Multiple Shell Metacharacter Injections in AFFLIB

Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Multiple Shell Metacharacter Injections in AFFLIB Release Date: 2007-04-27 Application: AFFLIB(TM) Versions: 2.2.0-2.2.8 and likely earlier versions Severity: Low to Medium Author: Timothy D. Morgan <tmorgan {at} vsecurity {dot} com> Vendor Status: Vendor Notified CVE Candidate: CVE-2007-2055 Reference: http://www.vsecurity.com/bulletins/advisories/2007/afflib-shellinject.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Product Description: > From the … Continue reading Multiple Shell Metacharacter Injections in AFFLIB

Multiple Buffer Overflows Discovered in AFFLIB

Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Multiple Buffer Overflows Discovered in AFFLIB Release Date: 2007-04-27 Application: AFFLIB(TM) Versions: 2.2.0 and likely earlier Severity: High Author: Timothy D. Morgan <tmorgan {at} vsecurity {dot} com> Vendor Status: Vendor Notified, Fix Available CVE Candidate: CVE-2007-2053 Reference: http://www.vsecurity.com/bulletins/advisories/2007/afflib-overflows.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Product Description: > From the forensicswiki.org … Continue reading Multiple Buffer Overflows Discovered in AFFLIB

PDF Form Filling and Flattening Tool Buffer Overflow

Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: PDF Form Filling and Flattening Tool Buffer Overflow Release Date: 2006-05-23 Application: PDF Tools AG - PDF Form Filling and Flattening Tool Version: 3.0 (Windows) (other versions and platforms untested) Severity: High Author: George D. Gal <ggal_at_vsecurity.com> Vendor Status: Vendor Notified, Fix Available CVE Candidate: … Continue reading PDF Form Filling and Flattening Tool Buffer Overflow

WebSense content filter bypass when deployed in conjunction with Cisco filtering devices

Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: WebSense content filter bypass when deployed in conjunction with Cisco filtering devices Release Date: 2006-05-08 Application: Websense in Conjunction with Cisco PIX Version: Websense 5.5.2 Cisco PIX OS / ASA < 7.0.4.12 Cisco PIX OS < 6.3.5(112) FWSM 2.3.x FWSM 3.x (other versions untested) Severity: … Continue reading WebSense content filter bypass when deployed in conjunction with Cisco filtering devices

Remote Directory Traversal and File Retrieval

Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Remote Directory Traversal and File Retrieval Release Date: 2006-02-03 Application: IBM Tivoli Access Manager Version: 5.1.0.10 (other versions untested) Severity: High Author: Timothy D. Morgan <tmorgan (at) vsecurity (dot) com> Vendor Status: Vendor Notified, Fix Available CVE Candidate: CVE-2006-0513 Reference: http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Product Description: >From … Continue reading Remote Directory Traversal and File Retrieval