Symark PowerBroker Security Advisory - A vulnerability has been identified in Symark's PowerBroker suite that allows an attacker with local access to gain root access. Versions up to and including 5.0.1 are vulnerable.
7e0dfcf5434f53f7e134968251b4c19caab838f2992a8c96788c2a68bb04dc83The original MS07-012 patch was released to fix an issue in the MFC library MFC42u.dll. The issue was the result of MS not taking into account that a TCHAR string is actually twice as big as its CHAR counterparts. To fix this, the patch readjusted the nMaxCount variable to half of its original value in the GetMenuStringW(...) call. Unfortunately, GetMenuStringW will null terminate a long string at the end adding two additional characters to the string. This gives a returned string of (nMaxCount*2) + 2 bytes in size.
229df323f7ae912131f8b18d0576e890935561607c6f835f862cb2b52d911c7bMultiple cross site scripting, filter bypass, and information disclosure vulnerabilities exist in the F5 FirePass SSL VPN.
cfb632bcc5ccc99300621cc90d6e8b25bfe1bfc7b2cc289fe2ff92c0abb09b72The Barracuda Spam Firewalls from versions 3.3.01.001 through 3.3.02.053 are vulnerable to arbitrary file disclosure via the preview_email.cgi script.
8363029dcc673fedc8a62cebf430f37662f1cabb8e3673ab097dc0ee0fc14f0dThe Barracuda Spam Firewalls from versions 3.3.01.001 through 3.3.02.053 have a hardcoded password for the guest account in the Login.pm script.
a3fcc3dd2bedb5c6af2f3a9c0ba005f5a2e6ef2c19975142dd9f1d41ab2e55cb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed