Cisco Expressway version 8.8.1 suffers from an access control bypass that allows an attacker to leverage the application for internal port scanning.
a361dfbad67cdbc85d866b203c31e7071f2f67698c9fe8627ebe4531801d3757ownCloud versions 8.2.1 and below, 8.1.4 and below, and 8.0.9 and below suffer from an information exposure vulnerability via directory listings.
2a03e49b47f5b92a36e0f7c8b25d095b6e9255abca3e8fe34b1f15409b04a89csysPass versions 1.1.2.23 and below suffer from a cross site scripting vulnerability.
fccd3f6bd7b3f2d36da082f59aaa70d871cc6f8aa84ce409fb7f5e31656b9346sysPass versions 1.0.9 and below allow for system backups to be downloaded by an external attacker.
3f4f1197fb6b356561f3a5d4c13b670af0b0739a649d539b75953ebc8ae7b8d5An improper validation check in Wirecard Checkout Page version 1.0 allows for price manipulation.
4ffd92860793ff45edfbcf60723efee162f13fe3376e2ff564acfa3643017ba4Password Safe and Repository Enterprise version 7.4.4 Build 2247 suffers from remote SQL injection and authentication bypass vulnerabilities.
912329f72ad8b3fa3e4c5025c1548e060893d43692df38044806d8bed8cc8a2bPassword Safe and Repository Enterprise version 7.4.4 Build 2247 suffers from insufficiently protecting credentials by using an unsalted MD5 hash for protection.
aa3f253285227ed11f229a3e22241cb871c5accd91980275c406e839bee0740fSecure MFT versions 2013 R3, 2014 R1/R2, and 2015 R1 suffer from a cross site request forgery vulnerability.
7b7b950f13f6e8a3166c6357b150cb9a151e2570df70f27a19579dd07eb18a21By analyzing the password-based authentication for unloading the Kaspersky Small Office Security protection, the SySS GmbH found out, that the password comparison is done within the process avp.exe (actually within the module avpmain.dll), which runs or can be run in the context of the current Windows user, who can also be a standard, limited user. This fact allows a further analysis and the manipulation of the password comparison during runtime without administrative privileges, as every user is able to debug and manipulate the processes running with her user privileges. In order to bypass the password-based authentication to deactivate the protection of Kaspersky Small Office Security in an unauthorized manner, an attacker only has to patch this password comparison, so that it always returns true, for example by comparing the correct unload password with itself or by modifying the program control flow.
f56f7f4ad60158ad733a4f73ea4635638de505c45f25ef6e8047b7a8a8e5a7ceThe SySS GmbH found out that the admin password for protecting different functions of the Kaspersky Endpoint Security software, like managing backups or stopping protection services, is stored as raw, unsalted MD5 hash value in the Windows registry.
8a7c74b5cbb75ec15cb0f9a3938c69c29a10c97069f7ba7e4871500310fbc21cBy analyzing the password-based authentication for unloading the Kaspersky Endpoint Security for Windows protection, the SySS GmbH found out, that the password comparison is done within the process avp.exe, which runs or can be run in the context of the current Windows user, who can also be a standard, limited user. This fact allows a further analysis and the manipulation of the password comparison during runtime without administrative privileges, as every user is able to debug and manipulate the processes running with her user privileges. In order to bypass the password-based authentication to deactivate the protection of Kaspersky Endpoint Security for Windows in an unauthorized manner, an attacker only has to patch this password comparison, so that it always returns true, for example by comparing the correct unload password with itself or by modifying the program control flow.
2d0462fc09a2607d7ee16b44834d6ec901e61cace833e168b9102654473f32bcThe SySS GmbH found out that the administrator password for protecting different functions of the Kaspersky Anti-Virus software, like managing backups or stopping protection services, is stored as raw, unsalted MD5 hash value in the Windows registry.
ea3ba68c2445280d74bd945ec27706a66dc51e94a333bf175519fd2093dc8a5eBy analyzing the password-based authentication for unloading the Kaspersky Anti-Virus protection, the SySS GmbH found out, that the password comparison is done within the process avp.exe (actually within the used module shell_service.dll), which runs or can be run in the context of the current Windows user, who can also be a standard, limited user. This fact allows a further analysis and the manipulation of the password comparison during runtime without administrative privileges, as every user is able to debug and manipulate the processes running with her user privileges. In order to bypass the password-based authentication to deactivate the protection of Kaspersky Anti-Virus in an unauthorized manner, an attacker only has to patch this password comparison, so that it always returns true, for example by comparing the correct unload password with itself or by modifying the program control flow.
554441351ca1092de802550ffa43352381d6c7482cd5373295ac4d9310a088aaThe SySS GmbH found out that the administrator password for protecting different functions of the Kaspersky Internet Security software, like managing backups or stopping protection services, is stored as raw, unsalted MD5 hash value in the Windows registry.
1de91bfb49d3f0e7cd83b46395378df631ea2882433f6e879dd0b109e920970eBy analyzing the password-based authentication for unloading the Kaspersky Internet Security protection, the SySS GmbH found out, that the password comparison is done within the process avp.exe (actually within the used module shell_service.dll), which runs or can be run in the context of the current Windows user, who can also be a standard, limited user. This fact allows a further analysis and the manipulation of the password comparison during runtime without administrative privileges, as every user is able to debug and manipulate the processes running with her user privileges. In order to bypass the password-based authentication to deactivate the protection of Kaspersky Internet Security in an unauthorized manner, an attacker only has to patch this password comparison, so that it always returns true, for example by comparing the correct unload password with itself or by modifying the program control flow.
15965bde1ae5e842c07d11a1778e4a501e0cade94ff4d28bf4c19ef058f87c30The SySS GmbH found out that the administrator password for protecting different functions of the Kaspersky Total Security software, like managing backups or stopping protection services, is stored as raw, unsalted MD5 hash value in the Windows registry.
bb0133dfea19da32e1adc63779e910d52d60547b085a50a1b291be2d89764758By analyzing the password-based authentication for unloading the Kaspersky Total Security protection, the SySS GmbH found out, that the password comparison is done within the process avp.exe (actually within the used module shell_service.dll), which runs or can be run in the context of the current Windows user, who can also be a standard, limited user. This fact allows a further analysis and the manipulation of the password comparison during runtime without administrative privileges, as every user is able to debug and manipulate the processes running with her user privileges. In order to bypass the password-based authentication to deactivate the protection of Kaspersky Total Security in an unauthorized manner, an attacker only has to patch this password comparison, so that it always returns true, for example by comparing the correct unload password with itself or by modifying the program control flow.
b12d3e03fd22c3e9658d41432c039d1d5f73a44ea1032e75289b6f1261bafbdfThe SySS GmbH found out that the administrator password for protecting different functions of the Kaspersky Small Office Security software, like managing backups or stopping protection services, is stored as raw, unsalted MD5 hash value in the Windows registry.
f9313aec301a7c3586f846924c4e87db8f5ea73a5ca80b220b990f5e9dca66c1Avaya one-X Agent version 2.5 SP2 suffers from having a hard-coded key and various cryptography use issues.
bf140d213af14199a880bdd1f929e50c95c139713cf6105f06c8ac6b71462212Page2Flip version 2.5 is missing an access control and due to this allows for information disclosure.
4d58d05abd8782f6ea8e55b951adbc39826bfb054bc42cad328a0157a2cf0cf3Page2Flip version 2.5 suffers from a session management issue that allows deleted users to still login.
3dd3826320edfc3d9787b04d941d218aa5fcb2d184361a4c7704cfea80c20ef4Page2Flip version 2.5 suffers from an authorization bypass vulnerability.
81eff9c8072a47333a722737d210492a75a50e881af03b9fbb7745d495b77d5cPage2Flip version 2.5 suffers from an insecure direct object reference vulnerability.
88377ffbd2ae0e8c6494acd84244a8d80fc28f3b4cb5e706a672ceaab14433b9Page2Flip version 2.5 suffers from a persistent cross site scripting vulnerability.
a80dbfc906c92033fe34653626d3672fe4672f10582601c6398132ae3406a17bPage2Flip version 2.5 suffers from a cross site scripting vulnerability in the create user functionality.
8c4a6a8c8fb7c3e5d54cac7cab64b3e9ec1fd020d73d675cbf2229ba4b628693Page2Flip version 2.5 suffers from a denial of service vulnerability.
d605475e023fd099f6ae5991a6c9dc8b5175e3d6115f0f5e24bdef720b8b65c0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed