Cross site scripting

Cross-site scripting XSS vulnerability in HTTP Access Services HTTP-AS in the Connection Manager in IBM Lotus Mobile Connect LMC before 6.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Design/Logic Flaw

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 disables the http.device.stanza blacklisting functionality for HTTP Access Services HTTP-AS, which allows remote attackers to bypass intended access restrictions via an HTTP request that contains a disallowed User-Agent header...

Design/Logic Flaw

The Connection Manager in IBM Lotus Mobile Connect LMC before 6.1.4, when HTTP Access Services HTTP-AS is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate attackers to obtain access via an unattended client, related to a...

Design/Logic Flaw

The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services HTTP-AS is enabled, does not properly handle failed attempts at establishing HTTP-TCP sessions, which allows remote attackers to cause a denial of service...

CVE-2010-4591

The CVE-2010-4591 entry concerns IBM Lotus Mobile Connect (LMC)

CVE-2010-4592

The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services HTTP-AS is enabled, does not properly handle failed attempts at establishing HTTP-TCP sessions, which allows remote attackers to cause a denial of service...

CVE-2010-4590

Cross-site scripting XSS vulnerability in HTTP Access Services HTTP-AS in the Connection Manager in IBM Lotus Mobile Connect LMC before 6.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-4590

CVE-2010-4590 describes a Cross-site scripting (XSS) vulnerability in the HTTP Access Services (HTTP-AS) component of IBM Lotus Mobile Connect (LMC) prior to version 6.1.4. The flaw affects the Connection Manager and allows remote attackers to inject arbitrary web script or HTML via unspecified v...

CVE-2010-4592

The CVE-2010-4592 issue affects IBM Lotus Mobile Connect (Connection Manager) prior to version 6.1.4 when HTTP Access Services is enabled. The vulnerability stems from improper handling of failed HTTP-TCP session establishment, which allows remote attackers to trigger memory consumption leading t...

MS02-063 PPTP Malformed Control Data Kernel Denial of Service

This module exploits a kernel based overflow when sending abnormal PPTP Control Data packets to Microsoft Windows 2000 SP0-3 and XP SP0-1 based PPTP RAS servers Remote Access Services. Kernel memory is overwritten resulting in a BSOD. Code execution may be possible however this module is only a...

Nokia Siemens FlexiISN GGSN Authentication Bypass

NOKIA Siemens FlexiISN GGSN Multiple Authentication bypass Vulnerability: NOKIA Siemens FlexiISN Remote: Yes Local: No Class: Input Validation Error Critical: Moderately critical OS : FlexiISN GGSN FISN 3.1 URL 1 for bypassing authentication on AAA Configuration: http://Flexi-ISN...

Nokia Siemens FlexiISN 3.1 Multiple Auth Bypass Vulnerabilities

Exploit for hardware platform in category remote exploits =============================================================== NOKIA Siemens FlexiISN 3.1 Multiple Auth Bypass Vulnerabilities =============================================================== NOKIA Siemens FlexiISN GGSN Multiple...

Hacker attack and Defense of the PPPoE authentication and use-vulnerability and early warning-the black bar safety net

A Foreword In recent years, Internet data traffic has developed rapidly, broadband users showed explosive growth, the operators in the use of xDSL, LAN, HFC, wireless and other access methods at the same time, in order to build an operable, manageable and profitable broadband network, is very...

Microsoft Windows路由和远程访问服务溢出漏洞（MS06-025）

Microsoft Windows是微软发布的非常流行的操作系统。 远程攻击者可以通过特制的RPC请求触发Microsoft Windows路由和远程访问服务（RRAS）中的缓冲区溢出，导致执行任意指令。 Microsoft Windows XP SP2 Microsoft Windows XP SP1 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 Microsoft Windows 2000 临时解决方法： 禁用远程访问连接管理器服务。 在防火墙阻断：...

Microsoft Security Bulletin MS02-063: Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks (Q329834)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks Q329834 Date: 30 October 2002 Software: Windows 2000, Windows XP Impact: Denial of Service Max Risk:...

Security update 1970-01-01

...