org/adv/freesshdnull-adv.txt
  • 08.08.4 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: DESLock+ IOCTL Request Local Code Execution and Denial of Service Vulnerabilities
  • Description: DESlock+ is a data encryption application for the Microsoft Windows platform. The application is exposed to multiple issues in the "DLMFENC.sys" and "DLMFDISK.sys" drivers. DESlock+ versions 3.2.6 and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/27862
  • 08.08.5 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Foxit WAC Remote Access Server Heap Buffer Overflow
  • Description: Foxit WAC Remote Access Server is a telnet and SSH server available for Microsoft Windows. The application is exposed to a heap-based buffer overflow issue because it fails to properly bounds check user-supplied data. Foxit WAC Remote Access Server versions 2.0 Build 3503 and earlier are affected.
  • Ref: http://aluigi.altervista.org/adv/wachof-adv.txt
  • 08.08.6 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: webcamXP Multiple Information Disclosure and Denial of Service Vulnerabilities
  • Description: webcamXP is commercial webcam software with an integrated webserver for use on Microsoft Windows platforms. The application is exposed to multiple issues that can allow an attacker to harvest potentially sensitive information or cause denial of service conditions. These issues occur because the application's webserver fails to sufficiently check the webcam number provided by the client. webcamXP versions 3.72.440 and 4.05.280 beta and earlier are affected.
  • Ref: http://aluigi.altervista.org/adv/webcamxp-adv.txt
  • 08.08.7 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Hitachi EUR Print Manager Remote Denial of Service
  • Description: Hitachi EUR Print Manager is a print server for Windows. The application is exposed to a remote denial of service issue when the application receives unexpected data. Ref: http://www.hitachi-support.com/security_e/vuls_e/HS08-001_e/index-e.html
  • 08.08.8 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Hitachi SEWB/PLATFORM SEWB3 Unspecified Denial of Service
  • Description: Hitachi SEWB/PLATFORM SEWB3 is exposed to a denial of service issue. The application may crash when it receives invalid data from a process other than a SEWB process. The issue presents itself when the application is configured as a server-client system and affects both server and client messaging services. Ref: http://www.hitachi-support.com/security_e/vuls_e/HS08-002_e/index-e.html
  • 08.08.9 - CVE: Not Available
  • Platform: Mac Os
  • Title: Apple iPhoto DPAP Remote Denial of Service
  • Description: Apple iPhoto is a tool for editing and publishing photographs. It is available as part of iLife for Apple Mac OS X. Digital Photo Access Protocol (DPAP) is used by Apple iPhoto for sharing digital photographs. The application is exposed to a denial of service issue that occurs because the application fails handle a specially-crafted "dpap://" URI. Apple iPhoto versions 4.0.3 and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/27867
  • 08.08.10 - CVE: Not Available
  • Platform: Linux
  • Title: Multiple Horde Products Security Bypass
  • Description: Horde products are exposed to a security bypass issue because the applications fail to properly validate access to address book contacts. Horde Groupware version 1.0.3, Horde Groupware Webmail Edition version 1.0.4, and Turba Contact Manager version 2.1.6 are all affected.
  • Ref: http://bugs.horde.org/ticket/?id=%236208
  • 08.08.11 - CVE: Not Available
  • Platform: Linux
  • Title: SWORD Remote Arbitrary Command Execution
  • Description: SWORD is a software framework used for research manipulation of Biblical texts. Diatheke is a script used as a front-end to SWORD's Bible software library. It allows users to create Web sites. The application is exposed to a remote shell command execution issue due to insufficient sanitization of user-supplied data. SWORD versions 1.5.10 and 1.5.9 are affected.
  • Ref: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466449
  • 08.08.12 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Mozilla Firefox IFrame Recursion Remote Denial of Service
  • Description: Mozilla Firefox is a web browser available for multiple operating platforms. The application is exposed to a remote denial of service issue due to a way the browser handles IFrames. Firefox version 2.0.0.12 is affected.
  • Ref: http://www.securityfocus.com/bid/27812
  • 08.08.13 - CVE: CVE-2008-0420
  • Platform: Cross Platform
  • Title: Multiple Web Browser BMP Partial Palette Information Disclosure and Denial of Service
  • Description: Mozilla FireFox and Opera are web browsers available for multiple platforms. FireFox and Opera web browsers are exposed to an issue that can result in information disclosure or a denial of service when handling certain BMP files with partial palettes. Mozilla FireFox version 2.0.0.11 and Opera Web Browser version 9.50 Beta are affected.
  • Ref: http://www.securityfocus.com/archive/1/488264
  • 08.08.14 - CVE: Not Available
  • Platform: Cross Platform
  • Title: wyrd Insecure Temporary File Creation
  • Description: The "wyrd" program is a freely available text-based front-end to the Remind application. Remind is a calendar and alarm program. The application is exposed to a security issue that allows attackers to create temporary files in an insecure manner. wyrd version 1.4.3-b3 is affected.
  • Ref: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466382
  • 08.08.15 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Kerio MailServer Multiple Unspecified Vulnerabilities
  • Description: Kerio MailServer is a mail server designed for use with Microsoft Windows, Apple Mac OS X, Linux, and UNIX-variant operating systems. The application is exposed to multiple issues. Kerio MailServer versions prior to 6.5.0 are affected.
  • Ref: http://www.kerio.com/kms_history.html
  • 08.08.16 - CVE: Not Available
  • Platform: Cross Platform
  • Title: IBM DB2 Universal Database 9.1 Multiple Vulnerabilities
  • Description: IBM DB2 Universal Database Server is a database server designed to run on various platforms including Linux, AIX, Solaris, and Microsoft Windows. The application is exposed to multiple issues. IBM DB2 Universal Database versions 9.1 and prior to Fixpak 4a are affected.
  • Ref: http://www-1.ibm.com/support/docview.wss?rs=71&uid=swg21255607
  • 08.08.17 - CVE: Not Available
  • Platform: Cross Platform
  • Title: SIMM-Comm SCI Photo Chat Directory Traversal
  • Description: SCI Photo Chat is a chat server implemented in Java. The application is exposed to a directory traversal issue because it fails to sufficiently sanitize user-supplied input. SCI Photo Chat versions 3.4.9 and earlier are affected.
  • Ref: http://aluigi.altervista.org/adv/scichatdt-adv.txt
  • 08.08.18 - CVE: CVE-2007-6319
  • Platform: Cross Platform
  • Title: Lyris ListManager Multiple Remote Vulnerabilities
  • Description: Lyris ListManager is a mailing list application. The application is exposed to multiple remote issues.
  • Ref: http://www.securityfocus.com/archive/1/488343
  • 08.08.19 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Now SMS/MMS Gateway Multiple Buffer Overflow Vulnerabilities
  • Description: Now SMS/MMS Gateway is an application for sending SMS and MMS messages. The application is exposed to multiple buffer overflow issues because it fails to perform adequate boundary checks on user-supplied data. Now SMS/MMS Gateway versions 2007.06.27 and earlier are affected.
  • Ref: http://www.securityfocus.com/archive/1/488365
  • 08.08.20 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Opera Web Browser 9.25 Multiple Security Vulnerabilities
  • Description: Opera Web Browser is a browser that runs on multiple operating systems. The application is exposed to multiple security issues. Opera Web Browser versions prior to Opera 9.26 are affected.
  • Ref: http://www.opera.com/support/search/view/879/
  • 08.08.21 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: Sophos Email Appliance Web Interface Multiple Cross-Site Scripting Vulnerabilities
  • Description: Sophos Email Appliance provides protection against spam, viruses and other threats affecting emails. It also provides an administration web interface available over HTTPS on TCP Port 18080. The application is exposed to multiple cross-site scripting issues because it fails to properly sanitize user-supplied input to the "error" and "go" parameters of the "Login" script. Sophos Email Appliance versions prior to 2.1.1.0 are affected.
  • Ref: http://www.sophos.com/support/knowledgebase/article/34733.html
  • 08.08.22 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: IBM Lotus Quickr Unspecified Cross-Site Scripting
  • Description: IBM Lotus Quickr is a web-based collaboration software. The application is exposed to an unspecified cross-site scripting issue because it fails to sufficiently sanitize user-supplied input. Lotus Quickr versions prior to 8.0.0.2 Hotfix 11 are affected.
  • Ref: http://www-1.ibm.com/support/docview.wss?uid=swg24016411
  • 08.08.23 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: RunCMS "admin.php" Cross-Site Scripting
  • Description: RunCMS is a PHP-based content manager. The application is exposed to cross-site scripting attacks because it fails to sufficiently sanitize user-supplied input to the "modules/system/admin.php" script. RunCMS version 1.6.1 is affected.
  • Ref: http://www.securityfocus.com/archive/1/488287
  • 08.08.24 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: ProjectPier Multiple HTML Injection and Cross-Site Scripting Vulnerabilities
  • Description: ProjectPier is a task and project management application. The application is exposed to multiple input validation issues. ProjectPier version 0.8.0 is affected.
  • Ref: http://www.securityfocus.com/archive/1/488294
  • 08.08.25 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: Crafty Syntax Live Help "lostsheep.php" Cross-Site Scripting
  • Description: Crafty Syntax Live Help (CSLH) is a web application that allows website operators to monitor visitors and open chat sessions with them. The application is exposed to cross-site scripting attacks because it fails to sufficiently sanitize user-supplied input to the "lostsheep.php" script.
  • Ref: http://www.securityfocus.com/archive/1/488286
  • 08.08.26 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: IBM Lotus QuickPlace "Main.nsf" Cross-Site Scripting
  • Description: IBM Lotus QuickPlace is web-based collaboration software. QuickPlace was replaced by Lotus Quickr on October 10, 2007 and it is no longer supported by IBM. The application is exposed to a cross-site scripting issue because it fails to sufficiently sanitize user-supplied input. QuickPlace version 7.0 is affected.
  • Ref: http://www.securityfocus.com/bid/27871
  • 08.08.27 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: Jinzora Multiple HTML Injection and Cross-Site Scripting Vulnerabilities
  • Description: Jinzora is a web-based media streaming and management system. The application is exposed to multiple input validation issues because it fails to sufficiently sanitize user-supplied input. Jinzora version 2.7.5 is affected.
  • Ref: http://www.securityfocus.com/archive/1/488326
  • 08.08.28 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! MCQuiz Component "tid" Parameter SQL Injection
  • Description: MCQuiz is a component for the Joomla! content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "tid" parameter. MCQuiz version 0.9 is affected.
  • Ref: http://www.milw0rm.com/exploits/5118
  • 08.08.29 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! PAXXGallery Component "userid" Parameter SQL Injection
