Softbank, NTT Docomo, KDDI Security Vulnerabilities

CentOS Update for samba3x CESA-2011:1220 centos5 x86_64

Check for the Version of...

RedHat Update for samba and cifs-utils RHSA-2011:1221-01

Check for the Version of samba and...

CVE-2012-1244

The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...

CVE-2012-1244

The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...

Information disclosure

The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...

CVE-2012-1244

The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...

JVN#82029095: sp mode mail issue in the verification of SSL certificates

sp mode mail provided by NTT DOCOMO contains an issue in the verification of the SSL server certificate. ## Impact Since no warning is issued when connecting to a server that is using an invalid SSL server certificate, a remote attacker may be able to intercept communications. ## Solution...

(RHSA-2012:0075) Important: jbossweb security update

JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages (JSP) and Java Servlet technologies. A flaw was found in the way JBoss Web handled UTF-8 surrogate pair characters. If JBoss Web was...

(RHSA-2012:0074) Important: jbossweb security update

JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages (JSP) and Java Servlet technologies. A flaw was found in the way JBoss Web handled UTF-8 surrogate pair characters. If JBoss Web was...

(RHSA-2012:0076) Important: jbossweb security update

JBoss Web is a web container based on Apache Tomcat. It provides a single deployment platform for the JavaServer Pages (JSP) and Java Servlet technologies. A flaw was found in the way JBoss Web handled UTF-8 surrogate pair characters. If JBoss Web was hosting an application with UTF-8 character...

CentOS 5 : samba3x (CESA-2011:1220)

Updated samba3x packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings,...

CentOS Update for samba3x CESA-2011:1220 centos5 i386

Check for the Version of...

CentOS Update for libsmbclient CESA-2011:1219 centos5 i386

Check for the Version of...

CentOS Update for samba CESA-2011:1219 centos4 i386

Check for the Version of...

RedHat Update for samba RHSA-2011:1219-01

Check for the Version of...

RedHat Update for samba3x RHSA-2011:1220-01

Check for the Version of...

samba3x security update

CentOS Errata and Security Advisory CESA-2011:1220 Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting (XSS) flaw was found in the password change page of the Samba Web Administration Tool (SWAT). If a remote attacker could trick a.....

RHEL 6 : samba and cifs-utils (RHSA-2011:1221)

Updated samba and cifs-utils packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give...

RHEL 5 : samba3x (RHSA-2011:1220)

Updated samba3x packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings,...

CentOS 4 / 5 : samba (CESA-2011:1219)

Updated samba packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity...

libsmbclient, samba security update

CentOS Errata and Security Advisory CESA-2011:1219 Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting (XSS) flaw was found in the password change page of the Samba Web Administration Tool (SWAT). If a remote attacker could trick a.....

(RHSA-2011:1220) Moderate: samba3x security update

Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting (XSS) flaw was found in the password change page of the Samba Web Administration Tool (SWAT). If a remote attacker could trick a user, who was logged into the SWAT interface, into.....

(RHSA-2011:1221) Moderate: samba and cifs-utils security and bug fix update

Samba is a suite of programs used by machines to share files, printers, and other information. The cifs-utils package contains utilities for mounting and managing CIFS (Common Internet File System) shares. A cross-site scripting (XSS) flaw was found in the password change page of the Samba Web...

(RHSA-2011:1219) Moderate: samba security update

Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting (XSS) flaw was found in the password change page of the Samba Web Administration Tool (SWAT). If a remote attacker could trick a user, who was logged into the SWAT interface, into.....

Cross-Site Scripting vulnerability in SWAT

Description All current released versions of Samba are vulnerable to a cross-site scripting issue in the Samba Web Administration Tool (SWAT). On the "Change Password" field, it is possible to insert arbitrary content into the "user" field. This issue is only exploitable if CVE-2011-2522 has not...

Unfixed XSS vulnerability at www.carsguide.com.au

Security researcher db, has submitted on 29/11/2010 a cross-site-scripting (XSS) vulnerability affecting www.carsguide.com.au, which at the time of submission ranked 35403 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is...

Unfixed XSS vulnerability at search.babeland.com

Security researcher Cface, has submitted on 25/04/2010 a cross-site-scripting (XSS) vulnerability affecting search.babeland.com, which at the time of submission ranked 26019 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 17/02/2012. It is...

Unfixed XSS vulnerability at bookwizard.scholastic.com

Security researcher thejanky, has submitted on 02/10/2010 a cross-site-scripting (XSS) vulnerability affecting bookwizard.scholastic.com, which at the time of submission ranked 4727 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 28/12/2011. It.....

Unfixed XSS vulnerability at www.homedepot.ca

Security researcher PaPPy, has submitted on 12/01/2009 a cross-site-scripting (XSS) vulnerability affecting www.homedepot.ca, which at the time of submission ranked 11166 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/07/2009. It is...

Unfixed XSS vulnerability at search.nationalpetpharmacy.com

Security researcher tenest, has submitted on 22/06/2009 a cross-site-scripting (XSS) vulnerability affecting search.nationalpetpharmacy.com, which at the time of submission ranked 217897 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on...

Fixed XSS vulnerability at www.vwrsp.com

Security researcher b4xX, has submitted on 23/01/2009 a cross-site-scripting (XSS) vulnerability affecting www.vwrsp.com, which at the time of submission ranked 182328 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/06/2009. It is currently...

Cisco Security Response: Cisco IOS Cross-Site Scripting Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Response: Cisco IOS Cross-Site Scripting Vulnerabilities http://www.cisco.com/warp/public/707/cisco-sr-20090114-http.shtml Revision 1.0 For Public Release 2009 January 14 1600 UTC (GMT) Cisco Response Two separate Cisco IOS Hypertext...

Unfixed XSS vulnerability at www.childrensplace.com

Security researcher tenest, has submitted on 01/11/2009 a cross-site-scripting (XSS) vulnerability affecting www.childrensplace.com, which at the time of submission ranked 9288 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/07/2010. It is...

Unfixed XSS vulnerability at www.ajmadison.com

Security researcher holisticinfosec, has submitted on 11/03/2008 a cross-site-scripting (XSS) vulnerability affecting www.ajmadison.com, which at the time of submission ranked 52923 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 19/03/2008. It.....

Unfixed XSS vulnerability at www.ohsu.edu

Security researcher Tr0jAn, has submitted on 29/10/2008 a cross-site-scripting (XSS) vulnerability affecting www.ohsu.edu, which at the time of submission ranked 42656 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/11/2008. It is currently...

Unfixed XSS vulnerability at network.bestfriends.org

Security researcher skathgh420, has submitted on 30/08/2008 a cross-site-scripting (XSS) vulnerability affecting network.bestfriends.org, which at the time of submission ranked 59019 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/07/2009. It....

Unfixed XSS vulnerability at www.boats.com

Security researcher mckt, has submitted on 16/08/2008 a cross-site-scripting (XSS) vulnerability affecting www.boats.com, which at the time of submission ranked 27077 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/08/2008. It is currently...

Unfixed XSS vulnerability at www.bakker-belgique.com

Security researcher Mystick, has submitted on 06/10/2008 a cross-site-scripting (XSS) vulnerability affecting www.bakker-belgique.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 24/12/2008. It is...

Unfixed XSS vulnerability at www.innerauto.com

Security researcher Mike Bailey, has submitted on 31/05/2008 a cross-site-scripting (XSS) vulnerability affecting www.innerauto.com, which at the time of submission ranked 48687 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/06/2008. It is...

Unfixed XSS vulnerability at search.redenvelope.com

Security researcher general, has submitted on 19/05/2008 a cross-site-scripting (XSS) vulnerability affecting search.redenvelope.com, which at the time of submission ranked 21118 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/05/2008. It is.....

Unfixed XSS vulnerability at www.littletikes.com

Security researcher tenest, has submitted on 16/05/2008 a cross-site-scripting (XSS) vulnerability affecting www.littletikes.com, which at the time of submission ranked 75047 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/05/2008. It is...

Unfixed XSS vulnerability at search.trln.org

Security researcher Zeryus, has submitted on 14/05/2008 a cross-site-scripting (XSS) vulnerability affecting search.trln.org, which at the time of submission ranked 2268094 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/07/2008. It is...

Unfixed XSS vulnerability at www.bakker.fr

Security researcher SylTroX, has submitted on 05/10/2008 a cross-site-scripting (XSS) vulnerability affecting www.bakker.fr, which at the time of submission ranked 345091 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/10/2008. It is...

Unfixed XSS vulnerability at www2.partstrain.com

Security researcher C1c4Tr1Z, has submitted on 29/04/2008 a cross-site-scripting (XSS) vulnerability affecting www2.partstrain.com, which at the time of submission ranked 13275 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/04/2008. It is...

Unfixed XSS vulnerability at www.bookcloseouts.com

Security researcher AppleJax, has submitted on 04/08/2008 a cross-site-scripting (XSS) vulnerability affecting www.bookcloseouts.com, which at the time of submission ranked 112808 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/08/2008. It is....

Unfixed XSS vulnerability at bluefly.com

Security researcher holisticinfosec, has submitted on 25/03/2008 a cross-site-scripting (XSS) vulnerability affecting bluefly.com, which at the time of submission ranked 7399 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/04/2008. It is...

Unfixed XSS vulnerability at www.northerntool.com

Security researcher holisticinfosec, has submitted on 19/02/2008 a cross-site-scripting (XSS) vulnerability affecting www.northerntool.com, which at the time of submission ranked 21785 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/02/2008......

Unfixed XSS vulnerability at www.interstatebatteries.com

Security researcher holisticinfosec, has submitted on 19/02/2008 a cross-site-scripting (XSS) vulnerability affecting www.interstatebatteries.com, which at the time of submission ranked 187915 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on...

Unfixed XSS vulnerability at www.gohastings.com

Security researcher Gr33dy, has submitted on 16/02/2008 a cross-site-scripting (XSS) vulnerability affecting www.gohastings.com, which at the time of submission ranked 154157 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/03/2008. It is...

Unfixed XSS vulnerability at www.kay.com

Security researcher holisticinfosec, has submitted on 28/01/2008 a cross-site-scripting (XSS) vulnerability affecting www.kay.com, which at the time of submission ranked 25625 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 15/03/2008. It is...