High risk vulnerability in Squiz CMS
20 August 2012
Robert Ray of NCC Group has discovered a High risk vulnerability in Squiz CMS
Impact: Directory Traversal
Versions affected:
Squiz CMS V11654
An updated version of the software has been released to address these
vulnerabilities:
High risk vulnerability in Moodle CMS
20 August 2012
Daniel Compton of NCC Group has discovered a High risk vulnerability in Moodle
CMS
Impact: Stored XSS
Versions affected:
Moodle v2.2.1
An updated version of the software has been released to address these
vulnerabilities:
High risk vulnerability in SysAid Helpdesk
20 August 2012
Daniel Compton of NCC Group has discovered a High risk vulnerability in SysAid
Helpdesk
Impact: Blind SQL injection
Versions affected:
SysAid Helpdesk Pro v8.5.04
An updated version of the software has been released to address these
High risk vulnerability in SysAid Helpdesk
20 August 2012
Daniel Compton of NCC Group has discovered a High risk vulnerability in SysAid
Helpdesk
Impact: Stored XSS
Versions affected:
SysAid Helpdesk Pro v8.5.04
An updated version of the software has been released to address these
High Risk Vulnerability in Microsoft Windows Remote Desktop
17 August 2012
Edward Torkington of NCC Group has discovered a High risk vulnerability in
Microsoft Windows Remote Desktop
Impact: Remote Code Execution
Versions affected: Windows XP SP3
An updated version of the software has been
High Risk Vulnerability in Nagios XI Network Monitor
2 July 2012
Daniel Compton of NCC Group has discovered a High risk vulnerability in Nagios
XI Network Monitor
Impact: Nagios XI Network Monitor Stored and Reflected XSS
Versions affected:
Nagios XI Network Monitor 2011R1.9
An updated
High Risk Vulnerability in Symantec Message Filter
2 July 2012
Ben Williams of NCC Group has discovered a High risk vulnerability in Symantec
Message Filter
Impact: Session Hijacking via session fixation
Versions affected:
Symantec Message Filter Version 6.3
An updated version of the
High Risk Vulnerability Oracle Grid Engine
30 April 2012
Edward Torkington of NGS Secure has discovered a High risk vulnerability in
Oracle Grid Engine
Impact: sgepasswd Buffer Overflow
Versions affected: version 6_2u7
This has been addresses as part of oracle April update:
===
Summary
===
Name: Websense (Triton 7.6) reflected XSS in report management UI
Release Date: 30 April 2012
Reference: NGS00137
Discoverer: Ben Williams ben.willi...@ngssecure.com
Vendor: Websense
Vendor Reference:
Systems Affected:
Risk: Medium
Status: Fixed
TimeLine
===
Summary
===
Name: Websense (Triton 7.6) Authentication-bypass in report management UI
Release Date: 30 April 2012
Reference: NGS00138
Discoverer: Ben Williams ben.willi...@ngssecure.com
Vendor: Websense
Vendor Reference:
Systems Affected:
Risk: High
Status: Published
===
Summary
===
Name: Websense (Triton 7.6) Unauthenticated remote command execution as SYSTEM
Release Date: 30 April 2012
Reference: NGS00140
Discoverer: Ben Williams ben.willi...@ngssecure.com
Vendor: Websense
Vendor Reference:
Systems Affected:
Risk: Critical
Status: Published
===
Summary
===
Name: Websense (Triton 7.6) stored XSS in report management UI
Release Date: 30 April 2012
Reference: NGS00141
Discoverer: Ben Williams ben.willi...@ngssecure.com
Vendor: Websense
Vendor Reference:
Systems Affected:
Risk: High
Status: Published
TimeLine
===
Summary
===
Name: Symantec pcAnywhere insecure file permissions local privilege escalation
Release Date: 30 April 2012
Reference: NGS00117