  • Description: PAXXGallery is a component for the Joomla! content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "userid" parameter. PAXXGallery version 0.2 is affected.
  • Ref: http://www.securityfocus.com/bid/27811
  • 08.08.30 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_quiz" Component "tid" Parameter SQL Injection
  • Description: The Quiz component for the Joomla! and Mambo content managers is used to create and manage quizzes and tests. The component is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "tid" parameter of the "com_quiz" component before using it in an SQL query. Quiz versions 0.81 and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/27808
  • 08.08.31 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: e-Vision CMS "id" Parameter Multiple SQL Injection Vulnerabilities
  • Description: e-Vision CMS is a content management application. The application is exposed to multiple SQL injection issues because it fails to sufficiently sanitize user-supplied data to the following scripts and parameters: "print.php: id" and "iframe.php: id". e-Vision CMS version 2.02 is affected.
  • Ref: http://www.securityfocus.com/bid/27816
  • 08.08.32 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_smslist" Component "listid" Parameter SQL Injection
  • Description: The "com_smslist" component is a module for the Joomla! and Mambo content managers. The component is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "listid" parameter of the "com_smslist" component before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488230
  • 08.08.33 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_activities" Component "id" Parameter SQL Injection
  • Description: "com_activities" is a component for the Joomla! and Mambo content managers. The component is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488232
  • 08.08.34 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_sg" Component "pid" Parameter SQL Injection
  • Description: "com_sg" is a component for the Joomla! and Mambo content managers. The component is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "pid" parameter before using it in an SQL query.
  • Ref: http://www.securityfocus.com/bid/27821
  • 08.08.35 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "faq" Component "catid" Parameter SQL Injection
  • Description: The "faq" component for the Joomla! and Mambo content managers is used to manage Frequently Asked Questions sections of websites. The component is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "catid" parameter used by "faq" script code before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488234
  • 08.08.36 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Yellow Swordfish Simple Forum "topic" Parameter SQL Injection
  • Description: Simple Forum is a web-based forum application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "topic" parameter of the "forum.php" script. Simple Forum versions 1.10 and 1.11 are affected.
  • Ref: http://www.securityfocus.com/archive/1/488220
  • 08.08.37 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Yellow Swordfish Simple Forum "index.php" SQL Injection
  • Description: Simple Forum is a web-based forum application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "forum" parameter of the "index.php" script. Simple Forum versions 1.7 and 1.9 are affected.
  • Ref: http://www.securityfocus.com/archive/1/488240
  • 08.08.38 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Yellow Swordfish Simple Forum "topic" Parameter SQL Injection
  • Description: Simple Forum is a web-based forum application implemented in PHP, for the WordPress web-log framework. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "topic" parameter when used in conjunction with the "page_id" action.
  • Ref: http://www.securityfocus.com/archive/1/488233
  • 08.08.39 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_salesrep" Component "rid" Parameter SQL Injection
  • Description: The "com_salesrep" module is a component for the Joomla! and Mambo content managers. The component is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "rid" parameter before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488267
  • 08.08.40 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_lexikon" Component "id" Parameter SQL Injection
  • Description: The "com_lexikon" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "com_lexikon" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488266
  • 08.08.41 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_filebase" Component "filecatid" Parameter SQL Injection
  • Description: The "com_filebase" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "filecatid" parameter of the "com_filebase" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488268
  • 08.08.42 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_scheduling" Component "id" Parameter SQL Injection
  • Description: The "com_scheduling" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "com_scheduling" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488269
  • 08.08.43 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: WP Photo Album "photo" Parameter SQL Injection
  • Description: WP Photo Album is a web-based image publishing application. The application is a plug-in for WordPress. The plugin is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "photo" parameter before using it in an SQL query. WP Photo Album version 1.1 is affected.
  • Ref: http://www.securityfocus.com/archive/1/488290
  • 08.08.44 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_galeria" Component "id" Parameter SQL Injection
  • Description: The "com_galeria" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "com_galeria" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488285
  • 08.08.45 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_jooget" Component "id" Parameter SQL Injection
  • Description: The "com_jooget" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "com_jooget" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488289
  • 08.08.46 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: AuraCMS Multiple SQL Injection Vulnerabilities
  • Description: AuraCMS is a PHP-based content manager. The application is exposed to multiple SQL injection issues because it fails to sufficiently sanitize user-supplied data. AuraCMS version 1.62 is affected.
  • Ref: http://www.securityfocus.com/bid/27841
  • 08.08.47 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "Quran" Component SQL Injection
  • Description: "Quran" is a component for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to properly sanitize user-supplied input to the "surano" parameter of the "com_quran" module. "Quran" versions 1.1 and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/27842
  • 08.08.48 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Simple CMS "indexen.php" SQL Injection
  • Description: Simple CMS is a content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "area" parameter of the "indexen.php" script before using it in an SQL query. Simple CMS versions 1.0.3 and earlier are affected.
  • Ref: http://www.securityfocus.com/archive/1/488288
  • 08.08.49 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo Portfolio Manager Component "categoryId" Parameter SQL Injection
  • Description: Portfolio Manager is a component for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to properly sanitize user-supplied input to the "categoryId" parameter of the "com_portfolio" component. Portfolio Manager version 1.0 is affected.
  • Ref: http://www.securityfocus.com/bid/27849
  • 08.08.50 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: astatsPRO "com_astatspro" Component "id" Parameter SQL Injection
  • Description: The "com_astatspro" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "refer.php" script of the "com_astatspro" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/bid/27850
  • 08.08.51 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_profile" Component "oid" Parameter SQL Injection
  • Description: The "com_profile" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "oid" parameter of the "com_profile" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488277
  • 08.08.52 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_detail" Component "id" Parameter SQL Injection
  • Description: The "com_detail" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "com_detail" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488278
  • 08.08.53 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Yellow Swordfish Simple Forum "sf-profile.php" SQL Injection
  • Description: Simple Forum is a web-based forum application for the WordPress web-log framework. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "u" parameter of the "sf-profile.php" script.
  • Ref: http://www.securityfocus.com/archive/1/488279
  • 08.08.54 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: WordPress Recipes Blog Plugin "id" Parameter SQL Injection
  • Description: Recipes Blog is a recipe and cooking plugin for the WordPress web-based publishing application. The plugin is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "wordspew-rss.php" script of the "wp-content/recipe" plugin before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488281
  • 08.08.55 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: WordPress "wp-people" Plugin "wp-people-popup.php" SQL Injection
  • Description: WordPress is a web-based publishing application. "wp-people" is a plugin for WordPress. The plugin is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "person" parameter of the "wp-people-popup.php" script before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488282
  • 08.08.56 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_downloads" Component "cat" Parameter SQL Injection
  • Description: The "com_downloads" component is a module for downloading files for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "cat" parameter in conjunction with the "selectcat" action of the "com_downloads" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488291
  • 08.08.57 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: XOOPS myTopics Module "print.php" SQL Injection
  • Description: myTopics is a module for the XOOPS content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "articleid" parameter of the "print.php" script before using it in an SQL query.
  • Ref: http://www.securityfocus.com/bid/27861
  • 08.08.58 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: PHP-Nuke Books Module "cid" Parameter SQL Injection
  • Description: Books is a module for the PHP-Nuke content manager. The application is exposed to an SQL injection issue because it fails to properly sanitize user-supplied input to the "cid" parameter of the Books module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/bid/27863
  • 08.08.59 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_pccookbook" Component "user_id" Parameter SQL Injection
  • Description: The "com_pccookbook" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "user_id" parameter of the "com_pccookbook" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/bid/27864
  • 08.08.60 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: sCssBoard "index.php" Multiple SQL Injection Vulnerabilities
  • Description: sCssBoard is a PHP-based web forum. The application is exposed to multiple SQL injection issues because it fails to sufficiently sanitize user-supplied data.
  • Ref: http://www.securityfocus.com/bid/27866
  • 08.08.61 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: PHP-Nuke Sections Module "artid" Parameter SQL Injection
  • Description: Sections is a module for the PHP-Nuke content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "artid" parameter of the "Sections" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/bid/27879
  • 08.08.62 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Facile Forms "catid" Parameter SQL Injection
  • Description: Facile Forms is a component module available for the Joomla! and Mambo content management systems. The component is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "catid" parameter of the "com_facileforms" component before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488335
  • 08.08.63 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_team" Component SQL Injection
  • Description: The "com_team" component is a component module available for the Joomla! and Mambo content management systems. The component is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488319
  • 08.08.64 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_iigcatalog" Component "cat" Parameter SQL Injection
  • Description: The "com_iigcatalog" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "cat" parameter of the "com_iigcatalog" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488320
  • 08.08.65 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_formtool" Component "catid" Parameter SQL Injection
  • Description: The "com_formtool" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "catid" parameter of the "com_formtool" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488323
  • 08.08.66 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Woltlab Burning Board "password" SQL Injection
  • Description: Woltlab Burning Board is a free, web-based, bulletin-board package based on PHP and MySQL. The application is exposed to an SQL injection issue because it fails to properly sanitize user-supplied input to the "index.php" script.
  • Ref: http://www.securityfocus.com/archive/1/488345
  • 08.08.67 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Joomla! and Mambo "com_genealogy" Component "id" Parameter SQL Injection
  • Description: The "com_genealogy" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "com_genealogy" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488342
  • 08.08.68 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: iJoomla "com_magazine" Component "pageid" Parameter SQL Injection
  • Description: The "com_magazine" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "pageid" parameter of the "com_magazine" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488351
  • 08.08.69 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: XOOPS "vacatures" Module "cid" Parameter SQL Injection
  • Description: The "vacatures" module is a component for the XOOPS CMS. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "cid" parameter of the "vacatures" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488344
  • 08.08.70 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: XOOPS "events" Module "id" Parameter SQL Injection
  • Description: XOOPS is a PHP-based content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "events" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488350
  • 08.08.71 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: XOOPS "seminars" Module "id" Parameter SQL Injection
  • Description: XOOPS is a PHP-based content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "events" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488352
  • 08.08.72 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: XOOPS "badliege" Module "id" Parameter SQL Injection
  • Description: XOOPS is a PHP-based content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "badliege" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488349
  • 08.08.73 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: PHP-Nuke "Web_Links" Module "cid" Parameter SQL Injection
  • Description: "Web_Links" is a module for the PHP-Nuke content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "cid" parameter of the "Web_Links" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488356
  • 08.08.74 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: XOOPS "classifieds" Module "cid" Parameter SQL Injection
  • Description: The "classifieds" module is a component for the XOOPS CMS. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "cid" parameter of the "classifieds" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488357
  • 08.08.75 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: PHP-Nuke EasyContent Module "page_id" Parameter SQL Injection
  • Description: EasyContent is a module for the PHP-Nuke content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "page_id" parameter before using it in an SQL query.
  • Ref: http://www.milw0rm.com/exploits/5155
  • 08.08.76 - CVE: Not Available
  • Platform: Web Application
  • Title: Dokeos Multiple SQL Injection, HTML Injection, Cross-Site Scripting, and File Upload Vulnerabilities
  • Description: Dokeos is a PHP-based application for online learning. The application is exposed to multiple input validation issues because the application fails to adequately sanitize user-supplied input. Dokeos versions prior to 1.8.4 SP2 are affected.
  • Ref: http://projects.dokeos.com/index.php?do=details&task_id=2218
  • 08.08.77 - CVE: Not Available
  • Platform: Web Application
  • Title: 2eNetWorX StatCounteX Administration Pages Authentication Bypass
  • Description: StatCounteX is a website statistics application. The application is exposed to an issue that results in unauthorized administrative access. The application fails to authenticate users when the "/admin.asp" page is accessed, allowing an attacker to edit the application's configuration. StatCounteX versions 3.0 and 3.1 are affected.
  • Ref: http://www.securityfocus.com/archive/1/488200
  • 08.08.78 - CVE: Not Available
  • Platform: Web Application
  • Title: BanPro DMS "index.php" Local File Include
  • Description: BanPro DMS is a document management system. The application is exposed to a local file include issue because it fails to properly sanitize user-supplied input to the "action" parameter of the "index.php" script. BanPro DMS version 1.0 is affected.
  • Ref: http://www.securityfocus.com/archive/1/488271
  • 08.08.79 - CVE: Not Available
  • Platform: Web Application
  • Title: Joomla! and Mambo "com_ricette" Component "id" Parameter SQL Injection
  • Description: The "com_ricette" component is a module for the Joomla! and Mambo content managers. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "com_ricette" module before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/488292
  • 08.08.80 - CVE: Not Available
  • Platform: Web Application
  • Title: LightBlog "view_member.php" Local File Include
  • Description: LightBlog is a web-log application. The application is exposed to a local file include issue because it fails to properly sanitize user-supplied input to the "username" parameter of the "view_member.php" script. LightBlog version 9.6 is affected.
  • Ref: http://www.securityfocus.com/archive/1/488283
  • 08.08.81 - CVE: Not Available
  • Platform: Web Application
  • Title: XPWeb "Download.php" File Disclosure
  • Description: XPWeb is a web-based application for managing eXtreme Programming projects. The application is exposed to an issue that lets attackers obtain potentially sensitive information because it fails to properly sanitize user-supplied input to the "url" parameter of the "Download.php" script. XPWeb version 3.3.2 is affected.
  • Ref: http://www.securityfocus.com/bid/27838
  • 08.08.82 - CVE: Not Available
  • Platform: Web Application
  • Title: TRUC Tracking Requirements & Use Cases "download.php" File Disclosure
  • Description: TRUC is a web-based application for tracking requirements and use cases. The application is exposed to an issue that lets attackers obtain potentially sensitive information because it fails to properly sanitize user-supplied input to the "upload_filename" parameter of the "download.php" script. TRUC version 0.11.0 is affected.
  • Ref: http://www.securityfocus.com/bid/27839
  • 08.08.83 - CVE: Not Available
  • Platform: Web Application
  • Title: Claroline Multiple Remote Vulnerabilities
  • Description: Claroline is an e-learning content manager. The aplication is exposed to multiple remote issues. Claroline versions 1.8.8 and earlier are affected.
  • Ref: http://sourceforge.net/project/shownotes.php?release_id=575934
  • 08.08.84 - CVE: Not Available
  • Platform: Web Application
  • Title: PHPizabi "image.php" Arbitrary File Upload
  • Description: PHPizabi is a social-networking platform. The application is exposed to an issue that lets an attacker upload and execute arbitrary script code in the context of the affected web server process. The issue occurs because the application fails to sufficiently sanitize user-supplied input. PHPizabi version 0.848b is affected.
  • Ref: http://www.securityfocus.com/bid/27847
  • 08.08.85 - CVE: Not Available
  • Platform: Web Application
  • Title: ATutor User Profile Multiple HTML Injection Vulnerabilities
  • Description: ATutor is an online teaching application. The application is exposed to multiple HTML injection issues because it fails to sufficiently sanitize user-supplied input. The issues exist in the user profile page of the "mail" and "forum" components. ATutor versions 1.5.5 and earlier are affected.
  • Ref: http://www.securityfocus.com/archive/1/488293
  • 08.08.86 - CVE: Not Available
  • Platform: Web Application
  • Title: Thecus N5200Pro NAS Server Control Panel "usrgetform.html" Remote File Include
  • Description: Thecus N5200Pro NAS Server Control Panel is a web-based administration interface for the NS200Pro NAS Server. The application is exposed to a remote file include issue because it fails to properly sanitize user-supplied input to the "name" parameter of the "usrgetform.html" script.
  • Ref: http://www.securityfocus.com/bid/27865
  • 08.08.87 - CVE: Not Available
  • Platform: Web Application
  • Title: WebGUI Username HTML Injection
  • Description: WebGUI is a content manager and framework for web applications. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input. WebGUI versions prior to 7.4.24 are affected. Ref: http://www.plainblack.com/getwebgui/advisories/webgui-7_4_24-stable-released
  • 08.08.88 - CVE: Not Available
  • Platform: Web Application
  • Title: Google Hack Honeypot File Upload Manager "delall" Unauthorized File Access
  • Description: Google Hack Honeypot (GHH) project is a web-based honeypot application designed to lure search engine attacks. File Upload Manager is a component of GHH. File Upload Manager is exposed to an unauthorized file access issue because the application fails to validate users prior to processing HTTP GET requests that pass the "delall" argument to the "act" parameter. File Upload Manager version 1.3 is affected.
  • Ref: http://www.securityfocus.com/bid/27877
  • 08.08.89 - CVE: Not Available
  • Platform: Web Application
  • Title: SmarterTools SmarterMail Subject Field HTML Injection
  • Description: SmarterTools SmarterMail is a web-based email server. It is written in ASP and runs on Microsoft Windows. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input to the "Subject" field of incoming email messages. SmarterMail Enterprise version 4.3 is affected.
  • Ref: http://www.securityfocus.com/archive/1/488313
  • 08.08.90 - CVE: Not Available
  • Platform: Web Application
  • Title: Spyce Sample Scripts Multiple Input Validation Vulnerabilities
  • Description: Spyce is a server-side scripting language for Python-based dynamic HTML generation. The application is exposed to multiple input validation issues. Spyce version 2.1.3 is affected.
  • Ref: http://www.procheckup.com/Vulnerability_PR08-01.php

(c) 2008. All rights reserved. The information contained in this newsletter, including any external links, is provided "AS IS," with no express or implied warranty, for informational purposes only. In some cases, copyright for material in this newsletter may be held by a party other than Qualys (as indicated herein) and permission to use such material must be requested from the copyright owner.

Subscriptions: @RISK is distributed free of charge by the SANS Institute to people responsible for managing and securing information systems and networks. You may forward this newsletter to others with such responsibility inside or outside your organization.

It offers a strategic & practical approach to auditing which is not only informative, but inspiring... truly enabling.
-Steve Yuhas, TESSCO Technologies

Get an iPad or Nexus 10 with Online Training

Latest Whitepapers

Building and Maintaining a "Certifiable" Workforce
By Robert J. Mavretich

How Can You Build and Leverage SNORT IDS Metrics to Reduce Risk?
By Tim Proffitt

Daisy Chain Authentication
By Courtney Imbert

Latest Tweets

NEW #SANS Survey: Security Analytics & Intelligence 2nd [...]
October 1, 2013 - 6:30 PM

Tips on how to convince your boss to let you train online wi [...]
October 1, 2013 - 6:23 PM

#2 Tip on how 2 convince your boss 2 let u train online: Fle [...]
October 1, 2013 - 3:00 PM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"The amount of knowledge conveyed and technical diving by practical hands-on was well balanced."
- Aaron Moore, Maricopa County

"The perfect balance of theory and hands-on experience."
- James D. Perry II, University of Tennessee

"SANS always provides you what you need to become a better security professional at the right price."
- Rasik Vekaria, BP