Ultime advisory di sicurezza pubblicate dal team di ricerca Secure Network S.r.l.
http://www.securenetwork.it/ricerca/advisory
Advisory2008-01-14T11:30:01ZSimplePHPBlog is a blogging application that was written with simplicity of installation and maintenance in mind. Multiple vulnerabilities have been reported in the latest version of this web application; probably all previous versions are affected to the same issues. The specific issues include multiple cross-site scripting flaws and an arbitrary file upload vulnerability. Various consequences are associated with these issues, such as theft of cookie-based authentication credentials and arbitrary remote code execution.
http://www.securenetwork.it/ricerca/advisory/#itm_200701010003d538354408ea798a9d466855682f3ac71da7ca9a
SimplePHPBlog Multiple Vulnerabilities2007-01-01T12:00:00ZBoa is a single-tasking HTTP server. Boa is very low on hardware usage and is therefore used on many embedded systems, including routers, wireless access points and portable devices. It is possible to overwrite the "admin" password in memory, thus allowing an attacker to gain access to the web interface and alter configuration parameters.
http://www.securenetwork.it/ricerca/advisory/#itm_2007010100028c22ed7d7cf375097d4ca50564653510140eb23e
Boa (with Intersil Extensions) HTTP Auth Bypass2007-01-01T12:00:00ZGCALDaemon is an OS-independent Java program that offers two-way synchronization between Google Calendar and various iCalendar compatible calendar applications. An input validation flaw permits to craft an HTTP request with an abnormal content-length value; this malformed request could trigger a denial of service that arises from a Java out of memory fatal error.
http://www.securenetwork.it/ricerca/advisory/#itm_200701010001674c3881449bc80ccff9096253b1af43af735875
GCALDaemon Remote DoS2007-01-01T12:00:00ZHummingbird Collaboration is a Web-based collaborative groupware. A number of remotely exploitable vulnerabilities exist, ranging from Cross-Site Scripting (XSS), to improper file handling and information disclosure.
http://www.securenetwork.it/ricerca/advisory/#itm_20060101000118dfc9849c672930ee1da129855306f8d2255c2d
Multiple Vulnerabilities in Hummingbird Collaboration2006-01-01T12:00:00ZThe Siemens Santis 50 Wireless router is a wi-fi (802.11b) ADSL router. This bug provides access to the management CLI, without authentication,after a DOS attack to a specific service port.
http://www.securenetwork.it/ricerca/advisory/#itm_2005010100012797186091146e6a77fdea5cf1ef66e2d22d5bf6
Siemens SANTIS 50 Authentication Vulnerability2005-01-01T12:00:00Z