@RISK: The Consensus Security Vulnerability Alert

Part I -- Critical Vulnerabilities from TippingPoint (www.tippingpoint.com)

Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys

• (1) HIGH: Microsoft Internet Explorer Multiple Vulnerabilities
• (2) HIGH: Adobe Flash Media Server Multiple Remote Security Vulnerabilities
• (3) HIGH: Adobe Flash Player Multiple Remote Vulnerabilities
• (4) HIGH: Microsoft Windows Multiple Media Decoding Vulnerabilities
• (5) HIGH: Microsoft Silverlight and XML Services Vulnerabilities
• (6) MEDIUM: Microsoft Office Multiple Vulnerabilities

Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys (www.qualys.com)

Windows

• 10.33.1 - Microsoft Windows Kernel Double Free Local Privilege Escalation
• 10.33.2 - Microsoft Windows Bounds Checking Local Denial of Service
• 10.33.3 - Microsoft Windows TCP/IP Local Privilege Escalation
• 10.33.4 - Microsoft Windows Cinepak Codec Media Decompression Remote Code Execution
• - Microsoft Windows Tracing Memory Corruption Privilege Escalation
• 10.33.6 - Microsoft Windows SMB Variable Validation Denial of Service Issue
• 10.33.7 - Microsoft Silverlight & .NET Framework CLR Virtual Method Delegate Code Execution
• 10.33.8 - Microsoft XML Core Service Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Issue

Microsoft Office

• 10.33.9 - Microsoft Word Record RTF Parsing Engine Remote Memory Corruption

Other Microsoft Products

• 10.33.10 - Microsoft Windows Movie Maker Remote Buffer Overflow Issue
• 10.33.11 - Microsoft Internet Explorer Race Condition Remote Code Execution
• 10.33.12 - Microsoft MPEG Layer-3 Audio Decoder Buffer Overflow

Third Party Windows Apps

• 10.33.13 - xp-AntiSpy "XPAS" File Remote Buffer Overflow
• 10.33.14 - TEKUVA Password Reminder "rem.accdb" Hardcoded Password Information Disclosure
• 10.33.15 - SigPlus Pro ActiveX "LCDWriteString()" Remote Buffer Overflow
• 10.33.16 - Artificial Spirit Jaangle ".m3u" File Buffer Overflow
• 10.33.17 - Alleycode ".html" File Buffer Overflow Issue
• 10.33.18 - Frigate3 Directory Traversal Issue
• 10.33.19 - SmartFTP Directory Traversal Issue

Linux

• 10.33.20 - Red Hat lvm2-cluster "clvmd" Local Privilege Escalation
• 10.33.21 - Linux Kernel GFS2 Directory Rename NULL Pointer Dereference Local Denial of Service
• 10.33.22 - Linux Kernel PA-RISC "led.c" Stack Buffer Overflow Issue
• 10.33.23 - Red Hat Directory Server Cached Files Password Information Disclosure
• 10.33.24 - Linux Kernel XDR Implementation Local Buffer Overflow Issue
• 10.33.25 - Ubuntu Dell Latitude 2110 Package Installation Security Bypass Issue

Novell

• 10.33.26 - Novell ZENworks Remote Management Password Security Bypass
• 10.33.27 - Novell iPrint Client Multiple Security Vulnerabilities
• 10.33.28 - Novell Sentinel Log Manager Unauthorized File Deletion Security Bypass

Cross Platform

• 10.33.29 - httpdx "h_handlepeer()" Remote Buffer Overflow Issue
• 10.33.30 - OpenOffice Impress File Multiple Buffer Overflow Vulnerabilities
• 10.33.31 - JBoss Enterprise SOA Platform Multiple Security Bypass Vulnerabilities
• 10.33.32 - Multiple Fujitsu Internet Navigware Products Unspecified Information Disclosure Issue
• 10.33.33 - OpenConnect SSL Hostname Verification Security Bypass
• 10.33.34 - Hitachi Cosminexus Multiple Security Issue
• 10.33.35 - ChordPulse ".cps" File Remote Buffer Overflow
• 10.33.36 - Apache SLMS Insufficient Quoting Cross-Site Request Forgery
• 10.33.37 - Un4Seen Developments XMPlay ".m3u" File Buffer Overflow Issue
• 10.33.38 - FTP Commander Directory Traversal Issue
• 10.33.39 - LXDE LXSession Logout Information Disclosure and Remote Code Execution Issue
• 10.33.40 - VxWorks Debugging Service Security Bypass
• 10.33.41 - Adobe Acrobat and Reader Font Parsing Remote Code Execution
• 10.33.42 - FreeType Compact Font Format (CFF) Multiple Stack Based Buffer Overflow Issue
• 10.33.43 - ccTiddly "cct_base" Parameter Multiple Remote File Include Vulnerabilities
• 10.33.44 - FreeType Stack Buffer Overflow and Memory Corruption Vulnerabilities
• 10.33.45 - RSA enVision Unspecified Input Validation Issue
• 10.33.46 - uzbl "uzbl-core" "@SELECTED_URI" Mouse Button Bindings Command Injection Issue
• 10.33.47 - OpenSSL "ssl3_get_key_exchange()" Use-After-Free Memory Corruption
• 10.33.48 - ZNC Multiple Denial of Service Vulnerabilities
• 10.33.49 - Lynx browser "convert_to_idna()" Function Remote Heap Based Buffer Overflow Issue
• 10.33.50 - Adobe ColdFusion Unspecified Directory Traversal Issue
• 10.33.51 - Adobe Flash Media Server Multiple Remote Security Vulnerabilities

Web Application - Cross Site Scripting

• 10.33.52 - Cisco Wireless Control System Cross-Site Scripting
• 10.33.53 - python-cjson "cjson.encode" Cross-Site Scripting
• 10.33.54 - Activedition "activedition/aelogin.asp" Multiple Cross-Site Scripting Vulnerabilities
• 10.33.55 - Nokia QtDemoBrowser "webview.cpp" Cross-Site Scripting
• 10.33.56 - Drupal Devel Module Cross-Site-Scripting Issue

