Monthly Archives: April 2015
USA Pubs New Hacker Drama With The F-Word
How To Crack Many Master Lock Combinations In 8 Tries Or Less
CVE-2015-0708
Cisco IOS 15.4S, 15.4SN, and 15.5S and IOS XE 3.13S and 3.14S allow remote attackers to cause a denial of service (device crash) by including an IA_NA option in a DHCPv6 Solicit message on the local network, aka Bug ID CSCur29956.
CVE-2015-0709
Cisco IOS 15.5S and IOS XE allow remote authenticated users to cause a denial of service (device crash) by leveraging knowledge of the RADIUS secret and sending crafted RADIUS packets, aka Bug ID CSCur21348.
CVE-2015-0710
The Overlay Transport Virtualization (OTV) implementation in Cisco IOS XE 3.10S allows remote attackers to cause a denial of service (device reload) via a series of packets that are considered oversized and trigger improper fragmentation handling, aka Bug IDs CSCup37676 and CSCup30335.
CVE-2015-0711
The hamgr service in the IPv6 Proxy Mobile (PM) implementation in Cisco StarOS 18.1.0.59776 on ASR 5000 devices allows remote attackers to cause a denial of service (service reload and call-processing outage) via malformed PM packets, aka Bug ID CSCut94711.
Bugtraq: SonicWall SonicOS 7.5.0.12 & 6.x – Client Side Cross Site Scripting Vulnerability
SonicWall SonicOS 7.5.0.12 & 6.x – Client Side Cross Site Scripting Vulnerability
Bugtraq: PayPal Inc Bug Bounty #114 – JDWP Remote Code Execution Vulnerability
PayPal Inc Bug Bounty #114 – JDWP Remote Code Execution Vulnerability
Bugtraq: CSRF & XSS Wing FTP Server Admin <= v4.4.5
CSRF & XSS Wing FTP Server Admin <= v4.4.5