The Aruba Mobility Controller in ArubaOS version 3.3.2.6 suffers from a SNMP community string disclosure vulnerability.
f30235030c7d2b5d8b396e3e747d82f36e3c379d83f309d3c4d0182c84be4ab7Aruba Mobility Controllers use X.509 certificates to protect access to the web management interface and to provide secure wireless authentication, such as TLS, TTLS, PEAP, and Aruba-specific Captive Portal. By default, the controller uses a built-in certificate that is shared by all deployed units across all customers. This is broken for the obvious reasons.
261d3b68c595e71f7f735f8311f9fdecf9422bc0b3a44e597a6e76f1396bde07The F5 FirePass 1200 SSL VPN appliance version 6.0.2 Hotfix 3 contains a denial of service vulnerability in the SNMP daemon.
91531dfc54fe0fcce301e43880729d775fa71278b9350f80cd95c23993a5bb82F5 FirePass suffers from a cross site scripting vulnerability in relation to content inspection management. The vulnerability has been identified in version 6.0.2, hotfix 3. However, other versions may be also affected.
fa7b53eb4bb1e877c52a314ba71465ab9d213435941d94a9bd4b34842b380de6The Alkacon OpenCMS suffers from a cross site scripting vulnerability in sessions.jsp. Version 7.0.3 is susceptible.
92e9da2577e2fb70f9ecb290d5d0e7840ae15674765c5fa7e19432217512fec5The F5 BIG-IP management interface fails to sanitize user input allowing for arbitrary code execution. Verified in version 9.4.3.
2f4da6ec6d43007a7bc1e4aeae97ce3a85cee04917f05e693da9fa1b25e3131dAlkacon OpenCMS version 7.0.3 suffers from a cross site scripting vulnerability in users_list.jsp.
faf9e36c00c01378622d782f6e9b1985115bf8bf62bf97760e99508deaeb3559The F5 BIG-IP web management interface suffers from a persistent cross site scripting vulnerability in the audit log facility. Version 9.4.3 has been identified as vulnerable and other versions may also be affected.
28caa41e97f268000dc02e8c3bcf6a6b32bf692497b55892852b622a403cf32aAlkacon OpenCMS version 7.0.3 suffers from cross site scripting and file disclosure vulnerabilities.
4c2595c93024d2164e2ce4ec28ea46c041493b17023544d8c763bb179bfba2a7The F5 BIG-IP web management console is susceptible to a persistent cross site scripting vulnerability.
d456c52eae095f8a51c781afa24bf7c62cffeefff30f172cbdceb98527f1a5a9The Alkacon OpenCMS suffers from a cross site scripting vulnerability in tree_files.jsp. Version 7.0.3 is susceptible.
504c455e0aaa2ee0309349fcabdc82c71cefa1b12f90b3b4c7867b0d30e92609Packeteer PacketShaper and PolicyCenter web management interfaces suffer from cross site scripting vulnerabilities. Version 8.2.2 is susceptible.
3a473a89575ca2787873d351a8d7e0e9ca2a79431a64c5d52914570195cf78f9The F5 BIG-IP web management console version 9.4.3 suffers from a cross site request forgery vulnerability that can allow for arbitrary code execution.
bc27ce67f9cd5fdb65dcd9c3ccae8ef701bb9547b9f69ac886bfd6506f8fefb1The F5 BIG-IP ASM web management interface contains a cross site scripting vulnerability in the Security Report function.
be5853d6c1feb0d2d28a99d8dd2b940172e7ed485a42fccadfab738de35c73b8The HTTP URL filtering function provided by the 8e6 Technologies R3000 Internet Filter can be bypassed by simply splitting the HTTP request line (which contains the URI) into multiple packets.
187a0e359bab1a916b2621f03264d407ca323d63ed31f60f2ffb569d23c49607The F5 BIG-IP web management interface is susceptible to a cross site scripting vulnerability via the search functionality. Tested against version 9.4.3.
f24e831838b0cad45609bd942c655b29b4ed3bad399ec918e6c0487981cb4ac5Citrix NetScaler version 8.0 suffers from a weakly encrypted cookie vulnerability in the web management interface.
d8a56f4916a2c3e12e3b2734f56249642178a6c288d3db176f89945ce6179991Citrix NetScaler version 8.0 suffers from a cross site scripting vulnerability in the web management interface.
8426e8030866ae4e9293a3c8ac554e49da50c56b21b4b5d5eaff85db4813d8ecWinPT suffers from a user ID spoofing vulnerability.
b2b9f9374bc9992e7f0573e5b7ed735c0cadab81567f0041a1c809cd7d90ad5aPacketeer PacketShaper is susceptible to a denial of service vulnerability in the web management interface. The vulnerability has been identified in version 7.3.0g2 and 7.5.0g1. However, other versions may be also affected.
8eb0c7a50e9fe070efa27590a9a7e409e0937a06053bf48cf3765d96c2b12418The TCP/IP stack of Packeteer PacketShaper is generating predictable initial sequence numbers.
00f76ddef98562439629259477f616b9fd65049dfcce2d8625c25cc2eb968378Axalto Protiva 1.1 stores sensitive information in plaintext world readable files.
1d4fa0c1a0c77d3b016d87d417bbd2af7698989d80d70df0be6ad79cf4af5901A vulnerability has been identified in Hummingbird FTP that can be exploited by malicious, local users to gain knowledge of sensitive information. Hummingbird Connectivity 10.x is affected.
d04633ae079e84c44150370257c9d66040fc583d0ea50afbd73ea91a0df8f75e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed