847.221.0200  Main Office
800.925.0559  INCIDENT RESPONSE HOTLINE

Halock Blog

CVE-2016-2046 – CROSS SITE SCRIPTING IN SOPHOS UTM 9 »

Title: CVE-2016-2046 – CROSS SITE SCRIPTING IN SOPHOS UTM 9
Product: Sophos UTM 9
Vendor: Sophos
Version: 9.350-12 with pattern version 92405 (potentially lower)
Vendor Notified Date: December 14, 2015
Vendor Resolved Date: December 18, 2015
Release Date: January 28, 2016
Risk: Medium
Authentication: Not Required
Remote: Yes
Description:
A cross-site scripting vulnerability exists in Sophos UTM 9.350-12 with pattern version 92405 that allows attackers to … Read More »

CVE-2014-4980 Parameter Tampering in Nessus Web UI – Remote Information Disclosure »

Title: CVE-2014-4980 Parameter Tampering in Nessus Web UI – Remote Information Disclosure
Product: Nessus
Vendor: Tenable Network Security
Version: Nessus 5.2.3-5.2.7 – Web UI 2.3.4 (potentially lower)
Vendor Notified Date: June 24, 2014
Vendor Resolved Date: June 25, 2014
Release Date: July 18, 2014
Risk: Medium
Authentication: Not Required
Remote: Yes
Description:

A parameter tampering vulnerability exists in Nessus 5.2.7 and potentially below that allows remote … Read More »

Understanding and Fixing the Heartbleed Vulnerability »


Now that you know that Heartbleed is potentially exposing your secure systems to malicious hackers, you need to know what to do about it. Not only does that mean you need to secure your systems (even the ones you don’t yet know use Open SSL), but you also need to be able to understand … Read More »

CVE-2013-3734 – JBoss AS Administration Console – Password Returned in Later Response »

Product: Embedded Jopr – JBoss AS Administration Console
Vendor: Red Hat Middleware, LLC
Version: < 1.2
Tested Version: 1.2
Vendor Notified Date: May 29, 2013
Release Date: June 03, 2013
Risk: Moderate
Authentication: Required
Remote: Yes
 
Description:
Passwords submitted to the application are returned in clear form in later responses from the application. Although the password filed is masked, it is viewable via the page … Read More »

CVE-2013-1402 – DigiLIBE Management Console – Execution After Redirect (EAR) Vulnerability »

Overview
DigiLIBE 3.4 and possibly other versions sends a redirect but does not exit, which allows remote attackers to obtain sensitive configuration information via a direct request to configuration/general_configuration.html.
Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 10.0
CVSS Version 2 Metrics:

Access Vector: Network exploitable
Access Complexity: Low
Authentication: Not required to exploit
Impact Type:Allows unauthorized … Read More »

View Older Posts