Showing 1 - 6 of 6

Files from Ruckus Product Security Team

Email address	security at ruckuswireless.com
First Active	2013-05-29
Last Active	2014-04-15

Ruckus OpenSSL 1.0.1 Heartbleed Issue: Posted Apr 15, 2014; Authored by Ruckus Product Security Team; OpenSSL library is used in Ruckus products to implement various security related features. A vulnerability has been discovered in OpenSSL library which may allow an unauthenticated, remote attacker to retrieve memory in chunks of 64 kilobytes from a connected client or server. An exploit could disclose portions of memory containing sensitive security material such as passwords and private keys.; tags | advisory, remote; advisories | CVE-2014-0160; SHA-256 | e2389dde2b3d98946abd1657f86b8b235aa6c789773e1225b58757349034d256; Download | Favorite | View

Ruckus Access Point Authentication Bypass: Posted Nov 29, 2013; Authored by Ruckus Product Security Team; A user authentication bypass vulnerability has been discovered in Ruckus Access Point's administrative web interface. This vulnerability may allow a malicious user to gain unauthorized access to the administrative web interface.; tags | advisory, web, bypass; SHA-256 | 3b39b726272397dfd90d0e4136f00557380edbd2ca30b9270c6be93d5bfbe996; Download | Favorite | View

ZoneDirector Cross Site Scripting: Posted Nov 13, 2013; Authored by Ruckus Product Security Team; A persistent cross site scripting weakness has been discovered in the guest pass provisioning web interface of the ZoneDirector controller devices. An attacker with access to an authenticated user session with privileges for guest pass generation may cause certain malicious javascript code to execute in the user's browser with privileges of the user or the admin. ZoneDirector Controllers versions 9.3.x, 9.4.x, 9.5.x, and 9.6.x are affected.; tags | advisory, web, javascript, xss; SHA-256 | d9fdcc876fdb2924d1ff1acb39eb8b431d9858e58ba9bb63afddfef5b1a68a58; Download | Favorite | View

ZoneDirector Code Injection: Posted Nov 12, 2013; Authored by Ruckus Product Security Team; A vulnerability has been discovered in ZoneDirector controllers (ZD) which may allow an attacker to inject malicious code via controller's admin web interface. The attacker needs access to an authenticated admin session with ZD's web interface for carrying out this attack. Affected software includes versions 9.3.x, 9.4.x, 9.5.x, and 9.6.x.; tags | advisory, web; SHA-256 | 62b972e7d6dbdf0c5f635f6e3a470a83f15461c4159ea625712a0156763d1448; Download | Favorite | View

ZoneDirector User Authentication Bypass: Posted May 29, 2013; Authored by Ruckus Product Security Team; A user authentication bypass vulnerability has been discovered in ZoneDirector controllers during standard internal bug reporting procedures. This vulnerability may allow a malicious user to gain unauthorized access to the ZoneDirector administrative web interface.; tags | advisory, web, bypass; SHA-256 | 490680f010ed632a71b903374189cc43de53208be861742cff821a065866c2aa; Download | Favorite | View

Ruckus SSH Server Tunneling Issue: Posted May 29, 2013; Authored by Ruckus Product Security Team; A user authentication bypass vulnerability has been discovered during standard internal bug reporting procedures in some of the Ruckus devices. This vulnerability may permit an unauthenticated malicious user with network access to port 22 to tunnel random TCP traffic to other hosts on the network via Ruckus devices.; tags | advisory, tcp, bypass; SHA-256 | 3c7292de3b3be1ee12992e0ae63f056545cf432aee257c5c37c07bd209db55b4; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days