--- DeepSec 2011 "High Five" - Call for Papers
For the fifth time the DeepSec In-Depth Security Conference invites
security researchers and professionals to submit suggestions for talks
and workshops for our conference which will take place in November 2011
in Vienna.
Please visit our updated webs
Cisco IOS SNMP Message Processing Denial Of Service Vulnerability
--
I. Summary
Cisco Internetwork Operating System (IOS) 15.0 attempts to process SNMP
solicited operations on improper ports (UDP 161,162), which allows remote
attac
Advisory: Client Side Authorization ZyXEL ZyWALL USG Appliances Web
Interface
The ZyXEL ZyWALL USG appliances perform parts of the authorization for
their management web interface on the client side using JavaScript. By
setting the JavaScript variable "isAdmin" to "true", a user with lim
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Document ID: c02807712
Version: 3
HPSBMA02667 SSRT100464 rev.3 - HP SiteScope, Cross Site Scripting (XSS) and
HTML Injection
NOTICE: The information in this Security Bulletin should be acted upon as soon
as possible.
Release Date: 2011-04-21
Last
Cisco IOS UDP Denial of Service Vulnerability
--
I. Summary
Cisco routers running IOS 15.0 allows a remote attacker to cause a denial of
service via a flood of UDP packets (a randomly chosen UDP port).
-
Advisory: Authentication Bypass in Configuration Import and Export of
ZyXEL ZyWALL USG Appliances
Unauthenticated users with access to the management web interface of
certain ZyXEL ZyWALL USG appliances can download and upload
configuration files, that are applied automatically.
Detail
