HP Security Products Blog
From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. HP Enterprise Security Products offers products and services that help organizations meet the security demands of a rapidly changing and more dangerous world. HP ESP enables businesses and institutions to take a proactive approach to security that integrates information correlation, deep application analysis and network-level defense mechanisms—unifying the components of a complete security program and reducing risk across your enterprise. In this blog, we will announce the latest offerings from HP ESP, discuss current trends in vulnerability research and technology, reveal new HP ESP security initiatives and promote our upcoming appearances and speaking engagements.

Top Five Web Application Vulnerabilities 10/12/09 - 10/25/09

1) TYPO3 Core Multiple Vulnerabilities


TYPO3 is susceptible to multiple remote vulnerabilities including SQL-injection, Cross-Site Scripting, information disclosure, frame and session hijacking, and shell-command-execution issues. Each of these issues is exploitable via a browser, although some might require a valid backend login. If exploited, these vulnerabilities could lead to a complete compromise of the application, the theft of confidential information and authentication credentials, hijacked user sessions, or execution of arbitrary commands in context of the web server process. Updates which resolve these issues are available. Contact the vendor for additional details.


http://www.securityfocus.com/bid/36801


2) IBM Rational RequisitePro ReqWebHelp Multiple Cross-Site Scripting Vulnerabilities


IBM Rational RequisitePro is susceptible to multiple Cross-Site Scripting vulnerabilities. If successful, Cross-Site Scripting can be exploited to manipulate or steal cookies, create requests that can be mistaken for those of a valid user, compromise confidential information, or execute malicious code on end user systems. An advisory and updates which address these issues are available. Contact the vendor for more information.


http://www.securityfocus.com/bid/36721


3) Websense Email Security Cross-Site Scripting and HTML Injection Vulnerabilities


Websense Email Security is susceptible to Cross-Site Scripting and HTML Injection vulnerabilities. Successful exploitation of these issues could be used to alter how the site appears, steal authentication credentials, or execute malicious scripts in the browsers of unsuspecting users. Updates which resolve these issues are available. Contact the vendor for further details.


http://www.securityfocus.com/bid/36741


4) Achievo Multiple Vulnerabilities


Achievo is susceptible to multiple vulnerabilities including Cross-Site Scripting, SQL Injection, and HTML Injection. Successful exploitation of these issues could be used to give an attacker the means to access or modify backend database contents, alter how the site appears, steal authentication credentials, or execute malicious scripts in the browsers of unsuspecting users. Updates which resolve these issues are available. Contact the vendor for additional information.


http://www.securityfocus.com/bid/36661
http://www.securityfocus.com/bid/36660


5) NaviCOPA Source Code Information Disclosure Vulnerability


NaviCOPA is susceptible to a source code information disclosure vulnerability. An attacker can leverage this vulnerability to retrieve certain files from the affected system in context of the web server process. A fix has not yet been released. Contact the vendor for more details.


http://www.securityfocus.com/bid/36705

Top Five Web Application Vulnerabilities 9/28/09 - 10/11/09

1) Juniper Networks JUNOS J-Web Multiple Cross-Site Scripting And HTML Injection Vulnerabilities


Juniper Networks JUNOS is susceptible to multiple Cross-Site Scripting and HTML Injection vulnerabilities. Successful exploitation of these vulnerabilities could be used to alter how the site appears, steal authentication credentials, or execute malicious scripts in the browsers of unsuspecting users. A fix has not yet been released. Contact the vendor for additional information.


http://www.securityfocus.com/bid/36537


2) Symantec SecurityExpressions Audit and Compliance Server Error Message HTML Injection Vulnerability


Symantec SecurityExpressions Audit and Compliance Server is susceptible to an HTML Injection vulnerability. HTML Injection is used to add content into a web server’s response, which can then be used to steal cookie-based authentication credentials, execute arbitrary code in context of the site, or simply alter how the site appears. An update which addresses this issue has been released. Contact the vendor for further details.


http://www.securityfocus.com/bid/36571


3) Novell eDirectory 'dconserv.dlm' Cross-Site Scripting Vulnerability


Novell eDirectory is susceptible to a Cross-Site Scripting vulnerability. An attacker can leverage these issues to execute script code in the browsers of unsuspecting users in context of the affected application, possibly leading to theft of authentication credentials and other attacks. A fix has not yet been released. Contact the vendor for more information.


