PT-2011-08: Multiple vulnerabilities in Dlink DPH 150SE/E/F1

Positive Research Center has discovered multiple vulnerabilities in Dlink DPH 150SE/E/F1 IP phone. 1. A vulnerability exists in web management interface of Dlink DPH 150SE and allows an unauthenticated user to obtain device configuration file with all the settings including administrator's...

SAMHAIN v2.8.5 - intrusion detection system

SAMHAIN v2.8.5 - intrusion detection system The samhain open source host-based intrusion detection system HIDS provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. It has been...

Ubuntu 10.10 : language-selector vulnerability (USN-1115-1)

Romain Perier discovered that the language-selector D-Bus backend did not correctly check for Policy Kit authorizations. A local attacker could exploit this to inject shell commands into the system-wide locale configuration file, leading to root privilege escalation. Note that Tenable Network...

CVE-2011-1645

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the backup configuration file, and consequently execute...

Design/Logic Flaw

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the backup configuration file, and consequently execute...

CVE-2011-1645

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the backup configuration file, and consequently execute...

CVE-2011-1645

The CVE-2011-1645 vulnerability affects Cisco RVS4000 and WRVS4400N Gigabit Security Routers. The flaw is in the web management interface, where an unauthenticated remote attacker can read the device’s backup configuration file, which can contain sensitive data such as HTTP passwords and VPN pre-...

Gimp: Stack-based buffer overflow in Lighting plug-in

Stack-based buffer overflow in the loadpresetresponse function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Position field...

Gimp: Stack-based buffer overflow in SphereDesigner plug-in

Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long "Number of lights" field in a...

Gimp: Stack-based buffer overflow in Gfig plug-in

Stack-based buffer overflow in the gfigreadparametergimprgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Foreground field in a plugin...

Mandriva Linux Security Advisory : gimp (MDVSA-2011:103)

Multiple vulnerabilities was discovered and fixed in gimp : Stack-based buffer overflow in the 'LIGHTING EFFECTS LIGHT' plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Position field in a plug...

Cisco Security Advisory: Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities Advisory ID: cisco-sa-20110525-rvs4000 Revision 1.0 For Public Release 2011 May 25 1600 UTC GMT...

PR10-17 Various XSS and information disclosure flaws within KeyFax response management system

PR10-17: Various XSS and information disclosure flaws within KeyFax response management system http://www.omfax.co.uk Vulnerability found: 25th August 2010 Vendor informed: Vulnerability fixed: Severity: Medium/High Description: KeyFax response management system provides professional management o...

KeyFax Response Management System 3.2.2.6 XSS / Information Disclosure

PR10-17: Various XSS and information disclosure flaws within KeyFax response management system http://www.omfax.co.uk Vulnerability found: 25th August 2010 Vendor informed: Vulnerability fixed: Severity: Medium/High Description: KeyFax response management system provides professional management o...

[RT-SA-2011-004] Client Side Authorization ZyXEL ZyWALL USG Appliances Web Interface

Advisory: Client Side Authorization ZyXEL ZyWALL USG Appliances Web Interface The ZyXEL ZyWALL USG appliances perform parts of the authorization for their management web interface on the client side using JavaScript. By setting the JavaScript variable "isAdmin" to "true", a user with limited acce...

DEBIAN-CVE-2011-1843

Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handling of invalid port numbers...

Hero Wide-WEB Site any download 0DAY vulnerabilities-vulnerability warning-the black bar safety net

Inadvertently see, download player pop-up when the address, http://10.0.2.100/web/html/download.asp?file=../../herotemp/jtplayer.exe Look at the download. asp source code % Dim path path=Request. QueryString"file" If path"" Then On Error Resume Next path=Server. MapPathpath downloadfilepath End I...

[USN-1115-1] language-selector vulnerability

========================================================================== Ubuntu Security Notice USN-1115-1 April 19, 2011 language-selector vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

CVE-2011-1500

PreferencesPithosDialog.py in Pithos 0.3.7 does not properly restrict permissions for the .config/pithos.ini file in a user's home directory, which allows local users to obtain Pandora credentials by reading this file...

CVE-2011-1673

BackupConfig.php on the NetGear ProSafe WNAP210 allows remote attackers to obtain the administrator password by reading the configuration file...