Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA Document ID: 105444 Advisory ID: cisco-sa-20080604-asa http://www.cisco.com/warp/public/707/cisco-sa-20080604-asa.shtml Revision 1.0 For Public Release 2008 June 04 1600 UTC...

Code injection

Cisco Adaptive Security Appliance ASA and Cisco PIX security appliance 7.2.x before 7.232 and 8.0.x before 8.0217 allows remote attackers to cause a denial of service device reload via a port scan against TCP port 443 on the device...

CVE-2008-2058

Cisco Adaptive Security Appliance ASA and Cisco PIX security appliance 7.2.x before 7.232 and 8.0.x before 8.0217 allows remote attackers to cause a denial of service device reload via a port scan against TCP port 443 on the device...

Norton AntiVirus causes abnormal OS termination when scanning illegal files

Overview Symantec Norton AntiVirus 2004 and 2005 contain a vulnerability that causes an abnormal operating system termination of a computer, when their real-time scan feature is enabled and examining a file with a specially crafted file header. Impact An attacker could cause an abnormal OS...

CCC Cleaner buffer overflow vulnerability

Overview CCC Cleaner, provided by Cyber Clean Center between January 25 and February 9, 2007, contains a buffer overflow vulnerability that occurs when it scans UPX-packed executables. This vulnerability is caused by a buffer overflow vulnerability in the scan processing of UPX compressed...

Command injection

The SIP Proxy SIPD service in Cisco Unified Presence before 6.03 allows remote attackers to cause a denial of service core dump and service interruption via a TCP port scan, aka Bug ID CSCsj64533...

CVE-2008-2122

IBM Rational Build Forge 7.0.2 allows remote attackers to cause a denial of service CPU consumption via a port scan, which spawns multiple bfagent server processes that attempt to read data from closed sockets...

Code injection

IBM Rational Build Forge 7.0.2 allows remote attackers to cause a denial of service CPU consumption via a port scan, which spawns multiple bfagent server processes that attempt to read data from closed sockets...

CVE-2008-2122

CVE-2008-2122 affects IBM Rational Build Forge 7.0.2. A port scan can trigger multiple bfagent server processes that attempt to read from closed sockets, causing CPU consumption and a DoS (availability impact). Public references describe the issue as remote, with the impact described as partial (...

PT-2008-3637 · Ibm · Ibm Rational Build Forge

Name of the Vulnerable Software and Affected Versions: IBM Rational Build Forge version 7.0.2 Description: The issue allows remote attackers to cause a denial of service, resulting in CPU consumption. This is achieved via a port scan, which spawns multiple bfagent server processes that attempt to...

Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================ Kmita Mail = 3.0 file Remote File Inclusion Vulnerability ============================================================ \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /...

adv93-K-159-2008.txt

ECHOADV93$2008 ----------------------------------------------------------------------------------------- ECHOADV93$2008 Kmita Tellfriend = 2.0 file Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran...

Integrity Clientless Security (ICS) Update 3.7.220.0

Check Point Integrity ™ Clientless Security ICS protects your Web site by detecting and disabling spyware processes and allowing you to enforce security policies before a user logs onto your network. Using ICS you can prevent users with potentially harmful software from accessing your Web site, a...

Symantec AntiVirus Scan Engine Detection

Symantec AntiVirus Scan Engine, a TCP/IP service with a programming interface to allow integration with third-party products, is installed on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid31857; scriptversion"1.17";...

AIX 530007 : U815876

The remote host is missing AIX PTF U815876 which is related to the security of the package X11.motif.lib You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

Design/Logic Flaw

Insecure method vulnerability in the Web Scan Object ActiveX control OL2005.dll in Rising Antivirus Online Scanner allows remote attackers to force the download and execution of arbitrary code by setting the BaseURL property and invoking the UpdateEngine method. NOTE: some of these details are...

Trend Micro OfficeScan Policy Server CGI buffer overflow

Added: 03/03/2008 CVE: CVE-2008-1365 BID: 28020 OSVDB: 42500 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in the Policy Server for Cisco NAC component allows remote attackers to execute arbitrary commands by...

Trend Micro OfficeScan Policy Server CGI buffer overflow

Added: 03/03/2008 CVE: CVE-2008-1365 BID: 28020 OSVDB: 42500 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in the Policy Server for Cisco NAC component allows remote attackers to execute arbitrary commands by...

iDefense Security Advisory 02.26.08: Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability

iDefense Security Advisory 02.26.08 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 26, 2008 I. BACKGROUND Symantec Scan Engine is a standalone Anti-Virus Engine that exposes a scanning Application Programming Interface API directly to developers who wish to integrate protection into...

iDefense Security Advisory 02.26.08: Symantec Scan Engine 5.1.2 RAR File Buffer Overflow Vulnerability

iDefense Security Advisory 02.26.08 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 26, 2008 I. BACKGROUND Symantec Scan Engine is a standalone Anti-Virus Engine that exposes a scanning Application Programming Interface API directly to developers who wish to integrate protection into...