Vulnerability Note VU#870761 Dell Foundation Services installs compromised root CA (eDellRoot) Original Release date: 24 Nov 2015 | Last revised: 24 Nov 2015 Overview Dell Foundation Services installs the eDellRoot certificate into theTrusted Root Certificate Store on Microsoft Windows systems. The certificate includes the private key, which allows attackers to impersonate services and decrypt traffic. Description Dell Foundation Services (DFS) is a remote support component installed on some Dell systems
Vulnerability Note VU#391604 ZTE ZXHN H108N R1A routers contains multiple vulnerabilities Original Release date: 03 Nov 2015 | Last revised: 03 Nov 2015 Overview ZTE ZXHN H108N R1A router, version ZTE.bhs.ZXHNH108NR1A.h_PE, and ZXV10 W300 router, version W300V1.0.0f_ER1_PE, contain multiple vulnerabilities. Description CWE-200 : Information Exposure – CVE-2015-7248 Multiple information exposure vulnerabilities enable an attacker to obtain credentials and other sensitive details about the ZXHN H108N R1A.
Vulnerability Note VU#866432 Commvault Edge Server deserializes cookie data insecurely Original Release date: 03 Nov 2015 | Last revised: 03 Nov 2015 Overview Commvault Edge Server, version 10 R2, deserializes untrusted, user-provided cookie data, resulting in arbitrary OS command execution with the web server’s privileges. Description CWE-502 : Deserialization of Untrusted Data – CVE-2015-7253 Commvault Edge Server, version 10 R2, deserializes user-provided cookie data without properly validating it first.
Vulnerability Note VU#316888 MobaXterm server may allow arbitrary command injection due to missing X11 authentication Original Release date: 02 Nov 2015 | Last revised: 02 Nov 2015 Overview The MobaXterm server prior to verion 8.3 is vulnerable to arbitrary command injection over port 6000 when using default X11 settings. Description CWE-306 : Missing Authentication for Critical Function – CVE-2015-7244 MobaXterm server prior to version 8.3 includes an X11 server listening on all IP addresses which does not authenticate remote X11 connections over port 6000. A remote attacker may silently connect to the server, and view and inject X11 commands with the privileges of the user currently using MobaXterm.
Vulnerability Note VU#573848 Qolsys IQ Panel contains multiple vulnerabilities Original Release date: 29 Oct 2015 | Last revised: 29 Oct 2015 Overview All firmware versions of Qolsys IQ Panel contain hard-coded cryptographic keys, do not validate signatures during software updates, and use a vulnerable version of Android OS. Description Qolsys IQ Panel is an Android OS-based touch screen controller for home automation devices and functions. All firmware versions contain the following vulnerabilities.
VU#350508: HP ArcSight SmartConnector fails to properly validate SSL and contains a hard-coded password
Vulnerability Note VU#350508 HP ArcSight SmartConnector fails to properly validate SSL and contains a hard-coded password Original Release date: 27 Oct 2015 | Last revised: 27 Oct 2015 Overview The HP ArcSight SmartConnector fails to properly validate SSL certificates, and also contains a hard-coded password.
Vulnerability Note VU#672500 EPSON Network Utility contains a privilege escalation vulnerability Original Release date: 27 Oct 2015 | Last revised: 27 Oct 2015 Overview EPSON Network Utility contains a local privilege escalation vulnerability. Description CWE-708 : Incorrect Ownership Assignment – CVE-2015-6034 EPSON Network Utility v4.10 is an application that checks the printer status and displays the printing progress over the network. During installation, the EPSON Network Utility creates EpsonBidirectionalService which runs as SYSTEM.
Vulnerability Note VU#693036 Datalex airline booking software allowed authorization bypass for arbitrary users Original Release date: 30 Sep 2015 | Last revised: 30 Sep 2015 Overview Datalex provides a suite of software offerings for the airline industry which supports a customizable flight browsing, booking, payment, and analytics.
VU#630872: Mediabridge Medialink Wireless-N Broadband Router MWN-WAPR300N contains multiple vulnerabilities
Vulnerability Note VU#630872 Mediabridge Medialink Wireless-N Broadband Router MWN-WAPR300N contains multiple vulnerabilities Original Release date: 03 Sep 2015 | Last revised: 03 Sep 2015 Overview Mediabridge Medialink Wireless-N Broadband Router MWN-WAPR300N, firmware version 5.07.50 and possibly earlier, uses non-unique default credentials and is vulnerable to universal authentication bypass and cross-site request forgery (CSRF). Description CWE-255 : Credentials Management – CVE-2015-5994 Medialink MWN-WAPR300N by default uses the common admin:admin credentials for the web management interface and uses medialink:password for the wireless network. An attacker within range of a wireless network using default settings can connect and gain privileged access to the web management interface
Vulnerability Note VU#276148 Dedicated Micros DVR products use plaintext protocols and require no password by default Original Release date: 20 Aug 2015 | Last revised: 20 Aug 2015 Overview Dedicated Micros DVR products, including the DV-IP Express, SD Advanced, SD, EcoSense, and DS2, by default use plaintext protocols and require no password. Description CWE-311 : Missing Encryption of Sensitive Data Dedicated Micros DVR products by default use HTTP, telnet, and FTP rather than secure alternatives, making it the responsibility of the end user to configure a device securely. Sensitive data may be viewed or modified in transit by unauthorized attackers