http://www.securityfocus.com/bid/36567


4) Interspire Knowledge Manager 'p' Parameter Directory Traversal Vulnerability


Interspire Knowledge Manager is susceptible to a parameter directory traversal vulnerability. Successful exploitation would give an attacker the means to view sensitive information which could lead to more damaging attacks. Updates which address this issue are available. Contact the vendor for additional details.


http://www.securityfocus.com/bid/36541


5) Kayako SupportSuite and eSupport 'functions_ticketsui.php' Cross-Site Scripting Vulnerability


Kayako SupportSuite and eSupport are susceptible to a Cross-Site Scripting vulnerability. These vulnerabilities can be exploited to execute code in the browser of an unsuspecting user and steal cookie-based authentication credentials. An advisory and update which address these issues have been released. Contact the vendor for further details.


http://www.securityfocus.com/bid/36568

Top Five Web Application Vulnerabilities 9/14/09 - 9/27/09

1) Novell GroupWise WebAccess Cross-Site Scripting Vulnerability


Novell GroupWise WebAccess is susceptible to a Cross-Site Scripting vulnerability. An attacker can leverage this vulnerability to execute script code in the browser of an unsuspecting user in context of the affected application, possibly leading to theft of authentication credentials and other attacks. Updates which resolve this issue have been released. Contact the vendor for additional information.


http://www.securityfocus.com/bid/36437


2) IBM Lotus Quickr Multiple HTML Injection Vulnerabilities


IBM Lotus Quickr is susceptible to multiple HTML Injection vulnerabilities. HTML Injection is used to add content into a web server’s response, which can then be used to steal cookie-based authentication credentials, execute arbitrary code in context of the site, or simply alter how the site appears. Fixes which address these vulnerabilities are available. Contact the vendor for more details.


http://www.securityfocus.com/bid/36527


3) IBM WebSphere Application Server Eclipse Help Cross-Site Scripting Vulnerability


IBM WebSphere Application Server (WAS) is susceptible to a Cross-Site Scripting vulnerability. If successful, Cross-Site Scripting can be exploited to manipulate or steal cookies, create requests that can be mistaken for those of a valid user, compromise confidential information, or execute malicious code on end user systems. Updates which resolve this vulnerability have been released. Contact the vendor for further information.


http://www.securityfocus.com/bid/36455


4) OSSIM SQL Injection, Cross Site Scripting and Unauthorized Access Vulnerabilities


OSSIM is vulnerable to multiple vulnerabilities including SQL Injection, Cross-Site Scripting, and unauthorized access. If exploited, these vulnerabilities could lead to compromise of the application, the theft of confidential information and authentication credentials, or be utilized in conducting additional database attacks. Updates which resolve these issues are available. Updates which resolve these issues are available. Contact the vendor for additional details.


http://www.securityfocus.com/bid/36504


5) IBM Lotus Connections 'simpleSearch.do' Cross-Site Scripting Vulnerability


IBM Lotus Connections is susceptible to a Cross-Site Scripting vulnerability. This can be exploited to execute code in the browser of an unsuspecting user and steal cookie-based authentication credentials. Updates which resolve this issue are available. Contact the vendor for more information.


http://www.securityfocus.com/bid/36513

Top Five Web Application Vulnerabilities 8/31/09 - 9/13/09

1) Ruby on Rails Form Helpers Unicode String Handling Cross-Site Scripting Vulnerability

 

Ruby on Rails is susceptible to a Cross-Site Scripting vulnerability. An attacker can leverage Cross-Site Scripting to execute script code in the browsers of unsuspecting users in context of the affected application, possibly leading to theft of authentication credentials and other attacks. Updates which address this issue have been released. Contact the vendor for additional information.

 

http://www.securityfocus.com/bid/36278

 

2) IBM Lotus Domino Web Access Cross-Site Scripting Vulnerability

IBM Lotus Domino Web Access (iNotes) is susceptible to a Cross-Site Scripting vulnerability. If successful, Cross-Site Scripting can be exploited to manipulate or steal cookies, create requests that can be mistaken for those of a valid user, compromise confidential information, or execute malicious code on end user systems. Updates which address this issue have been released. Contact the vendor for further details.

