15 matches found
Websense (Triton 7.6) Authentication Bypass
======= Summary ======= Name: Websense Triton 7.6 Authentication-bypass in report management UI Release Date: 30 April 2012 Reference: NGS00138 Discoverer: Ben Williams Vendor: Websense Vendor Reference: Systems Affected: Risk: High Status: Published ======== TimeLine ======== Discovered: 25...
Symantec pcAnywhere Insecure File Permissions / Privilege Escalation
======= Summary ======= Name: Symantec pcAnywhere insecure file permissions local privilege escalation Release Date: 30 April 2012 Reference: NGS00117 Discoverer: Edward Torkington Vendor: Symantec Vendor Reference: Systems Affected: Symantec pcAnywhere 12.5.x IT Management Suite 7.0 pcAnywhere...
Websense (Triton 7.6) Stored Cross Site Scripting
======= Summary ======= Name: Websense Triton 7.6 stored XSS in report management UI Release Date: 30 April 2012 Reference: NGS00141 Discoverer: Ben Williams Vendor: Websense Vendor Reference: Systems Affected: Risk: High Status: Published ======== TimeLine ======== Discovered: 2 November 2011...
NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI
======= Summary ======= Name: Websense Triton 7.6 Authentication-bypass in report management UI Release Date: 30 April 2012 Reference: NGS00138 Discoverer: Ben Williams [email protected] Vendor: Websense Vendor Reference: Systems Affected: Risk: High Status: Published ======== TimeLine...
NGS00117 Technical Advisory: Symantec pcAnywhere insecure file permissions local privilege escalation
======= Summary ======= Name: Symantec pcAnywhere insecure file permissions local privilege escalation Release Date: 30 April 2012 Reference: NGS00117 Discoverer: Edward Torkington [email protected] Vendor: Symantec Vendor Reference: Systems Affected: Symantec pcAnywhere 12.5.x IT...
NGS00120 Patch Notification: BlackBerry PlayBook Samba Remote Code Execution
High Risk Vulnerability in Samba on the BlackBerry PlayBook 23 February 2012 Andy Davis of NGS Secure has discovered a high risk vulnerability in the Samba service running on the BlackBerry PlayBook Impact: Remote Code Execution Versions affected: BlackBerry Tablet OS prior to v2.0.0.7971 More...
ImpressPages CMS 1.0.12 Code Execution
======= Summary ======= Name: Remote code execution in ImpressPages CMS Release Date: 5 January 2012 Reference: NGS00109 Discoverer: David Middlehurst Vendor: ImpressPages Vendor Reference: Systems Affected: ImpressPages CMS 1.0.12 Risk: High Status: Published ======== TimeLine ======== Discovere...
NGS00109 Patch Notification: ImpressPages CMS Remote code execution
High Risk Vulnerability in ImpressPages CMS 27 September 2011 David Middlehurst of NGS Secure has discovered a High risk vulnerability in ImpressPages CMS v1.0.12. Impact: Remote code execution Please update all instances of Impress Pages to the 1.0.13 release:...
Lumension Device Control Memory Corruption
======= Summary ======= Name: Lumension Device Control formerly Sanctuary remote memory corruption Release Date: 24 August 2011 Reference: NGS00054 Discoverer: Andy Davis Vendor: Lumension Vendor Reference: Systems Affected: Lumension Device Control v4.4 SR6 Risk: High Status: Published ========...
NGS00060 Technical Advisory: Blue Coat BCAAA Remote Code Execution Vulnerability
======= Summary ======= Name: Blue Coat BCAAA Remote Code Execution Vulnerability Release Date: 5 July 2011 Reference: NGS00060 Discoverer: Paul Harrington [email protected] Vendor: Blue Coat Systems Inc Vendor Reference: 2-358686722 Systems Affected: All versions of BCAAA associated...
NGS00052 Technical Advisory: Apple Mac OS X Image RAW Multiple Buffer Overflows
======= Summary ======= Name: OS X 10.6.6 Camera Raw Library Memory Corruption Release Date: 28 June 2011 Reference: NGS00052 Discoverer: Paul Harrington [email protected] Vendor: Apple Vendor Reference: 140299872 Systems Affected: OS X 10.6.6 with RawCamera.bundle 3.6 Risk: High...
NGS00057 Technical Advisory: Apple Mac OS X ImageIO Integer Overflow
======= Summary ======= Name: Apple Mac OS X ImageIO TIFF Integer Overflow Release Date: 28 June 2011 Reference: NGS00057 Discoverer: Dominic Chell [email protected] Vendor: Apple Vendor Reference: 142522746 Systems Affected: Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through...
NGS00051 Technical Advisory: Cisco VPN Client Privilege Escalation
======= Summary ======= Name: Cisco VPN Client Privilege Escalation Release Date: 28 June 2011 Reference: NGS00051 Discoverer: Gavin Jones [email protected] Vendor: Cisco Vendor Reference: Systems Affected: Cisco VPN client Windows 64 Bit Risk: High Status: Fixed ======== TimeLine =======...
NGS00054 Patch Notification: Lumension Device Control (formerly Sanctuary) remote memory corruption
Lumension Device Control formerly Sanctuary remote memory corruption 24/05/2011 Andy Davis of NGS Secure has discovered a high risk vulnerability in Lumension Device Control. Sending a specially crafted packet to a TCP service running on the Lumension Application Server results in a memory...
NGS00016 Technical Advisory: Immunity Debugger Buffer Overflow
======= Summary ======= Name: Immunity Debugger Buffer Overflow Release Date: 22 March 2011 Reference: NGS00016 Discoverer: Paul Harrington Vendor: Immunity Inc Vendor Reference: Support 3171 Systems Affected: Windows Risk: Low Status: Fixed ======== TimeLine ======== Discovered: 28 October 2010...