36 matches found
F5 Networks BIG-IP : Linux kernel vulnerability (SOL16477)
The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIGCIFSDFSUPCALL is enabled, relies on a user's keyring for the dnsresolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform...
F5 Networks BIG-IP : GNU C Library vulnerability (SOL15885)
The GNU C Library aka glibc or libc6 before 2.12.2 and Embedded GLIBC EGLIBC allow context-dependent attackers to execute arbitrary code or cause a denial of service memory consumption via a long UTF8 string that is used in an fnmatch call, aka a 'stack extension attack,' a related issue to...
F5 Networks BIG-IP : GnuTLS vulnerability (SOL15637)
The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169. C Tenable Network Security, Inc. The...
CVE-2014-7157
Cross-site scripting XSS vulnerability in Exinda WAN Optimization Suite 7.0.0 2160 allows remote attackers to inject arbitrary web script or HTML via the tabsel parameter to admin/launch...
CVE-2014-7158
Cross-site request forgery CSRF vulnerability in Exinda WAN Optimization Suite 7.0.0 2160 allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a request to admin/launch...
Cross site scripting
Cross-site scripting XSS vulnerability in Exinda WAN Optimization Suite 7.0.0 2160 allows remote attackers to inject arbitrary web script or HTML via the tabsel parameter to admin/launch...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Exinda WAN Optimization Suite 7.0.0 2160 allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a request to admin/launch...
CVE-2014-7157
Cross-site scripting XSS vulnerability in Exinda WAN Optimization Suite 7.0.0 2160 allows remote attackers to inject arbitrary web script or HTML via the tabsel parameter to admin/launch...
CVE-2014-7158
Cross-site request forgery CSRF vulnerability in Exinda WAN Optimization Suite 7.0.0 2160 allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a request to admin/launch...
CVE-2014-7158
The CVE-2014-7158 entry concerns Exinda WAN Optimization Suite 7.0.0 (2160) and is a Cross-site request forgery (CSRF) vulnerability that could allow remote attackers to hijack an administrator’s session to perform actions such as changing the admin password via a request to /admin/launch. Public...
CVE-2014-7157
The CVE-2014-7157 entry concerns Exinda WAN Optimization Suite 7.0.0 (2160) with a Cross-site scripting (XSS) vulnerability exposed via the tabsel parameter to /admin/launch. The affected component is the web interface; the root cause is lack of input validation for the tabsel parameter, enabling...
Exinda WAN Optimization Suite 7.0.0 CSRF / XSS Vulnerabilities
Exinda WAN Optimization Suite version 7.0.0 2160 suffers from cross site request forgery and cross site scripting vulnerabilities. I. VULNERABILITY ------------------------- XSS Reflected vulnerabilities and CSRF in Exinda WAN Optimization Suite II. BACKGROUND ------------------------- WAN...
Exinda WAN Optimization Suite 7.0.0 CSRF / XSS
I. VULNERABILITY ------------------------- XSS Reflected vulnerabilities and CSRF in Exinda WAN Optimization Suite II. BACKGROUND ------------------------- WAN Optimization Suite integrates enterprise-caliber bandwidth acceleration and optimization with best-in-class application network visibilit...
K10905 : NTP vulnerability - CVE-2009-3563
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...
Microsoft Windows BranchCache Insecure Library Loading (MS10-095; CVE-2010-3966)
BranchCache is a wide area network WAN bandwidth optimization technology that is included in some editions of the Windows Server 2008 R2 and Windows 7 operating systems. To optimize WAN bandwidth, BranchCache copies content from your main office content servers and caches the content at branch...
SOL2593 - Buffer overflow in zlib - CAN-2003-0107
Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, refer to SOL4602: Overview of F5 Networks securi...