Web Application - SQL Injection

• 10.33.57 - EMO Breeder Manager "video.php" SQL Injection
• 10.33.58 - NextGEN Smooth Gallery Plugin for WordPress "galleryID" Parameter SQL Injection Issue
• 10.33.59 - BPowerHouse BPHolidayLettings "search.aspx" Multiple SQL Injection Issues
• 10.33.60 - APBoard "board.php" SQL Injection Issue

Web Application

• 10.33.61 - jCore Unspecified User Permissions Security Bypass Issue
• 10.33.62 - Drupal Dashboard Tags and Title HTML Injection
• 10.33.63 - Drupal Sage Pay Direct Payment Gateway for Ubercart Information Disclosure
• 10.33.64 - Drupal Kaltura Hidden iFrame Information Disclosure Issue
• 10.33.65 - NukeHall "spaw_root" Parameter Multiple Remote File Include Issues
• 10.33.66 - KR - PHP Web Content Server "krgourl.php" Remote File Include
• 10.33.67 - PBBoard "title" Field HTML Injection
• 10.33.68 - PHP168 Template Editor
• 10.33.69 - Wonderware Archestra ConfigurationAccessComponent Stack Buffer Overflow Issue
• 10.33.70 - PHPFinance "group.php" SQL Injection and HTML Injection Vulnerabilities
• 10.33.71 - Mantis "manage_proj_cat_add.php" HTML Injection Issue
• 10.33.72 - DiamondList Cross-Site Scripting and HTML Injection Vulnerabilities
• 10.33.73 - Bugzilla Multiple Vulnerabilities
• 10.33.74 - IBM WebSphere Service Registry and Repository Multiple Cross-Site Scripting Vulnerabilities
• 10.33.75 - WX-Guestbook SQL Injection and HTML Injection Vulnerabilities
• 10.33.76 - DDL CMS "wwwRoot" Parameter Multiple Remote File Include Vulnerabilities
• 10.33.77 - KDPics "index.php3" Remote File Include Issue
• 10.33.78 - Prodler "prodler.class.php" Remote File Include Issue
• 10.33.79 - Preation Eden Platform Multiple HTML Injection Issues

Network Device

• 10.33.80 - Intellinet IP Camera MNC-L10 Cookie Authentication Bypass Issue
• 10.33.81 - EMC Celerra Unified Storage Platform NAS Security Bypass
• 10.33.82 - Multiple Cisco Products SunRPC Inspection Variant B Remote Denial of Service Issue
• 10.33.83 - Cisco Firewall Services Module Multi-Mode TCP Processing Remote Denial of Service Issue
• 10.33.84 - HP ProCurve 1800 Switches SNMP Unspecified Information Disclosure
• 10.33.85 - HP ProCurve 2610 Multiple Denial of Service Issues
• 10.33.86 - HP ProCurve 2626/2650 Unspecified Security Bypass

PART I Critical Vulnerabilities

Part I for this issue has been compiled by Josh Bronson at TippingPoint, a division of HP, as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/cva/#process

Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 33, 2010

Part II -- Comprehensive List of Newly Discovered Vulnerabilitis from Qualys (www.qualys.com <http://www.qualys.com> <http://www.qualys.com> This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 9832 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely. ______________________________________________________________________

• 10.33.1 - CVE: CVE-2010-1889
• Platform: Windows
• Title: Microsoft Windows Kernel Double Free Local Privilege Escalation
• Description: Microsoft Windows is exposed to a local privilege escalation issue that occurs in the Windows kernel. Specifically, the issue arises because the kernel does not properly initialize objects when handling certain errors.
• Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-047.mspx

• 10.33.2 - CVE: CVE-2010-1895, CVE-2010-1887, CVE-2010-1896
• Platform: Windows
• Title: Microsoft Windows Bounds Checking Local Denial of Service
• Description: The "Win32k.sys" kernel mode device driver is part of the Windows subsystem, which includes the window manager and the Graphics Device Interface (GDI); it also serves as a wrapper for DirectX support. Microsoft Windows is exposed to a local denial of service issue that occurs in the "win32k.sys" kernel mode device driver.
• Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-048.mspx

• 10.33.3 - CVE: CVE-2010-1893
• Platform: Windows
• Title: Microsoft Windows TCP/IP Local Privilege Escalation
• Description: TCP/IP is the set of network protocols used for the Internet. Microsoft Windows is exposed to a local privilege escalation issue that occurs in the TCP/IP implementation. The problem occurs due to an integer overflow error when processing certain input.
• Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-058.mspx

• 10.33.4 - CVE: CVE-2010-2553
• Platform: Windows
• Title: Microsoft Windows Cinepak Codec Media Decompression Remote Code Execution
• Description: Microsoft Windows is exposed to a remote code execution issue when handling compressed media files. This issue exists in the Cinepak codec.
• Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-055.mspx

• - CVE: CVE-2010-2555, CVE-2010-2554
• Platform: Windows
• Title: Microsoft Windows Tracing Memory Corruption Privilege Escalation
• Description: Microsoft Windows is exposed to a local privilege escalation issue that affects the tracing feature for services. The problem occurs due to a memory corruption error caused by incorrect calculations of the length of certain strings read from the registry.
• Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-059.mspx

• 10.33.6 - CVE: CVE-2010-2550, CVE-2010-2551, CVE-2010-2552
• Platform: Windows
• Title: Microsoft Windows SMB Variable Validation Denial of Service Issue
• Description: Server Message Block (SMB) is an application layer network protocol. Microsoft Windows is exposed to a denial of service issue because the SMB implementation fails to properly handle malformed SMB packets.
• Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-054.mspx

• 10.33.7 - CVE: CVE-2010-1898
• Platform: Windows
• Title: Microsoft Silverlight &amp; .NET Framework CLR Virtual Method Delegate Code Execution
• Description: The Microsoft .NET Framework is a software framework for applications designed to run under Microsoft Windows. Microsoft Silverlight is a web application framework that provides support for .NET applications. Both support a security model that limits the privileges granted to .NET applications. Microsoft Silverlight and Microsoft .NET Framework are exposed to a remote code execution issue. This issue occurs when Microsoft .NET Common Language Runtime (CLR) handles delegates to virtual methods.
• Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-060.mspx

• 10.33.8 - CVE: CVE-2010-2561
• Platform: Windows
• Title: Microsoft XML Core Service Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Issue
• Description: Microsoft XML Core Services (MSXML) is a software component that allows multiple programming languages to support XML-based communication. Microsoft XML Core Service is exposed to a remote memory corruption issue. The issue occurs because the application fails to handle specially crafted HTTP responses.
• Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-051.mspx

• 10.33.9 - CVE: CVE-2010-1901, CVE-2010-1900, CVE-2010-1903,CVE-2010-1902
• Platform: Microsoft Office
• Title: Microsoft Word Record RTF Parsing Engine Remote Memory Corruption
• Description: Microsoft Word is a word processor available for multiple platforms. Microsoft Word is exposed to multiple issues. A remote memory corruption issue occurs because it fails to sufficiently validate rich text format data (RTF). A remote code execution issue occurs when handling a Word file containing malformed records.
• Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-056.mspx

• 10.33.10 - CVE: CVE-2010-2564
• Platform: Other Microsoft Products
• Title: Microsoft Windows Movie Maker Remote Buffer Overflow Issue
• Description: Microsoft Windows Movie Maker is a video editing application available for Microsoft Windows. Microsoft Windows Movie Maker is exposed to a remote buffer overflow issue. Specifically, this issue occurs due to boundary errors when processing strings in specially crafted project (.MSWMM) files.
• Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-050.mspx

• 10.33.11 - CVE: CVE-2010-2560, CVE-2010-2558, CVE-2010-2556,CVE-2010-2559
• Platform: Other Microsoft Products
• Title: Microsoft Internet Explorer Race Condition Remote Code Execution
• Description: Microsoft Internet Explorer is a browser for the Windows operating system. The application is exposed to a remote code execution issue that occurs when the application attempts to access an object that has become corrupted in a race condition.
• Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-053.mspx

• 10.33.12 - CVE: CVE-2010-1882
• Platform: Other Microsoft Products
• Title: Microsoft MPEG Layer-3 Audio Decoder Buffer Overflow
• Description: Microsoft MPEG Layer-3 is exposed to a remote buffer overflow issue because the application fails to perform adequate boundary checks on user-supplied data. This issue affects the MPEG Layer-3 audio codecs included in Microsoft DirectShow.
• Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-052.mspx

• 10.33.13 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: xp-AntiSpy "XPAS" File Remote Buffer Overflow
• Description: xp-AntiSpy is an utility used to disable some built-in update and authentication features in Windows XP. xp-AntiSpy is exposed to a remote buffer overflow issue because it fails to perform adequate boundary checks on user-supplied data. xp-AntiSpy version 3.9.7-4 is affected.
• Ref: http://www.securityfocus.com/bid/42085

• 10.33.14 - CVE: CVE-2009-4781
• Platform: Third Party Windows Apps
• Title: TEKUVA Password Reminder "rem.accdb" Hardcoded Password Information Disclosure
• Description: TEKUVA Password Reminder is a password storage application for windows. The application is exposed to an information disclosure issue. Specifically, the application uses a hard coded password to access the credentials stored in "rem.accdb". TEKUVA Password Reminder versions prior to 1.0.0.4 are affected.
• Ref: http://www.securityfocus.com/bid/42089/references

• 10.33.15 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: SigPlus Pro ActiveX "LCDWriteString()" Remote Buffer Overflow
• Description: SigPlus Pro ActiveX is an application to create or view electronically signed documents. SigPlus Pro ActiveX is exposed to a buffer overflow issue because it fails to sufficiently bounds check user-supplied input before copying it to an insufficiently sized memory buffer. SigPlus Pro ActiveX version 3.74 is affected.
• Ref: http://www.securityfocus.com/bid/42109

• 10.33.16 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Artificial Spirit Jaangle ".m3u" File Buffer Overflow
• Description: Artificial Spirit Jaangle (formerly Teen Spirit) is a multimedia player available for Microsoft Windows. The application is exposed to a buffer overflow issue because it fails to perform adequate checks on user-supplied input. Artificial Spirit Jaangle version 0.98e.971 is affected.
• Ref: http://www.securityfocus.com/bid/42126

• 10.33.17 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Alleycode ".html" File Buffer Overflow Issue
• Description: Alleycode is an HTML editor available for Microsoft Windows. The application is exposed to a buffer overflow issue because it fails to perform adequate checks on user supplied input. Specifically, this issue occurs when opening a specially crafted ".html" file. Alleycode version 2.21 is affected.
• Ref: http://www.securityfocus.com/bid/42172

• 10.33.18 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Frigate3 Directory Traversal Issue
• Description: Frigate3 is an FTP client program for Microsoft Windows. The application is exposed to a directory traversal issue because it fails to sufficiently sanitize directory traversal strings from user supplied input. Frigate3 version 3.36 is affected.
• Ref: http://www.securityfocus.com/archive/1/512903

• 10.33.19 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: SmartFTP Directory Traversal Issue
• Description: SmartFTP is an FTP client program for Microsoft Windows. The application is exposed to a directory traversal issue because it fails to sufficiently sanitize directory traversal strings from user supplied input. Specifically, this issue can be exploited by enticing an unsuspecting user into downloading a directory that contains specially crafted files from a malicious FTP server. SmartFTP version 4.0.1124.0 is affected.
• Ref: http://www.securityfocus.com/bid/42287

• 10.33.20 - CVE: CVE-2010-2526
• Platform: Linux
• Title: Red Hat lvm2-cluster "clvmd" Local Privilege Escalation
• Description: Red Hat Enterprise Linux is an operating system. The lvm2-cluster package provides support for Logical Volume Management (LVM) in a clustered environment. "clvmd" is exposed to a local privilege escalation issue because it uses an abstract socket to communicate with other processes without first exchanging credentials.
• Ref: https://bugzilla.redhat.com/show_bug.cgi?id=614248

• 10.33.21 - CVE: Not Available
• Platform: Linux
• Title: Linux Kernel GFS2 Directory Rename NULL Pointer Dereference Local Denial of Service
• Description: The Linux kernel is exposed to a local denial of service issue in the GFS2 component. Specifically, renaming a directory can trigger a NULL pointer dereference error. Sentinel directory entries are incorrectly reused, resulting in an incorrect calculation of memory allocation. Linux kernel version 2.6.19-rc1 is affected.
• Ref: https://bugzilla.redhat.com/show_bug.cgi?id=620300

• 10.33.22 - CVE: Not Available
• Platform: Linux
• Title: Linux Kernel PA-RISC "led.c" Stack Buffer Overflow Issue
• Description: The Linux Kernel is prone to a stack-based buffer overflow issue because it fails to perform adequate boundary checks on user supplied data. Specifically, the "led_proc_write()" function in the "drivers/parisc/led.c" source file fails to properly validate a count parameter.
• Ref: http://www.securityfocus.com/bid/42161

• 10.33.23 - CVE: CVE-2010-2241
• Platform: Linux
• Title: Red Hat Directory Server Cached Files Password Information Disclosure
• Description: Red Hat Directory Server is an LDAPv3-compliant authentication solution. Red Hat Directory Server is exposed to a local information disclosure issue due to a design error. Specifically, the setup script creates a cache file containing the "Directory" and "Administration Server" passwords.
• Ref: http://www.securityfocus.com/bid/42165

• 10.33.24 - CVE: CVE-2010-2521, CVE-2010-2492, CVE-2010-2248
• Platform: Linux
• Title: Linux Kernel XDR Implementation Local Buffer Overflow Issue
• Description: The Linux kernel is exposed to a local buffer overflow issue because it fails to perform adequate boundary checks on user-supplied data. This issue affects the implementation of the server side External Data Representation (XDR) for the Network File System (NFS).
• Ref: http://www.securityfocus.com/bid/42249/references

• 10.33.25 - CVE: CVE-2010-0834
• Platform: Linux
• Title: Ubuntu Dell Latitude 2110 Package Installation Security Bypass Issue
• Description: Ubuntu is a Linux based operating system. Dell Latitude 2110 is a netbook computer. Ubuntu installed on Dell Latitude 2110 netbooks is exposed to a security bypass issue. This issue occurs because the operating system improperly allows for unauthenticated package installations.
• Ref: http://www.securityfocus.com/bid/42280

• 10.33.26 - CVE: Not Available
• Platform: Novell
• Title: Novell ZENworks Remote Management Password Security Bypass
• Description: Novell ZENworks is an IT management and software licensing application. Novell ZENworks is exposed to a security bypass issue that occurs if multiple managed devices are configured with the same Remote Management password.
• Ref: http://www.zerodayinitiative.com/advisories/ZDI-10-145/

• 10.33.27 - CVE: Not Available
• Platform: Novell
• Title: Novell iPrint Client Multiple Security Vulnerabilities
• Description: Novell iPrint Client is a client application for printing over the Internet. The application is exposed to multiple security issues. Attackers may exploit these issues to execute arbitrary code, or to delete arbitrary files. Novell iPrint Client version 5.40 is affected.
• Ref: http://dvlabs.tippingpoint.com/advisory/TPTI-10-05

• 10.33.28 - CVE: Not Available
• Platform: Novell
• Title: Novell Sentinel Log Manager Unauthorized File Deletion Security Bypass
• Description: Novell Sentinel Log Manager is a log management application. The application is exposed to a security bypass issue because it fails to perform adequate access checks when granting permission to delete a file of a user, who owns install. Novell Sentinel Log Manager versions prior to 1.1.0.2 are affected.
• Ref: http://www.securityfocus.com/archive/1/512966

• 10.33.29 - CVE: Not Available
• Platform: Cross Platform
• Title: httpdx "h_handlepeer()" Remote Buffer Overflow Issue
• Description: httpdx is an HTTP and FTP server available for Microsoft Windows. httpdx is exposed to a remote buffer overflow issue because it fails to perform adequate boundary checks on user supplied input to the "h_handlepeer()" function in "httpdx_src/http.cpp" file. httpdx version 1.4 is affected.
• Ref: http://www.securityfocus.com/bid/42181

• 10.33.30 - CVE: Not Available
• Platform: Cross Platform
• Title: OpenOffice Impress File Multiple Buffer Overflow Vulnerabilities
• Description: OpenOffice is a suite of office applications for multiple operating platforms. OpenOffice is exposed to multiple remote buffer overflow issues that occur in "Impress" when handling a malformed PPT file. OpenOffice version 3.2.1 is affected.
• Ref: http://securityevaluators.com/files/papers/CrashAnalysis.pdf

• 10.33.31 - CVE: CVE-2010-2493
• Platform: Cross Platform
• Title: JBoss Enterprise SOA Platform Multiple Security Bypass Vulnerabilities
• Description: JBoss Enterprise SOA Platform is an environment for developing Enterprise Application Integration and SOA solutions. It packages multiple JBoss components. The application is exposed to multiple security bypass issues. JBoss Enterprise SOA Platform versions prior to 5.0.2 are affected.
• Ref: https://bugzilla.redhat.com/show_bug.cgi?id=614774

• 10.33.32 - CVE: Not Available
• Platform: Cross Platform
• Title: Multiple Fujitsu Internet Navigware Products Unspecified Information Disclosure Issue
• Description: Fujitsu Internet Navigware products are used to create online learning materials. Multiple Fujitsu Internet Navigware products are exposed to an information disclosure issue due to an unspecified error in the Internet Navigware Server.
• Ref: http://www.securityfocus.com/bid/42028

• 10.33.33 - CVE: Not Available
• Platform: Cross Platform
• Title: OpenConnect SSL Hostname Verification Security Bypass
• Description: OpenConnect is a client for Cisco's AnyConnect SSL VPN. OpenConnect is exposed to a security bypass issue because it fails to properly verify the hostname of a server when using SSL connections. OpenConnect versions prior to 2.25 are affected.
• Ref: http://lists.infradead.org/pipermail/openconnect-devel/2010-May/000168.html

• 10.33.34 - CVE: Not Available
• Platform: Cross Platform
• Title: Hitachi Cosminexus Multiple Security Issue
• Description: Hitachi Cosminexus is an application server available for multiple operating platforms. Multiple Hitachi Cosminexus products are exposed to multiple unspecified security issues.
• Ref: http://www.securityfocus.com/bid/42099

• 10.33.35 - CVE: Not Available
• Platform: Cross Platform
• Title: ChordPulse ".cps" File Remote Buffer Overflow
• Description: ChordPulse is a musical sketchpad application. ChordPulse is exposed to a remote buffer overflow issue because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue occurs when opening specially crafted ".cps" files. ChordPulse version 1.4 is affected.
• Ref: http://www.securityfocus.com/bid/42117

