84 matches found
CVE-2014-5370
Directory traversal vulnerability in the CFChart servlet com.naryx.tagfusion.cfm.cfchartServlet in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. dot dot in the QUERYSTRING to cfchart.cfchart...
Directory traversal
Directory traversal vulnerability in the CFChart servlet com.naryx.tagfusion.cfm.cfchartServlet in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. dot dot in the QUERYSTRING to cfchart.cfchart...
BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File RetrievalDeletion
BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File RetrievalDeletion Vulnerability title: Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet CVE: CVE-2014-5370 Vendor: New Atlanta Product: BlueDragon CFChart Servlet Affected version: 7.1.1.17759 Fixed version:...
BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File Retrieval/Deletion
Vulnerability title: Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet CVE: CVE-2014-5370 Vendor: New Atlanta Product: BlueDragon CFChart Servlet Affected version: 7.1.1.17759 Fixed version: 7.1.1.18527 Reported by: Mike Westmacott Details: The CFChart servlet of...
BlueDragon CFChart Servlet 7.1.1.17759 Directory Traversal
Vulnerability title: Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet CVE: CVE-2014-5370 Vendor: New Atlanta Product: BlueDragon CFChart Servlet Affected version: 7.1.1.17759 Fixed version: 7.1.1.18527 Reported by: Mike Westmacott Details: The CFChart servlet of...
CVE-2014-7315
The Where Atlanta aka com.magzter.whereatlanta application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Design/Logic Flaw
The Where Atlanta aka com.magzter.whereatlanta application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7315
The CVE-2014-7315 entry applies to the Android app Where Atlanta (com.magzter.whereatlanta) version 3.0.2. The vulnerability is caused by the app not verifying X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and obtain sensitive information through a cra...
CVE-2014-7315
The Where Atlanta aka com.magzter.whereatlanta application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Scientific Atlanta DPX2100 Cable Modem LanD Packet Denial of Service Vulnerability
No description provided by source. source: www.securityfocus.com/bid/15870/info Scientific Atlanta DPX2100 cable modems are prone to a denial of service vulnerability. These devices are susceptible to a remote denial of service vulnerability when handling TCP 'LanD' packets. This issue allows...
CVE-2013-7043
Multiple cross-site request forgery CSRF vulnerabilities on Cisco Scientific Atlanta DPR2320R2 routers with software 2.0.2r1262-090417 allow remote attackers to hijack the authentication of administrators for requests that 1 change a password via the Password parameter to goform/RgSecurity; 2...
CVE-2012-3047
The CVE-2012-3047 issue affects Cisco Scientific Atlanta D20 and D30 cable modems, where the web-wizard setup page is vulnerable to Cross-site Scripting (XSS). The root cause is insufficient sanitization of user-supplied input on the web wizard setup page, enabling an unauthenticated, remote atta...
CVE-2013-7043
CVE-2013-7043 covers multiple CSRF vulnerabilities in Cisco Scientific Atlanta DPR2320R2 routers running 2.0.2r1262-090417. The issues allow remote attackers to hijack administrator sessions and perform actions such as: (1) change a password via the Password parameter to goform/RgSecurity, (2) re...
Scientific-Atlanta, Inc. DPR2320R2 - Multiple Cross-Site Request Forgery Vulnerabilities
Exploit Title: DPR2320R2 Scientific-Atlanta, Inc.A Cisco COMPANY :: Multiple CSRF vulnerability Author: sajith Category: Hardware/Wireless Router vendor home page: http://www.cisco.com/web/consumer/support/modemDPR2320.html Software Version: v2.0.2r1262-090417 1 Attacker can change the modem...
Algerian Hacker linked to SpyEye virus extradited to US
The Algerian hacker linked with the SpyEye computer virus, designed to steal financial and personal information was extradited by Thailand to the United States to face charges that he hijacked customer accounts at more than 200 banks and financial institutions and have been used to steal more tha...
How I Got Here: Paul Judge
Dennis Fisher talks with Paul Judge, the CTO of Barracuda Labs, about his roots in the security industry, his near-miss with organic chemistry, the start-up and security community in Atlanta and what his next venture might be. Download: 03pauljudge.mp3...
Cisco Scientific Atlanta D20 and D30 Based Cable Modem Cross-Site Scripting Vulnerability
Cisco Scientific Atlanta cable modems D20 and D30 based products contain a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to insufficient sanitization of user-supplied input to the web wizard setup web page. An...
Atlanta IT Worker Hacked Ex-Employers Database
Atlanta IT Worker Hacked Ex-Employers Database An Atlanta man could receive up to five years in prison after pleading guilty Wednesday to hacking into a former employer's patient database, stealing information and then wiping the database clean. Federal prosecutors said Eric McNeal, 37, used the...
Atlanta IT Worker Hacked Ex-Employers Database
Atlanta IT Worker Hacked Ex-Employers Database An Atlanta man could receive up to five years in prison after pleading guilty Wednesday to hacking into a former employer's patient database, stealing information and then wiping the database clean. Federal prosecutors said Eric McNeal, 37, used the...
Lulzsec hack Infragard Atlanta Members Alliance & challenge FBI !
Lulzsec hackInfragard Atlanta Members Alliance & challengeFBI ! Lulzsec yesterday hack Sony and Today they hack Infragard Atlanta Members Alliance , which having partnership with FBI. There is a Video Posted By Lulzsec on Their site after hack : The message written by them : LET IT FLOW YOU STUPI...