[DCA-2011-0016] - Tufin SecureTrack Cross Site Script

Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Tufin SecureTrack Vendor Product Description - Features powerful tools to track changes, analyze device configurations, optimize rule bases, and more on leading vendor firewalls, routers, switches...

[DCA-2011-0014] - Elxis CMS Cross Site Script

Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Elxis CMS Vendor Product Description - Elxis is powerful open source content management system CMS released for free under the GNU/GPL license. It has unique multi-lingual features, it follows W3C...

QuesCom Qportal User 5.10.014 Source Disclosure

Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - QuesCom Qportal User Vendor Product Description - No vendor product description - Site: http://www.quescom.com/ Advisory Timeline - 12/01/2011 - First Contact requesting security department...

Elxis CMS 2009.3 Aphrodite Cross Site Scripting

Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Elxis CMS Vendor Product Description - Elxis is powerful open source content management system CMS released for free under the GNU/GPL license. It has unique multi-lingual features, it follows W3C...

[DCA-2011-0011] - Ocomon Multiple SQL Injection

DCA-2011-0011 Discussion - DcLabs Security Research Group advises about following vulnerabilityies: Software - Ocomon Vendor Product Description - The OCOMON came in March 2002 as a personal project of programmer Franque Custodio, with the initial characteristics of the registration, monitoring,...

Trend Micro WebReputation API URI安全限制绕过漏洞

BUGTRAQ ID: 46864 Trend Micro WebReputation API是趋势科技网页声誉应用程序界面。 Trend Micro WebReputation API在实现上存在安全限制绕过漏洞，远程攻击者可利用此漏洞绕过下载机制中包含的过滤程序，下载恶意文件到受影响计算机。 Trend Micro WebReputation API 10.5 Trend Micro WebReputation API 0 厂商补丁： Trend Micro ----------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

[DCA-2011-0006] Hiawatha 7.4 - Denial-of-Service

Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Hiawatha WebServer 7.4 Vendor Product Description - Hiawatha is an open source webserver with a focus on security. I started Hiawatha in January 2002. Before that time, I had used several...

Weborf 0.12.4 Denial Of Service

Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Weborf-0.12.4 Denial-of-Service Vendor Product Description - Weborf is a lightweight webserver designed to rapidly share directories. Runs on POSIX systems. - Source:...

Hiawatha WebServer 7.4 Denial Of Service

Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Hiawatha WebServer 7.4 Vendor Product Description - Hiawatha is an open source webserver with a focus on security. I started Hiawatha in January 2002. Before that time, I had used several...

Hiawatha WebServer 7.4 - Denial of Service

Hiawatha WebServer 7.4 - Denial of Service Source: http://packetstormsecurity.org/files/view/99021/DCA-2011-0006.txt Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Hiawatha WebServer 7.4 Vendor Product Description - Hiawatha is an open source...

TOTVS ERP Microsiga Protheus User Enumeration

DCA-2011-0002 Discussion - DcLabs Security Research Group advises about following vulnerabilityies: Software - TOTVS ERP Microsiga Protheus Vendor Product Description - Portuguese - Software de Gestão - TOTVS A TOTVS é uma empresa de software, inovação, relacionamento e suporte à gestão, líder...

[DCA-00017] LinkSys BEFSR41 Multiple Stored Xss

DCA-00017 LinkSys BEFSR41 Multiple Stored Xss Software/Hardware - LinkSys DSL Router BEFSR41 V2 Vendor Product Description - This Router will allow your computers to share a high-speed Internet connection as well as resources, including files and printers. Bug Description - Linksys does not...

Linksys BEFSR41 Cross Site Scripting

DCA-00017 LinkSys BEFSR41 Multiple Stored Xss Software/Hardware - LinkSys DSL Router BEFSR41 V2 Vendor Product Description - This Router will allow your computers to share a high-speed Internet connection as well as resources, including files and printers. Bug Description - Linksys does not...

[DCA-00016 - Nokia E72 Keyboard Password bypass]

DCA-00016 - Nokia E72 Keyboard Password bypass Software/Hardware - Nokia E72 Vendor Product Description - Nokia E72 is a high-performance device tailor-made for seamless business and personal communication. Bug Description - The Nokia E72 keyboard lock have a delay to validate the password and on...

[DCA-0009] - NetWordDLS Finger Server Denial of Service

DCA-0009 - NetWordDLS Finger Server Denial of Service Software - NetWordDLS Finger Server Vendor Product Description - A windows server application that reports back to users the machine name and the current logged on user Bug Description - Server does not validate the input size leading to a...

IrcDelphi Daemon Server Denial of Service

Exploit for windows platform in category dos / poc ========================================= IrcDelphi Daemon Server Denial of Service ========================================= Software - IrcDelphi Daemon Server Vendor Product Description - IRC Daemon IRCd, IRC Server coded in Delphi/Kylix using...

Weborf服务器HTTP头远程拒绝服务漏洞

BUGTRAQ ID: 41064 Weborf是用C编写的轻型Web服务器。 Weborf服务器没有正确地处理HTTP请求头Connection:字段中的unicode字符，远程攻击者可以通过发送恶意HTTP请求导致服务器终止。 Galileo Students Team Weborf 0.12.1 厂商补丁： Galileo Students Team --------------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://freshmeat.net/projects/weborf/releases/318531...