[월:] 2016년 06월

CVE-2016-4371 (service_manager, service_manager_mobility, service_manager_server, service_manager_service_request_catalog, service_manager_web_client, service_manager_windows_client)

Posted on by admin

CVE-2016-4371 (service_manager, service_manager_mobility, service_manager_server, service_manager_service_request_catalog, service_manager_web_client, service_manager_windows_client)

HP Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.

Source: CVE-2016-4371 (service_manager, service_manager_mobility, service_manager_server, service_manager_service_request_catalog, service_manager_web_client, service_manager_windows_client)

CVE-2016-4371

Posted on by admin

CVE-2016-4371

HP Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.

Source: CVE-2016-4371

CVE-2016-1397 (rv110w_wireless-n_vpn_firewall_firmware, rv130w_wireless-n_multifunction_vpn_router_firmware, rv215w_wireless-n_vpn_router_firmware)

Posted on by admin

CVE-2016-1397 (rv110w_wireless-n_vpn_firewall_firmware, rv130w_wireless-n_multifunction_vpn_router_firmware, rv215w_wireless-n_vpn_router_firmware)

Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service (device reload) via crafted configuration commands in an HTTP request, aka Bug ID CSCux82523.

Source: CVE-2016-1397 (rv110w_wireless-n_vpn_firewall_firmware, rv130w_wireless-n_multifunction_vpn_router_firmware, rv215w_wireless-n_vpn_router_firmware)

CVE-2016-1397

Posted on by admin

CVE-2016-1397

Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service (device reload) via crafted configuration commands in an HTTP request, aka Bug ID CSCux82523.

Source: CVE-2016-1397

CVE-2016-1396 (rv110w_wireless-n_vpn_firewall_firmware, rv130w_wireless-n_multifunction_vpn_router_firmware, rv215w_wireless-n_vpn_router_firmware)

Posted on by admin

CVE-2016-1396 (rv110w_wireless-n_vpn_firewall_firmware, rv130w_wireless-n_multifunction_vpn_router_firmware, rv215w_wireless-n_vpn_router_firmware)

Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux82583.

Source: CVE-2016-1396 (rv110w_wireless-n_vpn_firewall_firmware, rv130w_wireless-n_multifunction_vpn_router_firmware, rv215w_wireless-n_vpn_router_firmware)

CVE-2016-1396

Posted on by admin

CVE-2016-1396

Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux82583.

Source: CVE-2016-1396

CVE-2016-1395 (rv110w_wireless-n_vpn_firewall_firmware, rv130w_wireless-n_multifunction_vpn_router_firmware, rv215w_wireless-n_vpn_router_firmware)

Posted on by admin

CVE-2016-1395 (rv110w_wireless-n_vpn_firewall_firmware, rv130w_wireless-n_multifunction_vpn_router_firmware, rv215w_wireless-n_vpn_router_firmware)

The web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to execute arbitrary code as root via a crafted HTTP request, aka Bug ID CSCux82428.

Source: CVE-2016-1395 (rv110w_wireless-n_vpn_firewall_firmware, rv130w_wireless-n_multifunction_vpn_router_firmware, rv215w_wireless-n_vpn_router_firmware)