Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Intrusion Prevention System (CVE-2015-5600)

Summary A security vulnerability has been discovered in OpenSSH used with IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2015-5600 DESCRIPTION: OpenSSH could allow a local attacker to obtain sensitive information, caused by an error in the keyboard-interactive...

Security Bulletin: Vulnerabilities in unzip affect IBM Security Network Intrusion Prevention System (CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, and CVE-2014-9636 )

Summary The unzip utility is used to list, test, or extract files from a zip archive. Security vulnerabilities have been discovered in unzip used with IBM Security Network Intrusion Prevention System. Vulnerability Details CVE ID: CVE-2014-8139 DESCRIPTION: Info-ZIP UnZip is vulnerable to a...

Security Bulletin: Libxml2 vulnerabilities in Network Intrusion Prevention System (CVE-2014-0191, CVE-2013-2877, CVE-2014-3660, CVE-2013-5211)

Summary Security vulnerabilities have been discovered in the libxml2 component of IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2014-0191 DESCRIPTION: Libxml2 is vulnerable to a denial of service, caused by the expansion of internal entities within the...

Security Bulletin: NTP vulnerability in Network Intrusion Prevention System (CVE-2013-5211)

Summary Security vulnerabilities have been discovered in the NTP component of IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2013-5211 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an error in the monlist feature in ntprequest.c. By sending a...

Cross site scripting

Cross-site scripting XSS vulnerability in alert.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 allows remote attackers to inject arbitrary web script or HTML via the reminder parameter...

Remote file inclusion

PHP remote file inclusion in main.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...

CVE-2007-3830

Cross-site scripting XSS vulnerability in alert.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 allows remote attackers to inject arbitrary web script or HTML via the reminder parameter...

CVE-2007-3831

PHP remote file inclusion in main.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...

CVE-2007-3830

Cross-site scripting XSS vulnerability in alert.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 allows remote attackers to inject arbitrary web script or HTML via the reminder parameter...

CVE-2007-3830

The CVE-2007-3830 entry concerns an XSS vulnerability in alert.php of ISS Proventia Network IPS GX5108 (v1.3) and GX5008 (v1.5). The vulnerability is triggered via the reminder parameter, allowing remote attackers to inject arbitrary web script or HTML. Affected component: alert.php; vulnerable i...

IBM Proventia Sensor Appliance - Multiple Input Validation Vulnerabilities

IBM Proventia Sensor Appliance - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/24864/info The IBM Proventia Sensor Appliance is prone to multiple input-validation vulnerabilities, including multiple remote file-include issues and a cross-site scripting issue...

[REVS] Having Fun with Sensor Appliance Proventia GX5108 and GX5008 Insecurities (Part One)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...