2886 matches found
Siemens Working On Fix For 'Security Gaps' In Logic Controllers
Siemens AG said on Tuesday that it was talking to its customers about what it acknowledged were “security gaps” in its Programmable Logic Controllers PLCs, after an NSS Labs researcher disclosed the discovery of what he described as serious security holes in the company’s industrial control...
Researcher Says Siemens Downplaying Serious SCADA Holes
Dillon Beresford, the NSS Labs researcher who disclosed serious holes in industrial control system software from Siemens says the company is downplaying the seriousness of the vulnerabilities in its public statements, and that a supposed “fix” for the vulnerabilities is inadequate. In a message...
Network access control system PacketFence 2.2 released !
PacketFence is a free and open source network access control NAC system. It can be used to effectively secure networks - from small to very large heterogeneous networks. PacketFence has been deployed in production environments where thousands of users are involved - on wired and wireless networks...
Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability Document ID: 112916 Advisory ID: cisco-sa-20110427-wlc Revision 1.0 For Public Release 2011 April 27 1600 UTC GMT...
Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability Advisory ID: cisco-sa-20110330-nac Revison 1.0 For Public Release 2011 March 30 1600 UTC GMT...
CVE-2010-4331
Multiple cross-site scripting XSS vulnerabilities in Seo Panel 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 defaultnews or 2 sponsors cookies, which are not properly handled by a controllers/index.ctrl.php or b controllers/settings.ctrl.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Seo Panel 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 defaultnews or 2 sponsors cookies, which are not properly handled by a controllers/index.ctrl.php or b controllers/settings.ctrl.php...
CVE-2010-4331
Seo Panel 2.2.0 contains cookie‑rendered persistent XSS vulnerabilities: unmapped content is reflected from two cookies, default_news and sponsors, into pages that include controllers/index.ctrl.php or controllers/settings.ctrl.php. The issue is demonstrated across multiple references (Exploit-DB...
HP ProCurve access points / access controllers / mobility controllers privilege escalation
No description provided...
[security bulletin] HPSBGN02589 SSRT100296 rev.1 - HP ProCurve Access Points, Access Controllers, and Mobility Controllers, Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02544568 Version: 1 HPSBGN02589 SSRT100296 rev.1 - HP ProCurve Access Points, Access Controllers, and Mobility Controllers, Privilege Escalation NOTICE: The information in this Security Bulletin...
CVE-2010-3287
Unspecified vulnerability on HP ProCurve Access Points, Access Controllers, and Mobility Controllers with software 5.1.x through 5.1.9, 5.2.x through 5.2.7, 5.3.x through 5.3.5, and 5.4.x through 5.4.0 allows remote attackers to execute arbitrary code via unknown vectors...
Code injection
Unspecified vulnerability on HP ProCurve Access Points, Access Controllers, and Mobility Controllers with software 5.1.x through 5.1.9, 5.2.x through 5.2.7, 5.3.x through 5.3.5, and 5.4.x through 5.4.0 allows remote attackers to execute arbitrary code via unknown vectors...
CVE-2010-3287
Unspecified vulnerability on HP ProCurve Access Points, Access Controllers, and Mobility Controllers with software 5.1.x through 5.1.9, 5.2.x through 5.2.7, 5.3.x through 5.3.5, and 5.4.x through 5.4.0 allows remote attackers to execute arbitrary code via unknown vectors...
CVE-2010-3287
CVE-2010-3287 affects HP ProCurve hardware (Access Points, Access Controllers, Mobility Controllers) running software versions 5.1.x up to 5.1.9, 5.2.x up to 5.2.7, 5.3.x up to 5.3.5, and 5.4.x up to 5.4.0. The vulnerability allows remote attackers to execute arbitrary code via unknown vectors. H...
Security Firms Scramble For SCADA Talent After Stuxnet
Three months after the world first learned of the sophisticated Stuxnet worm, insiders say that there’s a scramble to find and hire engineers with knowledge of both security and the industrial control systems that were Stuxnet’s intended target. Anti virus companies admit their research teams wer...
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers Advisory ID: cisco-sa-20100908-wlc Revision 1.0 For Public Release 2010 September 08 1600 UTC GMT +--------------------------------------------------------------------...
Design/Logic Flaw
Cisco Unified Wireless Network UWN Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service buffer leak and device crash via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508...
Design/Logic Flaw
Cisco Unified Wireless Network UWN Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTHREQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305...
How to Take Down a Botnet
The botnet problem has reached epidemic levels in recent months, with the continued growth of large-scale botnets, as well as the identification of smaller, more targeted networks around the world. But researchers have been taking steps to disrupt botnets of late, with some notable successes, as...
Conficker Infects 7 Million Systems in a Year
The Shadowserver Foundation reported that it has discovered 7 million unique IP addresses infected by Conficker and its variants. Tracking of the attack was accomplished by cracking the algorithm that the worm uses to find instructions on the Internet. Shadowserver then used sinkhole servers to l...