 

http://www.securityfocus.com/bid/36292

 

3) Mozilla Bugzilla Multiple Remote Vulnerabilities

 

Bugzilla is susceptible to several remote vulnerabilities including multiple instances of SQL Injection and a password disclosure vulnerability. SQL Injection can give an attacker full access to a backend database, and in certain circumstances can be utilized to take complete control of a system. The information disclosure vulnerability can be leveraged to steal user passwords. Fixes which address these issues have been released. Contact the vendor for more information.

 

http://www.securityfocus.com/bid/36373 (‘Bug.create()’ WebService Function SQL Injection Vulnerability)
http://www.securityfocus.com/bid/36372 (URL Password Information Disclosure Vulnerability)
http://www.securityfocus.com/bid/36371(‘Bug.search()’ WebService Function SQL Injection Vulnerability)

 

4) IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability

 

IBM Lotus Notes is susceptible to an HTML Injection vulnerability. HTML Injection is used to add content into a web server’s response, which can then be used to steal cookie-based authentication credentials, execute arbitrary code in context of the site, or simply alter how the site appears. This issue has reportedly been resolved in a hotfix. Contact the vendor for more details.

 

http://www.securityfocus.com/bid/36305

 

5) DotNetNuke Multiple Cross-Site Scripting Vulnerabilities

 

DotNetNuke is susceptible to multiple Cross-Site Scripting vulnerabilities. These vulnerabilities can be exploited to execute code in the browser of an unsuspecting user and steal cookie-based authentication credentials.   Updates which resolve these issues are available. Contact the vendor for additional information.

 

http://www.securityfocus.com/bid/36274

 


 

Top Five Web Application Vulnerabilities 4/13/09 - 4/26/09

1) Apache Geronimo Application Server Multiple Remote Vulnerabilities


Apache Geronimo Application Server is susceptible to multiple vulnerabilities including Cross-Site Scripting, HTML Injection, directory traversal, and Cross-Site Request Forgery.   Successful exploitation could give an attacker the means to access sensitive information, steal cookie-based authentication credentials, and perform actions as an authenticated user. An update which addresses these vulnerabilities has been released. Contact the vendor for more information.


http://www.securityfocus.com/bid/34562


2) SAP cFolders Cross-Site Scripting and HTML Injection Vulnerabilities


SAP cFolders is susceptible to Cross-Site Scripting and HTML Injection vulnerabilities. Successful exploitation could give an attacker the means to steal cookie-based authentication credentials, execute arbitrary code in context of the site, or simply alter how the site appears. Updates which resolve these issues are available. Contact the vendor for more details.


http://www.securityfocus.com/bid/34658


3) CS Whois Lookup 'ip' Parameter Remote Command Execution Vulnerability


CS Whois Lookup is susceptible to a remote command execution vulnerability.  Remote attackers can exploit this vulnerability to execute arbitrary commands with the privileges of the affected application, possibly leading to its compromise as well as that of the underlying web server.  A fix has not yet been released. Contact the vendor for additional information.


http://www.securityfocus.com/bid/34700


4) phpMyAdmin Configuration File PHP Code Injection Vulnerability


phpMyAdmin is susceptible to a remote PHP code-injection vulnerability. An attacker can leverage this vulnerability to inject and execute arbitrary malicious PHP code in the context of the webserver process, which could lead to a compromise of the application and underlying system.  Updates which resolve this issue are available. Contact the vendor for more information.


http://www.securityfocus.com/bid/34526


5) Novell Teaming User Enumeration Weakness and Multiple Cross-Site Scripting Vulnerabilities


Novell Teaming is susceptible to multiple Cross-Site Scripting vulnerabilities and a user enumeration weakness. These vulnerabilities can be exploited to discover the names of legitimate users, execute code in the browser of an unsuspecting user, and steal cookie-based authentication credentials. Advisories with patch instructions have been issued. Contact the vendor for further details.


http://www.securityfocus.com/bid/34531

Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
Follow Us


HP Blog

HP Software Solutions Blog

Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation