October 17, 2011

Security Advisory – SOS-11-012 – WordPress Plugin – BackWPUp 2.1.4

A vulnerability has been discovered in the WordPress plugin BackWPup 2.1.4 which can be exploited to execute local or remote code on the web server....

September 20, 2011

Security Advisory – SOS-11-011 – NETGEAR Wireless Cable Modem Gateway CG814WG Auth Bypass and CSRF

The NETGEAR Wireless Cable Modem Gateway CG814WG is supplied by ISP’s as customer premises equipment within Australia and abroad. It is a centrally managed ISP solution whereby each ISP’s devices...

September 19, 2011

Security Advisory – SOS-11-010 – Cisco TelePresence Multiple Vulnerabilities

Cisco TelePresence is an umbrella term for Video Conferencing Hardware and Software, Infrastructure and Endpoints. The C & MXP Series are the Endpoints used on desks or in boardrooms to...

July 19, 2011

Security Advisory – SOS-11-009 – Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability

GlassFish is an open source application server project led by Sun Microsystems for the Java EE platform. The proprietary version is called Sun GlassFish Enterprise Server. GlassFish supports all Java...

May 20, 2011

Security Advisory – SOS-11-007 – PHPCaptcha / Securimage 2.0.2 – Authentication Bypass

Insufficient distortion in the audio version of the CAPTCHA allows an attacker to quickly decode the CAPTCHA by performing basic binary analysis of the generated audio file....

May 18, 2011

Security Advisory – SOS-11-006 – Cisco Unified Operations Manager Multiple Vulnerabilities

Cisco Unified Operations Manager (CuOM) is a NMS for voice developed by Cisco Systems. Operations Manager monitors and evaluates the current status of both the IP communications infrastructure and the...

May 3, 2011

Security Advisory – SOS-11-005 – Proofpoint Protection Server Cross-Site Scripting Vulnerability

The Proofpoint Protection Server offers anti-spam and anti-virus, connection management, email firewall and policy enforcement features....

April 15, 2011

Security Advisory – SOS-11-004 – cPassMan 1.82 – Arbitrary file download

A vulnerability has been discovered in the Collaborative Passwords Manager (cPassMan) web application that can be exploited to retrieve files from the local host file system....

March 28, 2011

Security Advisory – SOS-11-003 – WordPress plugin BackWPup – Remote and local code execution

A vulnerability has been discovered in the Wordpress plugin BackWPup 1.6.1 which can be exploited to execute local or remote code on the web server....

February 28, 2011

Security Advisory – SOS-11-002 – PHP Blog Insert Authentication Security Bypass

PHP Blog Insert is vulnerable to an authentication bypass attack due to flawed and predictable access control and session management logic. ...

February 21, 2011

Security Advisory – SOS-11-001 – Adobe Reader 9.4.1 Infinite Loop Condition

Adobe Reader is a popular freeware PDF viewer. Version 9.4.1 of the application is vulnerable to a DoS attack. By sending specially crafted PDF files it is possible to cause...

December 20, 2010

Security Advisory – SOS-10-004 -Elcom Technology’s CommunityManager.NET Auth Bypass Vulnerability

The Elcom Technology’s CommunityManager.NET web application uses cookie parameters passed via HTTP requests to identify which user is logged in....

October 6, 2010

Security Advisory – SOS-10-003 – Adobe Reader 9.3.4 Multiple Memory Corruption Vulnerabilities

Version 9.3.4 of the Adobe application is vulnerable to multiple memory corruption vulnerabilities. By sending specially crafted PDF files it is possible to cause memory corruption in the 3difr and...

March 5, 2010

Security Advisory – SOS-10-002 – Apache 2.2.14 mod_isapi Dangling Pointer Vulnerability

The Inteset Secure Lockdown desktop application allows the use of the deprecated SHA-1 hash function to store the Inteset administrator’s password in the Windows registry....

January 21, 2010

Security Advisory – SOS-10-001 – TheGreenBow VPN Client (policy) Local Stack Overflow Vulnerability

TheGreenBow is an IPsec VPN client that sets up a secure channel for data transport. ...

October 30, 2009

Security Advisory – SOS-09-008 – SafeNet SoftRemote (treename, groupname) Local Buffer Overflow Vulnerability

SafeNet SoftRemote is an IPsec VPN client that sets up a secure channel for data transport. ...