Discoverer: Edward Torkington edward.torking...@ngssecure.com
Vendor: Symantec
Vendor Reference:
Systems Affected:
Symantec pcAnywhere 12.5.x
IT
===
Summary
===
Name: Symantec pcAnywhere Remote Code Execution (Preauth)
Release Date: 30 April 2012
Reference: NGS00118
Discoverer: Edward Torkington edward.torking...@ngssecure.com
Vendor: Symantec
Vendor Reference:
Systems Affected:
Symantec pcAnywhere 12.5.x
IT Management Suite
High Risk Vulnerability in McAfee Email and Web Security Appliance
29 March 2012
Ben Williams of NGS Secure has discovered a high risk vulnerability in the
McAfee Email and Web Security Appliance
Impact: Reflective XSS allowing an attacker to gain session tokens
Versions affected:
All
Medium Risk Vulnerability in McAfee Email and Web Security Appliance
29 March 2012
Ben Williams of NGS Secure has discovered a medium risk vulnerability in the
McAfee Email and Web Security Appliance
Impact: Session hijacking and bypassing client-side session timeouts
Versions affected:
High Risk Vulnerability in McAfee Email and Web Security Appliance
29 March 2012
Ben Williams of NGS Secure has discovered a high risk vulnerability in the
McAfee Email and Web Security Appliance
Impact: Any logged-in user can bypass controls to reset passwords of other
administrators
If
Medium Risk Vulnerability in McAfee Email and Web Security Appliance
29 March 2012
Ben Williams of NGS Secure has discovered a medium risk vulnerability in the
McAfee Email and Web Security Appliance
Impact: Active session tokens of other users are disclosed within the UI
Versions affected:
Medium Risk Vulnerability in McAfee Email and Web Security Appliance
29 March 2012
Ben Williams of NGS Secure has discovered a medium risk vulnerability in the
McAfee Email and Web Security Appliance
Impact: Password hashes can be recovered from a system backup and easily cracked
Versions
Medium Risk Vulnerability in McAfee Email and Web Security Appliance
29 March 2012
Ben Williams of NGS Secure has discovered a medium risk vulnerability in the
McAfee Email and Web Security Appliance
Impact: Arbitrary file download is possible with a crafted URL, when logged in
as any user
High Risk Vulnerability in Samba
25 February 2012
Andy Davis of NGS Secure has discovered a high risk vulnerability in the Samba
service
Impact: Remote Code Execution
Versions affected: Samba versions up to 3.4.0
More details about this vulnerability and how to obtain software updates can
High Risk Vulnerability in Samba on the BlackBerry PlayBook
23 February 2012
Andy Davis of NGS Secure has discovered a high risk vulnerability in the Samba
service running on the BlackBerry PlayBook
Impact: Remote Code Execution
Versions affected:
BlackBerry Tablet OS prior to v2.0.0.7971
Critical Vulnerability in Symantec PCAnywhere
25 January 2012
Edward Torkington of NGS Secure has discovered a critical vulnerability in
Symantec PCAnywhere
Impact: Remote Code Execution (pre-auth) as SYSTEM
Versions affected:
Symantec pcAnywhere 12.5.x
IT Management Suite 7.0 pcAnywhere
High Risk Vulnerability in Symantec PCAnywhere
25 January 2012
Edward Torkington of NGS Secure has discovered a high risk vulnerability in
Symantec PCAnywhere
Impact: Local Privilege Escalation
Versions affected:
Symantec pcAnywhere 12.5.x
IT Management Suite 7.0 pcAnywhere Solution 12.5.x
Critical Vulnerability in DataArmor and DriveArmor
24 January 2012
Stuart Passe of NGS Secure has discovered a Critical vulnerability in DataArmor
and DriveArmor.
Impact: Restricted Environment breakout, Privilege Escalation and Full Disk
Decryption
Versions affected:
DataArmor 3.0.10 or
===
Summary
===
Name: Remote code execution in ImpressPages CMS
Release Date: 5 January 2012
Reference: NGS00109
Discoverer: David Middlehurst david.middlehu...@ngssecure.com
Vendor: ImpressPages
Vendor Reference:
Systems Affected: ImpressPages CMS 1.0.12
Risk: High
Status: Published
===
Summary
===
Name: Increased exploitation of Oracle GlassFish Server Administration Console
Remote Authentication Bypass Vulnerability
Release Date: 5 January 2012
Reference: NGS00106
Discoverer: David Spencer david.spen...@ngssecure.com
Vendor: Oracle
Vendor Reference:
Systems
High Risk Vulnerability in Websense Triton
15 December 2011
Ben Williams of NGS Secure has discovered a High risk vulnerability in Websense
Impact: Authentication bypass
Versions affected include:
Websense Web Security Gateway Anywhere v7.6
Websense Web Security Gateway v7.6
Websense Web
Medium Risk Vulnerability in Websense Triton
15 December 2011
Ben Williams of NGS Secure has discovered a Medium risk vulnerability in
Websense
Impact: Reflected XSS
Versions affected include:
Websense Web Security Gateway Anywhere v7.6
Websense Web Security Gateway v7.6
Websense Web
Critical Vulnerability in Websense Triton
15 December 2011
Ben Williams of NGS Secure has discovered a Critical vulnerability in Websense
Impact: Unauthenticated remote command execution as SYSTEM
Versions affected include:
Websense Web Security Gateway Anywhere v7.6
Websense Web Security
High risk Vulnerability in Websense Triton
15 December 2011
Ben Williams of NGS Secure has discovered a High risk vulnerability in Websense
Impact: Stored XSS
Versions affected include:
Websense Web Security Gateway Anywhere v7.6
Websense Web Security Gateway v7.6
Websense Web Security v7.6
High Risk Vulnerability in FFmpeg
23 November 2011
Phillip Langlois of NGS Secure has discovered a High risk vulnerability in
FFmpeg
Impact: Remote code execution
Versions affected include:
FFmpeg 0.7.8
This issue is addressed in v0.7.8 and v0.8.7, which can be downloaded at:
High Risk Vulnerability in FFmpeg
23 November 2011
Phillip Langlois of NGS Secure has discovered a High risk vulnerability in
FFmpeg
Impact: Remote code execution
Versions affected include:
FFmpeg 0.7.8
This issue is addressed in v 0.7.8 and v0.8.7, which can be downloaded at:
High Risk Vulnerability in FFmpeg
23 November 2011
Phillip Langlois of NGS Secure has discovered a High risk vulnerability in
FFmpeg
Impact: Remote code execution
Versions affected include:
FFmpeg 0.7.8
This issue is addressed in v 0.7.8 and v0.8.7, which can be downloaded at:
===
Summary
===
Name: Solaris 11 USB hub class descriptor kernel stack overflow
Release Date: 2 November 2011
Reference: NGS00042
Discoverer: Andy Davis andy.da...@ngssecure.com
Vendor: Oracle
Vendor Reference:
Systems Affected: Solaris 8, 9, 10, and 11 Express
Risk: High
Status:
===
Summary
===
Name: Apple OSX / iPhone iOS ImageIO TIFF getBandProcTIFF TileWidth Heap
Overflow
Reference: NGS00062
Discoverer: Dominic Chell dominic.ch...@ngssecure.com
Vendor: Apple
Vendor Reference: 145575681
Systems Affected: Apple OSX / iPhone iOS / Possibly others using LibTiff
High Risk Vulnerability in ImpressPages CMS
27 September 2011
David Middlehurst of NGS Secure has discovered a High risk vulnerability in
ImpressPages CMS v1.0.12.
Impact: Remote code execution
Please update all instances of Impress Pages to the 1.0.13 release:
Vulnerable SUID script in (nomachine) NX Server for Linux 3.5.0-4 (Advanced and
Enterprise across redhat and debian hosts)
21 September 2011
NGS Secure has discovered a High risk vulnerability in (nomachine) NX Server
for Linux 3.5.0-4 (Advanced and Enterprise across redhat and debian hosts).
===
Summary
===
Name: LibAVCodec AMV Out of Array Write
Release Date: 31 July 2011
Reference: NGS00068
Discoverer: Dominic Chell dominic.ch...@ngssecure.com
Vendor: VideoLAN
Vendor Reference: CVE-2011-1931
Systems Affected: VLC media player 1.1.9 and earlier releases
Risk: High
Status:
Solaris USB configuration descriptor kernel stack overflow (CVE-2011-2295)
25 July 2011
Andy Davis of NGS Secure has discovered a High risk vulnerability in Oracle
Solaris. A local attacker can send a malformed USB configuration descriptor via
a malicious USB device and trigger a kernel stack
Apple Mac OS X ImageIO TIFF Heap Overflow - CVE-2011-0204
28/06/2011
Dominic Chell of NGS Secure has discovered a High risk vulnerability in Mac OS
X ImageIO. Viewing a maliciously crafted TIFF image may lead to an unexpected
application termination or arbitrary code execution
Versions
===
Summary
===
Name: OS X 10.6.6 Camera Raw Library Memory Corruption
Release Date: 28 June 2011
Reference: NGS00052
Discoverer: Paul Harrington paul.harring...@ngssecure.com
Vendor: Apple
Vendor Reference: 140299872
Systems Affected: OS X 10.6.6 with RawCamera.bundle 3.6
Risk: High
===
Summary
===
Name: Apple Mac OS X ImageIO TIFF Integer Overflow
Release Date: 28 June 2011
Reference: NGS00057
Discoverer: Dominic Chell dominic.ch...@ngssecure.com
Vendor: Apple
Vendor Reference: 142522746
Systems Affected: Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through
Lumension Device Control (formerly Sanctuary) remote memory corruption
24/05/2011
Andy Davis of NGS Secure has discovered a high risk vulnerability in Lumension
Device Control. Sending a specially crafted packet to a TCP service running on
the Lumension Application Server results in a memory
LibAVCodec AMV Out of Array Write
27/04/2011
Dominic Chell of NGS Secure has discovered a high risk vulnerability in
LibAVCodec. Opening a malformed AMV file can result in an out of array write
and potentially arbitrary code execution when using this library. Whilst the
vulnerability may
High Risk Vulnerability in Cisco VPN client (Windows 64 bit)
25 March 2011
Gavin Jones of NGS Secure has discovered a High risk vulnerability in the Cisco
VPN client (Windows 64 bit).
Impact: Privilege Escalation
Cisco has released a patch that addresses the issue. The announcement of this
to responsible disclosure.
NGS Secure Research
http://www.ngssecure.com
Research@NGSSecure
NGS Secure
,
Telephone:
Mobile:
Fax:
Website: www.ngssecure.comhttp://www.ngssecure.com
Email: resea...@ngssecure.commailto:resea...@ngssecure.com
[http
/products_security_response09186a0080b5992c.html
Patches can be downloaded from Cisco's online support portal at:
http://www.cisco.com
NGS Secure Research
http://www.ngssecure.com
Research@NGSSecure
NGS Secure
,
Telephone:
Mobile:
Fax:
Website: www.ngssecure.comhttp
/
NGS Secure Research
http://www.ngssecure.com
Research@NGSSecure
NGS Secure
,
Telephone:
Mobile:
Fax:
Website: www.ngssecure.comhttp://www.ngssecure.com
Email: resea...@ngssecure.commailto:resea...@ngssecure.com
[http://www.nccgroup.com/_client/images
the NGS Secure
approach to responsible disclosure.
NGS Secure Research
http://www.ngssecure.com
Research@NGSSecure
NGS Secure
,
Telephone:
Mobile:
Fax:
Website: www.ngssecure.comhttp://www.ngssecure.com
Email: resea...@ngssecure.commailto:resea
50 matches
Mail list logo