Corsaire Security Advisory - The VMware ESX Server product will allow a local attacker to gain access to users' (including root's) passwords under certain conditions via a cookie issue.
7d94b30ef247c8df7d87e8885665988e245aa6bdd92034fae2049c0c90a4cc46Corsaire Security Advisory - The VMware ESX Server product will allow a local attacker to read users' (including root's) passwords under certain conditions.
0496ab765de22a5820ee6012fc38444603ee124876d472340221a100c0ffa212Corsaire Security Advisory - The VMware ESX Server product will allow a remote attacker to set arbitrary passwords for users under certain conditions.
ce767781800241562f4b89adcec9e7065422afca428c1e9f89e007b48ae77c10Corsaire Security Advisory - The aim of this document is to clearly define a vulnerability in the HP Ignite-UX product, as supplied by HP Inc., that would allow unauthenticated write access to the host filesystem, both remotely and locally.
bd7fc27a50d40ede02ba72bc8f8469bd365c3aa828f2f6c856f3e5b6b6c4fa87Corsaire Security Advisory - The aim of this document is to clearly define a vulnerability in the HP Ignite-UX product, as supplied by HP Inc., that would allow unauthenticated access to a copy of the /etc/passwd file.
795d1dc86a63b7e0c62cc4672e2505d6773a262bd53570e6651222f8b8c385cfCorsaire Security Advisory - The SAP Internet Graphics Server versions below 6.40 Patch 11 are susceptible to a directory traversal attack.
bc1bf9061a5b291ddad02fbb0d9b84f70b54b11e4937e46f27f17ae2e47c5288Corsaire Security Advisory - The aim of this document is to define a vulnerability in the 3300 Integrated Communication Platform as supplied by Mitel, that allows an authenticated user to deny access to other users of the web management interface.
975e7ff38467f1f73f0361754991c5f6a3c6b8613b59d5b5570edc6342651883Corsaire Security Advisory - The aim of this document is to define a vulnerability in the 3300 Integrated Communication Platform as supplied by Mitel, that allows a remote attacker to hijack legitimate users' web management sessions.
115de7ef495ee50d9d76e6880e5af65008e64ba19a3af0d399223d9479b4c5baCorsaire Security Advisory - The aim of this document is to define a vulnerability in the Netopia Timbuktu 7.0.3 product for Mac OS X that suffers from a buffer overflow.
cbc907a49668c0fcf9a73b904dee166db917a6d624962997421a44440286d2aeCorsaire Security Advisory - The aim of this document is to clearly define several vulnerabilities in the Danware NetOp Host product that suffers from multiple information disclosure issues.
42db080f94b4a9d2053f5f711e043ba751541dcd77b4eb01d14059438cd13bceCorsaire Security Advisory - By using malformed MIME encapsulation techniques centered on the presence of fields containing an RFC822 comment, embedded file attachment blocking functionality can be evaded.
74251de47904aae76e4bffb4f916da01cf56d98e7b1ed49b5e0f83010829c5b5Corsaire Security Advisory - By using malformed MIME encapsulation techniques centered on the presence of non-standard separators, embedded file attachment blocking functionality can be evaded.
66ff35c775b45519831713986c8df93cd3e7b62b318c9ec3b8e112458a53ce8eCorsaire Security Advisory - By using MIME encapsulation techniques centered on both standard and non-standard Content-Transfer-Encoding mechanisms, embedded file attachment blocking functionality can be evaded.
35436f55f94abd49272c41efd63997ec83f2d27a43061abf56462b465653327bCorsaire Security Advisory - There are a number of content security gateway and anti-virus products available that provide policy based security functionality. Part of this functionality allows the products to block embedded file attachments based on their specific content type, such as executables or those containing viruses. However, by using malformed MIME encapsulation techniques centered on the presence of multiple occurrences of fields, this functionality can be evaded.
861f18b0357c439502c07a12285b7d20b18584f5ea50adaee7fcfa7ffc20f5c2Corsaire Security Advisory - Clearswift MAILsweeper versions prior to 4.3.15 do not detect a number of common compression formats, for which it is listed as compatible, and in certain circumstances also fails to identify the name of file attachments when they are encoded.
3f047f592c34f90980051f2bc93509140eefe357ea985ae9b8430829c523dfa8Corsaire Security Advisory - Sygate Enforcer releases prior to 3.5MR1 allow unauthenticated broadcast traffic to pass through.
21d9a16475777b2c30bcd941e5e7faebe82c5cfe876f2a8709cdc45163e95f60Corsaire Security Advisory - Sygate Secure Enterprise versions prior to 3.5MR3 are susceptible to a replay attack that allows for resource exhaustion.
9518fde350500d8f1f17561d136500ea61cea2c37c0fb9f6ff05042d4ef28006Corsaire Security Advisory - Sygate Enforcer 4.0 and prior releases are susceptible to a denial of service attack via malformed discovery packets.
c0ffd3b2d0fc4b2f508557dda3a080b8daea38175bc4d73cf4d1a38f69678deeCorsaire Security Advisory - The ServerMask 2.0 product from Port80 fails to full obfuscate header fields as promoted in their functionality. Detailed exploitation given.
7c87da8d19d481cd57af93b5bfb5090c438a002b7e201a42d24b3a916a318bc3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed