Apache Tapestry version 5.3.6 suffers from a timing attack vulnerability during HMAC verification.
2b8427db67e3d329acc8cb4dfc1895672828a371a3235ea047dedb0c4abe8079Vulnerabilities were identified in the iStar Ultra and IP-ACM boards offered by Software House. The communications between the IP-ACM and the iStar Ultra is encrypted using a fixed AES key and IV. Each message is encrypted in CBC mode and restarts with the fixed IV, leading to replay attacks of entire messages. There is no authentication of messages beyond the use of the fixed AES key, so message forgery is also possible.
204786b1402fdbec34ba89ae4fe9ceed678dd3d6096ef0880cd0a2f1ff6cb00dBelden GarrettCom 6K and 10KT series suffer from suffers from buffer overflow, authentication bypass, information disclosure, and other vulnerabilities.
49d1717295169be58fe33b4c7d8306f29f0d9e8f045dbaf9cda485d36d3f2e48Alerton Webtalk versions 2.5 and 3.3 suffer from cross site request forgery, password hash disclosure, command injection, and login flow vulnerabilities.
be96769dc81301b02252f6d8006cd1b6c3c22bae6c57e3450ff6953e9cded4f6ObiHai ObiPhone 1032/1062 with firmware less than 5-0-0-3497 suffers from buffer overflow, cross site scripting, cross site request forgery, command injection, denial of service, and various other vulnerabilities.
c01c956473f4e72a247182e6bcb22fe0af02e5eb1aefac7e5b88a3868d051233
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed