Vulnerability Advisories
Foundstone experts do independent vulnerability research and work with vendors to disclose vulnerabilities discovered in vendor software and services in a responsible manner. Listed below are some of our latest vulnerability advisories.
| Date | Title | Description | Credits | Link |
| 04/10/2010 | WaspTime MS-SQL Database instance with blank password for sa account | WaspTime software installs a MS-SQL instance named ‘WASPDB’ with a blank password for the Security Administrator (sa) account. | Amit Bagree | Click Here |
| 08/18/2009 | ntop HTTP Basic Authentication NULL Pointer Dereference Denial Of Service Vulnerability | The 'ntop' tool is prone to a denial-of-service vulnerability because of a NULL-pointer dereference that occurs when crafted HTTP Basic Authentication credentials are received by the embedded webserver. | Brad Antoniewicz | Click Here |
| 07/21/2009 | mChek 3.4 Information Disclosure | mChek is an E-commerce application which allows users to store multiple credit/debit cards in the phone and use them when required. mChek (Version 3.4) application stores multiple Credit Card numbers and corresponding bank account information to phone storage without adequate protection. | Gursev Kalra | Click Here |
| 07/15/2009 | Mobile Rediff Username and Password Disclosure | RediffMail component of MobileRediff (Version 1.04) application has a "Remember Me" function. When a user selects this option, the mobile application writes the username and password to phone storage in clear text without encryption. | Gursev Kalra | Click Here |
| 11/04/2008 | firmCHANNEL Indoor & Outdoor Digital Signage (3.24) Cross Site Scripting Vulnerability | firmCHANNEL Indoor & Outdoor Digital SIGNAGE is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. | Brad Antoniewicz | Click Here |
| 10/06/2008 | MetaGauge Web Server Directory Traversal Vulnerability | MetaGauge is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary local files within the context of the webserver. | Brad Antoniewicz | Click Here |
| 05/13/2008 | Cisco BBSM 5.3 Captive Portal 'AccesCodeStart.asp' Cross-Site Scripting Vulnerability | Cisco BBSM (Building Broadband Service Manager) is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user. | Brad Antoniewicz | Click Here |
| 04/08/2008 | Swiki HTML Injection and Cross-Site Scripting Vulnerabilities | Swiki is prone to an HTML-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. | Brad Antoniewicz | Click Here |
| 02/29/2008 | Beehive/SendFile.NET 'SendFile.jar' Insecure Default Account Unauthorized Access Vulnerability | Beehive/SendFile.NET is prone to a vulnerability that can result in unauthorized access. The issue occurs because of an insecure default account in 'SendFile.jar'. Successfully exploiting this issue allows remote attackers to gain access to the database and to potentially execute arbitrary code. | Brad Antoniewicz | Click Here |
** NOTE: To communicate with Foundstone securely about any of our advisories or research please click here to download our PGP key. **