• 10.33.36 - CVE: CVE-2010-1325
• Platform: Cross Platform
• Title: Apache SLMS Insufficient Quoting Cross-Site Request Forgery
• Description: Apache SLMS is a configuration utility for Apache web servers. Apache SLMS is exposed to a cross-site request forgery issue that occurs because the module fails to sufficiently place quotes around certain parameters.
• Ref: http://www.securityfocus.com/bid/42121

• 10.33.37 - CVE: Not Available
• Platform: Cross Platform
• Title: Un4Seen Developments XMPlay ".m3u" File Buffer Overflow Issue
• Description: Un4Seen Developments XMPlay is a multimedia player available for Microsoft Windows. The application is exposed to a buffer overflow issue because it fails to perform adequate checks on user supplied input. Specifically, this issue occurs when opening a specially crafted ".m3u" file. Un4Seen Developments XMPlay version 3.5.1 is affected.
• Ref: http://www.securityfocus.com/bid/42123

• 10.33.38 - CVE: Not Available
• Platform: Cross Platform
• Title: FTP Commander Directory Traversal Issue
• Description: FTP Commander is an FTP client program for Microsoft Windows. The application is exposed to a directory traversal issue because it fails to sufficiently sanitize directory traversal strings from user supplied input. FTP Commander versions 8.02, 8.0 Pro, and 9.20 Deluxe are affected.
• Ref: http://www.securityfocus.com/bid/42125

• 10.33.39 - CVE: CVE-2010-2532
• Platform: Cross Platform
• Title: LXDE LXSession Logout Information Disclosure and Remote Code Execution Issue
• Description: LXSession is the session manager used in LXDE (Lightweight X Desktop Environment). LXSession is exposed to information disclosure and remote code execution issues. These issues affect "lxsession-logout" and occur when suspending, hibernating, or switching between users.
• Ref: http://www.securityfocus.com/bid/42127

• 10.33.40 - CVE: Not Available
• Platform: Cross Platform
• Title: VxWorks Debugging Service Security Bypass
• Description: VxWorks is a real-time operating system. VxWorks is expose to a security bypass issue because it runs a system-level debugger (WDB agent) on UDP port 17185 without any requirement for authentication.
• Ref: http://www.kb.cert.org/vuls/id/362332

• 10.33.41 - CVE: Not Available
• Platform: Cross Platform
• Title: Adobe Acrobat and Reader Font Parsing Remote Code Execution
• Description: Adobe Reader and Acrobat are applications for handling PDF files. Adobe Acrobat and Reader are exposed to a remote code execution issue due to an integer overflow error that occurs when parsing font data in a crafted PDF document. Adobe Reader and Acrobat versions 9.3.3 and prior; and 8.2.3 and prior are affected.
• Ref: http://securityevaluators.com/files/papers/CrashAnalysis.pdf

• 10.33.42 - CVE: Not Available
• Platform: Cross Platform
• Title: FreeType Compact Font Format (CFF) Multiple Stack Based Buffer Overflow Issue
• Description: FreeType is an open-source font handling library. FreeType is exposed to multiple stack based buffer overflow issues because it fails to perform adequate boundary checks on user supplied data. These issues occur when handling Compact Font Format (CFF) character strings.
• Ref: http://www.securityfocus.com/bid/42241/references

• 10.33.43 - CVE: Not Available
• Platform: Cross Platform
• Title: ccTiddly "cct_base" Parameter Multiple Remote File Include Vulnerabilities
• Description: ccTiddly is a server-side implementation of TiddlyWiki. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input. ccTiddly version 1.7.6 is affected.
• Ref: http://www.securityfocus.com/bid/42265

• 10.33.44 - CVE: Not Available
• Platform: Cross Platform
• Title: FreeType Stack Buffer Overflow and Memory Corruption Vulnerabilities
• Description: FreeType is an open-source font handling library. FreeType is exposed to multiple remote issues. Successful exploits may allow attackers to execute arbitrary code in the context of an application that uses the affected library.
• Ref: https://bugzilla.redhat.com/show_bug.cgi?id=621907

• 10.33.45 - CVE: CVE-2010-2634
• Platform: Cross Platform
• Title: RSA enVision Unspecified Input Validation Issue
• Description: RSA enVision is a system for collecting and analyzing log data. The application is exposed to an unspecified input validation issue. RSA enVision version prior to 3.7 SP1 are affected.
• Ref: http://www.securityfocus.com/archive/1/512929

• 10.33.46 - CVE: Not Available
• Platform: Cross Platform
• Title: uzbl "uzbl-core" "@SELECTED_URI" Mouse Button Bindings Command Injection Issue
• Description: uzbl is an open-source web browser. uzbl "uzbl-core" is exposed to an issue that lets attackers inject arbitrary commands because the application fails to adequately sanitize user-supplied input. Specifically, the default "@SELECTED_URI" configuration setting permits shell commands to be injected through URIs in an insecure manner.
• Ref: http://www.securityfocus.com/bid/42297

• 10.33.47 - CVE: Not Available
• Platform: Cross Platform
• Title: OpenSSL "ssl3_get_key_exchange()" Use-After-Free Memory Corruption
• Description: OpenSSL is an open-source implementation of the SSL protocol that is used by a number of other projects. It is available for various platforms. OpenSSL is exposed to a remote memory corruption issue that may results in a use after free error when processing maliciously crafted certificates. The issue exists in the "ssl3_get_key_exchange()" function in "ssl/s3_clnt.c". OpenSSL version 1.0.0a is affected.
• Ref: http://www.securityfocus.com/bid/42306

• 10.33.48 - CVE: Not Available
• Platform: Cross Platform
• Title: ZNC Multiple Denial of Service Vulnerabilities
• Description: ZNC is a bouncer application for Internet Relay Chat (IRC). The application is exposed to multiple issues. 1) A remote denial of service issue that occurs when a "PING" command without an argument is sent to the ZNC application. 2) Multiple denial of service issues exist because the application does not handle certain exceptions related to "substr()" calls which results in the application terminating. ZNC version 0.092 is affected.
• Ref: http://znc.svn.sourceforge.net/viewvc/znc?view=revision&revision=2095

• 10.33.49 - CVE: Not Available
• Platform: Cross Platform
• Title: Lynx browser "convert_to_idna()" Function Remote Heap Based Buffer Overflow Issue
• Description: Lynx browser is a text-based web browser available for multiple platforms. Lynx browser is exposed to a remote heap based buffer overflow issue because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue affects the "convert_to_idna()" function in "WWW/Library/Implementation/HTParse.c" when processing a specially crafted URI with a "%" character in the last two characters.
• Ref: http://www.securityfocus.com/bid/42316

• 10.33.50 - CVE: CVE-2010-2861
• Platform: Cross Platform
• Title: Adobe ColdFusion Unspecified Directory Traversal Issue
• Description: Adobe ColdFusion is an application development platform. The application is exposed to an unspecified directory traversal issue because it fails to sufficiently sanitize user-supplied input. Adobe ColdFusion version 9.0.1 and prior are affected.
• Ref: http://www.adobe.com/support/security/bulletins/apsb10-18.html

• 10.33.51 - CVE: CVE-2010-2218, CVE-2010-2217, CVE-2010-2219,CVE-2010-2220
• Platform: Cross Platform
• Title: Adobe Flash Media Server Multiple Remote Security Vulnerabilities
• Description: Adobe Flash Media Server provides streaming media and a development environment for creating and delivering media applications. Adobe Flash Media Server is exposed to multiple issues. Flash Media Server (FMS) versions prior to 3.5.4 and 3.0.6 are affected. See advisory for complete details.
• Ref: http://www.adobe.com/support/security/bulletins/apsb10-19.html

• 10.33.52 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: Cisco Wireless Control System Cross-Site Scripting
• Description: Cisco Wireless Control System is a web interface for managing and reporting Cisco wireless infrastructure from a centralized location. The application is exposed to a cross-site scripting issue because the application fails to sufficiently sanitize user-supplied input. Cisco Wireless Control System versions 6.0.181.0 and earlier are affected.
• Ref: http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html

• 10.33.53 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: python-cjson "cjson.encode" Cross-Site Scripting
• Description: Python-cjson is a JSON encoder/decoder module for Python. The application is exposed to a cross-site scripting issue because it fails to properly sanitize "/" characters passed to the "cjson.encode" component. python-cjson version 1.0.5 is affected.
• Ref: http://www.securityfocus.com/bid/42076

• 10.33.54 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: Activedition "activedition/aelogin.asp" Multiple Cross-Site Scripting Vulnerabilities
• Description: Activedition is an ASP-based content management system. The application is exposed to multiple cross-site scripting issues because it fails to properly sanitize user-supplied input. Activedition version 4.0 is affected.
• Ref: http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-07

• 10.33.55 - CVE: CVE-2009-4975
• Platform: Web Application - Cross Site Scripting
• Title: Nokia QtDemoBrowser "webview.cpp" Cross-Site Scripting
• Description: Nokia QtDemoBrowser is a cross-platform web browser. The application is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input to the "webview.cpp" script.
• Ref: http://www.securityfocus.com/bid/42193

• 10.33.56 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: Drupal Devel Module Cross-Site-Scripting Issue
• Description: Devel is a PHP-based module for the Drupal content manager. Performance logging is a component within the Devel module. The module is exposed to a cross-site-scripting issue because it fails to properly sanitize URIs comprised of node paths. Reports generated by the "performance logging" component may contain malicious URIs. Devel prior to version 5.x-1.3 and 6.x-1.21 are affected.
• Ref: http://www.securityfocus.com/bid/42231/references

• 10.33.57 - CVE: CVE-2009-4958
• Platform: Web Application - SQL Injection
• Title: EMO Breeder Manager "video.php" SQL Injection
• Description: EMO Breeder Manager is PHP-based web application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "idd" parameter of the "video.php" script before using it in an SQL query.
• Ref: http://www.securityfocus.com/bid/42072

• 10.33.58 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: NextGEN Smooth Gallery Plugin for WordPress "galleryID" Parameter SQL Injection Issue
• Description: NextGEN Smooth Gallery is a PHP-based gallery plugin for WordPress. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "galleryID" parameter of the "nggSmoothFrame.php" script. NextGEN Smooth Gallery version 1.2 is affected.
• Ref: http://www.securityfocus.com/bid/42156

• 10.33.59 - CVE: CVE-2009-3503
• Platform: Web Application - SQL Injection
• Title: BPowerHouse BPHolidayLettings "search.aspx" Multiple SQL Injection Issues
• Description: BPowerHouse BPHolidayLettings is an ASP based web application. The application is exposed to multiple SQL injection issues because it fails to sufficiently sanitize user-supplied data to the "rid" and "tid" parameters of the "search.aspx" script before using it in an SQL query. BPowerHouse BPHolidayLettings version 1.0 is affected.
• Ref: http://www.securityfocus.com/bid/42204

• 10.33.60 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: APBoard "board.php" SQL Injection Issue
• Description: APBoard is a PHP-based discussion board application. The module is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "board.php" script before using it in an SQL query. APBoard version 2.1.0 is affected.
• Ref: http://www.securityfocus.com/bid/42262/info

• 10.33.61 - CVE: Not Available
• Platform: Web Application
• Title: jCore Unspecified User Permissions Security Bypass Issue
• Description: jCore is web content management system implemented in PHP. The application is exposed to an unspecified security bypass issue. This issue occurs because the application fails to properly handle user permissions. jCore versions prior to j0.2 are affected.
• Ref: http://www.securityfocus.com/bid/42177

• 10.33.62 - CVE: Not Available
• Platform: Web Application
• Title: Drupal Dashboard Tags and Title HTML Injection
• Description: Dashboard is a module for the Drupal content manager. The module is exposed to an HTML injection issue because it fails to properly sanitize content submitted to "tags" and "titles" parameters associated with default widgets. Dashboard versions prior to 6.x-2.1 are affected.
• Ref: http://drupal.org/node/867426

• 10.33.63 - CVE: Not Available
• Platform: Web Application
• Title: Drupal Sage Pay Direct Payment Gateway for Ubercart Information Disclosure
• Description: The Sage Pay Direct Payment Gateway for Ubercart is a module for the Drupal content manager. The module is exposed to an information disclosure issue because it fails to adequately restrict access to sensitive information. Specifically, this issue occurs when displaying information related to Visa and Mastercard verification schemes in an iframe window. Sage Pay Direct Payment Gateway for Ubercart version prior to 5.x-1.9 and 6.x-1.4 are affected.
• Ref: http://www.securityfocus.com/bid/42054

• 10.33.64 - CVE: Not Available
• Platform: Web Application
• Title: Drupal Kaltura Hidden iFrame Information Disclosure Issue
• Description: Kaltura is a module for the Drupal content manager. The Kaltura module for Drupal is exposed to an information disclosure issue. This issue is due to a design error due to the use of a hidden iFrame when installing, uninstalling, or updating the module. Kaltura versions prior to 6.x-1.5 and 5.x-1.4 are affected.
• Ref: http://www.securityfocus.com/bid/42066

• 10.33.65 - CVE: CVE-2009-4779
• Platform: Web Application
• Title: NukeHall "spaw_root" Parameter Multiple Remote File Include Issues
• Description: NukeHall is a PHP-based content management system. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input to the "spaw_root" parameter. NukeHall version 0.3 is affected.
• Ref: http://www.securityfocus.com/bid/42084

• 10.33.66 - CVE: CVE-2009-4223
• Platform: Web Application
• Title: KR - PHP Web Content Server "krgourl.php" Remote File Include
• Description: KR - PHP Web Content Server is a PHP-based content manager. The application is exposed to a remote file include issue because it fails to properly sanitize user-supplied input to the "DOCUMENT_ROOT" parameter of the "adm/krgourl.php" script. KR - PHP Web Content Server version 1.1 Beta 2 is affected.
• Ref: http://sourceforge.net/projects/krw/

• 10.33.67 - CVE: Not Available
• Platform: Web Application
• Title: PBBoard "title" Field HTML Injection
• Description: PBBoard is a web-based discussion board application. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input to the "title" field before using it in dynamically generated content. PBBoard version 2.0.2 is affected.
• Ref: http://www.securityfocus.com/bid/42171

• 10.33.68 - CVE: Not Available
• Platform: Web Application
• Title: PHP168 Template Editor
• Description: PHP168 Template Editor is a browser based online template editor for PHP168 CMS products. The application is exposed to a directory traversal issue because it fails to sufficiently sanitize user-supplied input to the "filename" parameter of the "index.php" script.
• Ref: http://www.securityfocus.com/bid/42174

• 10.33.69 - CVE: Not Available
• Platform: Web Application
• Title: Wonderware Archestra ConfigurationAccessComponent Stack Buffer Overflow Issue
• Description: Wonderware Archestra ConfigurationAccessComponent ActiveX is a server configuration ActiveX control. Wonderware Archestra ConfigurationAccessComponent ActiveX control is exposed to a stack-based buffer overflow issue because it fails to perform adequate boundary checks on user-supplied data. The affected ActiveX control is included in the following products: Wonderware Application Server prior to 3.1 Service Pack 2 Patch 01.
• Ref: http://www.securityfocus.com/bid/42184

• 10.33.70 - CVE: Not Available
• Platform: Web Application
• Title: PHPFinance "group.php" SQL Injection and HTML Injection Vulnerabilities
• Description: PHPFinance is an PHP-based web application. The application is exposed to multiple issues. 1) An HTML injection issue because it fails to sufficiently sanitize user-supplied input to the "Amount" and "Note" fields of the "group.php" script when the "del" parameter is set to "1". 2) A SQL injection issue that affects the "tname" parameter of the "group.php" script. PHPFinance version 0.6 is affected.
• Ref: http://www.securityfocus.com/bid/42230

• 10.33.71 - CVE: Not Available
• Platform: Web Application
• Title: Mantis "manage_proj_cat_add.php" HTML Injection Issue
• Description: Mantis is a web-based bug tracker implemented in PHP. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input to the "name" parameter of the "manage_proj_cat_add.php" script when creating a project category. Mantis version 1.2.2 is affected.
• Ref: http://secunia.com/secunia_research/2010-103/

• 10.33.72 - CVE: Not Available
• Platform: Web Application
• Title: DiamondList Cross-Site Scripting and HTML Injection Vulnerabilities
• Description: DiamondList is a web-based wishlist management program. The application is exposed to multiple issues because it fails to properly sanitize user-supplied input before using it in dynamically generated content. 1) A cross-site scripting issue that affects the "setting[site_title]" parameter of the "/use/main/update_settings" script. 2) An HTML injection issue that affects the "category[description]" parameter of the "user/main/update_category" script. DiamondList version 0.1.6 is affected.
• Ref: http://www.securityfocus.com/archive/1/512892

• 10.33.73 - CVE: CVE-2010-2756, CVE-2010-2757, CVE-2010-2758,CVE-2010-2759
• Platform: Web Application
• Title: Bugzilla Multiple Vulnerabilities
• Description: Bugzilla is a web-based bug tracking application. The application is exposed to multiple issues. 1) A security bypass issue that affects the application because it fails to send a notification to the target users when some other user tries to impersonate them. 2) An information disclosure issue that affects the application's boolean charts search feature as it discloses other users' group membership. 3) An information disclosure issue that affects the "Reports" and "Duplicates" pages of the application because it throws an error related to the products. 4) A denial of service issue when processing specially crafted comments allowing an attacker to prevent other users to view the pages containing these comments.
• Ref: http://www.bugzilla.org/security/3.2.7/

• 10.33.74 - CVE: Not Available
• Platform: Web Application
• Title: IBM WebSphere Service Registry and Repository Multiple Cross-Site Scripting Vulnerabilities
• Description: IBM WebSphere Service Registry and Repository is a service management application. The application is exposed to multiple cross-site scripting issues because it fails to properly sanitize user-supplied input. WebSphere Service Registry and Repository version 6.3 is affected.
• Ref: http://www-01.ibm.com/support/docview.wss?uid=swg1IZ76926

• 10.33.75 - CVE: CVE-2009-3327, CVE-2009-3328
• Platform: Web Application
• Title: WX-Guestbook SQL Injection and HTML Injection Vulnerabilities
• Description: WX-Guestbook is a PHP-based web application. The application is exposed to multiple issues because it fails to sufficiently sanitize user-supplied data. WX-Guestbook version 1.1.208 is affected.
• Ref: http://sourceforge.net/projects/wx-guestbook/

• 10.33.76 - CVE: CVE-2009-3331
• Platform: Web Application
• Title: DDL CMS "wwwRoot" Parameter Multiple Remote File Include Vulnerabilities
• Description: DDL CMS is a PHP-based content management system. The application is exposed to multiple remote file include issues because it fails to properly sanitize user-supplied input. DDL CMS version 1.0 is affected.
• Ref: http://www.securityfocus.com/bid/42301

• 10.33.77 - CVE: Not Available
• Platform: Web Application
• Title: KDPics "index.php3" Remote File Include Issue
• Description: KDPics is a web-based application implemented in PHP. The application is exposed to a remote file include issue because it fails to properly sanitize user-supplied input to the "page" parameter of the "index.php3" script. KDPics version 1.11 is affected.
• Ref: http://www.securityfocus.com/bid/42312

• 10.33.78 - CVE: CVE-2009-3324
• Platform: Web Application
• Title: Prodler "prodler.class.php" Remote File Include Issue
• Description: Prodler is a PHP-based content management system. The application is exposed to a remote file include issue because it fails to properly sanitize user-supplied input to the "sPath" parameter of the "include/prodler.class.php" script. Prodler version 2.0 and prior are affected.
• Ref: http://www.securityfocus.com/bid/42319

• 10.33.79 - CVE: Not Available27.07.2010 is affected.
• Platform: Web Application
• Title: Preation Eden Platform Multiple HTML Injection Issues
• Description: Preation Eden Platform is a content management system. The application is exposed to multiple HTML injection issues because it fails to properly sanitize user-supplied input to the "text" and "author" fields of the "/testimonials/admin/list" script, and multiple unspecified fields of the contact form. Preation Eden Platform version
• Ref: http://www.securityfocus.com/bid/42321

• 10.33.80 - CVE: Not Available
• Platform: Network Device
• Title: Intellinet IP Camera MNC-L10 Cookie Authentication Bypass Issue
• Description: Intellinet IP Camera is a network-based camera. The Intellinet IP Camera application is exposed to an authentication bypass issue because it fails to adequately verify user-supplied input used for cookie based authentication. Specifically, attackers can gain administrative access to the application by setting the "user_auth_level" cookie parameter to "43".
• Ref: http://www.securityfocus.com/bid/42111

• 10.33.81 - CVE: CVE-2010-2860
• Platform: Network Device
• Title: EMC Celerra Unified Storage Platform NAS Security Bypass
• Description: EMC Celerra Unified Storage Platform is a network storage device. EMC Celerra Unified Storage Platform is exposed to a security bypass issue that occurs because the device fails to properly restrict access to the "/" file system.
• Ref: https://www.trustwave.com/spiderlabs/advisories/TWSL2010-003.txt

• 10.33.82 - CVE: CVE-2010-1579, CVE-2010-2819
• Platform: Network Device
• Title: Multiple Cisco Products SunRPC Inspection Variant B Remote Denial of Service Issue
• Description: Cisco ASA 5500 series security appliances are network security devices. Cisco Firewall Services Module (FWSM) is an integrated firewall module for multiple Cisco devices. The Sun Remote Procedure Call (RPC) protocol is used in network communications for technologies such as Network File System (NFS) and Network Information Service (NIS). Cisco ASA 5500 Series Adaptive Security Appliances and the FWSM for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers are exposed to a denial of service issue. The issue affects the Sun RPC inspection engine. Attackers can send a specially crafted UDP packet to the port mapper service, usually via UDP port 111, to trigger the issue. This issue is tracked by Cisco Bug IDs CSCtc79922 and CSCte61622.
• Ref: http://www.securityfocus.com/bid/42192

• 10.33.83 - CVE: CVE-2010-2821
• Platform: Network Device
• Title: Cisco Firewall Services Module Multi-Mode TCP Processing Remote Denial of Service Issue
• Description: Cisco Firewall Services Module (FWSM) is an integrated firewall module for multiple Cisco devices. Cisco FWSM for the Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is exposed to a denial of service issue. The issue occurs when processing TCP packets if the application is configured for multi-mode contexts with virtual firewalls. The application must be configured to accept Telnet, SSH, or ASDM connections. This issue is tracked by Cisco Bug ID CSCtg68694.
• Ref: http://www.securityfocus.com/bid/42194

• 10.33.84 - CVE: CVE-2010-2705
• Platform: Network Device
• Title: HP ProCurve 1800 Switches SNMP Unspecified Information Disclosure
• Description: HP ProCurve 1800 is a series of networking switches available from HP. The application is exposed to an unspecified remote information disclosure issue that affects the switches running SNMP. HP ProCurve Switch 1800-24G (J9028A/B) Software Release PB.03.04 and HP ProCurve Switch 1800-8G (J9029A) Software Release PA.03.04 are affected.
• Ref: https://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02436028&a
  dmit=109447626+1281394373796+28353475

• 10.33.85 - CVE: CVE-2010-2706, CVE-2010-2708,
• Platform: Network Device
• Title: HP ProCurve 2610 Multiple Denial of Service Issues
• Description: HP ProCurve 2610 is a networking switch of 2610 series. HP ProCurve 2610 series switches are exposed to multiple denial of service issues. The following versions are affected: HP ProCurve Switch 2610-24 J9085A HP ProCurve Switch 2610-48 J9088A HP ProCurve Switch 2610-24/12PWR J9086A HP ProCurve Switch 2610-24-PWR J9087A HP ProCurve Switch 2610-48-PWR J9089A
• Ref: http://www.securityfocus.com/bid/42225/references

• 10.33.86 - CVE: CVE-2010-27072626/2650 series switches are exposed to an unspecified securitybypass issue.
• Platform: Network Device
• Title: HP ProCurve 2626/2650 Unspecified Security Bypass
• Description: HP ProCurve 2626/2650 are network switches. HP ProCurve
• Ref: http://h10144.www1.hp.com/customercare/support/software/switches.htm

(c) 2010. All rights reserved. The information contained in this newsletter, including any external links, is provided "AS IS," with no express or implied warranty, for informational purposes only. In some cases, copyright for material in this newsletter may be held by a party other than Qualys (as indicated herein) and permission to use such material must be requested from the copyright owner.