Complain Center version 1 suffers from a SQL injection vulnerability that allows for login bypass.
dceb7b7ada4532329bbe26d70361acc45319ee1022a0826fa0531120a70281b2HP Security Bulletin HPSBMU02803 SSRT100926 - A potential security vulnerability has been identified with HP Service Manager and HP Service Center Web Tier. The vulnerability could be remotely exploited resulting in cross site scripting (XSS). Revision 1 of this advisory.
5f967abf36b11a1450d1bdc34b2e2587d19f67465191db23eaa1aed4ed25dbfeHP Security Bulletin HPSBMU02800 SSRT100921 - A potential security vulnerability has been identified with HP Service Manager and HP Service Center Server. The vulnerability could be remotely exploited resulting in a Denial of Service (DoS). Revision 1 of this advisory.
4ad254c5b89030dfa92dc00ec1f085e885f2d1db130e20182a5f2d7e3cae8aa6HP Security Bulletin HPSBMU02802 SSRT100923 - A potential security vulnerability has been identified with HP Fortify Software Security Center. The vulnerability could be remotely exploited to allow disclosure of privileged information. Revision 1 of this advisory.
b89198f8d8035895450565a76fb38a1af3fd87d8fcc89ef43485ca94649527feHP Security Bulletin HPSBMU02801 SSRT100879 - A potential security vulnerability has been identified with HP Fortify Software Security Center. The vulnerability could be remotely exploited to allow unauthenticated disclosure of information. Revision 1 of this advisory.
5898d749444d507cbdd005d51e64feb010b4f1f5cc9cf4790bc7b7467217d7ffSecunia Security Advisory - Two vulnerabilities have been reported in HP Fortify Software Security Center, which can be exploited by malicious users and malicious people to disclose potentially sensitive information.
dcee000b95e31ec23cf2b6b5733eca431a992612a74e67ebec0c0aa7c74e9161Secunia Security Advisory - Two vulnerabilities have been reported in HP Service Manager and Service Center, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
ad6ffec457e6c1524a99a422c41160f6b60dfcc1852d2d3b8ed4c9b76d2eff58MIT krb5 Security Advisory 2012-001 - The MIT krb5 KDC (Key Distribution Center) daemon can free an uninitialized pointer while processing an unusual AS-REQ, corrupting the process heap and possibly causing the daemon to abnormally terminate. An attacker could use this vulnerability to execute malicious code, but exploiting frees of uninitialized pointers to execute code is believed to be difficult. It is possible that a legitimate client that is misconfigured in an unusual way could trigger this vulnerability. The MIT krb5 KDC daemon can dereference an uninitialized pointer while processing a malformed AS-REQ, causing the daemon to abnormally terminate. This vulnerability could theoretically lead to the execution of malicious code, but that is believed to be very difficult.
c6e678cd6912090035d37e0e943e9a727bca5c72a814f85c04f9e97cff64c21eRed Hat Security Advisory 2012-1131-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. An uninitialized pointer use flaw was found in the way the MIT Kerberos KDC handled initial authentication requests. A remote, unauthenticated attacker could use this flaw to crash the KDC via a specially-crafted AS-REQ request. A NULL pointer dereference flaw was found in the MIT Kerberos administration daemon, kadmind. A Kerberos administrator who has the "create" privilege could use this flaw to crash kadmind.
fc644b1cb9cf0a8750b9b22679610ad70952fe4b170e2844397d3cea0bd64a5aUbuntu Security Notice 1520-1 - Emmanuel Bouillon discovered that the MIT krb5 Key Distribution Center (KDC) daemon could free an uninitialized pointer when handling a malformed AS-REQ message. A remote unauthenticated attacker could use this to cause a denial of service or possibly execute arbitrary code. Emmanuel Bouillon discovered that the MIT krb5 Key Distribution Center (KDC) daemon could dereference an uninitialized pointer while handling a malformed AS-REQ message. A remote unauthenticated attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS. Various other issues were also addressed.
230d2bccf2e221f779ebacf8edcc34a5fd7d0176f42f3af106b6b41e010163fdDr. Web Control Center version 6.00.3.201111300 suffers from a persistent script injection vulnerability.
851dfd59c6d9101c9e8c052a49bf2565ed6031d9562a93e808d4c5f2aacb003bSecunia Security Advisory - Multiple vulnerabilities have been reported in ManageEngine SupportCenter Plus, which can be exploited by malicious users to disclose potentially sensitive information, bypass certain security restrictions, and conduct script insertion and SQL injection attacks and by malicious people to conduct script insertion attacks.
6a21b392667e0de36f47bb1aa876311da90ad44e9ca585b88f0ded6bc3e2c351Secunia Security Advisory - Two vulnerabilities have been reported in Oracle WebCenter Forms Recognition, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service).
b7838f61a9deb77d2526cccbc98d495f86bee11c0354bbbde8e7705b0f2bdceeManageEngine Support Center Plus versions 7903 and below suffer from backup related, unauthorized access, cross site scripting, and remote SQL injection vulnerabilities.
00f2539984dab23c36d58c4e258af76a9f0554b23a8e7f3047e20d3d1a2fd7a1SchoolCenter Web Tools version 11.0.27 suffers from a cross site scripting vulnerability. This is an old issue that was never fixed by the vendor in earlier releases.
9c557412d22448c819499d4a9671df660ca09aac0b5f82b040390b919fbe324cThe National Center of Education Research suffers from a remote blind SQL injection vulnerability.
4414371f33085a44c8b6596429e944389bb731f361deea72620305a56acc9d10CenterSite CMS suffers from a cross site scripting vulnerability.
a04f2e27b363ca3da81945f3feaddf9cc2b57ce4c93a273bef2793058185b5f1Secunia Security Advisory - Filip Palian has reported two security issues and two vulnerabilities in Sourcefire Defense Center and Sourcefire 3D Sensor, which can be exploited by malicious users to conduct script insertion attacks and bypass certain security restrictions and by malicious people to disclose potentially sensitive information.
e1a5f7ca524485b86e4685f3e1a8c3c01d66003e867a3e4fc6eafe4cdb6e0a79HP Security Bulletin HPSBMU02749 SSRT100793 - A potential security vulnerability has been identified with HP Business Availability Center (BAC) running on Windows. The vulnerability could be remotely exploited to allow cross site scripting (XSS). Revision 1 of this advisory.
c57e7b4f8cac332e6b3e9804734a8bedd8fcc96e95ef87718c5d75f770b40e38HP Security Bulletin HPSBMU02753 SSRT100782 - Potential security vulnerabilities have been identified with HP Business Availability Center (BAC) running Apache. The vulnerabilities could be remotely exploited to allow execution of arbitrary commands or to create a Denial of Service (DoS). Revision 1 of this advisory.
b55a989f31c2419d9a2795806e8f45c94e4360a46ec5e834af0bbc413ee64bbbThe Sourcefire Defense Center(R) versions prior 4.10.2.3 were found to be vulnerable to arbitrary file download, deletion of files in a specific directory, persistent cross site scripting, and database access using default credentials in some circumstances.
a9d7e313e24a1fb445e3a80c7afeab9310471eba9fc7f977406b4e4c4934ed50Secunia Security Advisory - A vulnerability has been reported in HP Business Availability Center, which can be exploited by malicious people to conduct cross-site scripting attacks.
2348a56746c33a38453e4160cb95c42923f7b8cd4cee4aa1e81ed8239c54035dAstaro Command Center version 2.x suffers from a cross site scripting vulnerability.
96c2b24d1d45268f3ca7eb0da0a73270b913337f1dc8fc9c4284c41237cec582Secunia Security Advisory - HP has acknowledged a security issue and multiple vulnerabilities in HP Business Availability Center, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).
1623f4dcd5bfb2e44da5be390cf3e10519bab9360cc45fc06bf5a1c4b84153a5National White Collar Crime Center at www.nw3c.org suffers from a cross site scripting vulnerability.
779a8bdd46a61b70b94a28bc64c813a18424c18249c9aff27240624b57d59e4eSecunia Security Advisory - Blue Coat has acknowledged a vulnerability in Blue Coat PacketShaper and PolicyCenter, which can be exploited by malicious people to bypass certain security restrictions.
cd9116c0ebfbd4f5e73b24ed0749d07eefa42f0d23c8d5a9751755cc03133780
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed