BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
airlive

Airlive POE/OD IP Camera Multiple Vulnerabilities

Disclosed June 12, 2013    Zeroday : 405 days
Vendors: AirLive
Vulnerability Severity: Medium
Exploit Impact: Cross-Site Request Forgery, Denial of Service, Elevation of Privilege
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
sony

Sony CH/DH Network Cameras Cross-Site Request Forgery

Disclosed June 12, 2013    Zeroday : 405 days
Vendors: Sony
Vulnerability Severity: Medium
Exploit Impact: Cross-Site Request Forgery
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker

June 2013 Patch Tuesday

Posted June 11, 2013    BeyondTrust Research Team

It’s halfway through the year and we are seeing the total bulletin count creep just past fifty. This month, Microsoft is providing patches for Internet Explorer, the Windows kernel (and kernel-mode drivers), Windows print spooler components, and Microsoft Office. There are five bulletins in total, comprised of 1 critical (Internet Explorer) bulletin and the remaining…

Categories:
Vulnerability Management
Tags:
, , , , , ,
fobuc

Fobuc Guestbook SQL Injection Vulnerability

Disclosed June 11, 2013    Zeroday : 406 days
Vendors: Fobuc
Vulnerability Severity: Medium
Exploit Impact: SQL Injection
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
hp

HP System Management Homepage Command Injection Vulnerability

Disclosed June 10, 2013    Fully Patched
Vendors: HP
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
caucho

Resin Application Server Cross-Site Scripting Vulnerability

Disclosed June 7, 2013    Zeroday : 410 days
Vendors: Caucho
Vulnerability Severity: Medium
Exploit Impact: Cross-Site Scripting
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
PBW with RI

Our Newest Product Release: PowerBroker for Windows 6.0

Posted June 5, 2013    Sarah Lieber

We’re very excited to announce the release of PowerBroker for Windows 6.0, the industry’s first identity management solution able to leverage least privilege and vulnerability data scanned by the award winning Retina CS Threat Management Console. This allows our customers to take a system’s overall risk into context when deciding what level of privileges a user or…

Categories:
Privileged Account Management
Tags:
, , , , , , , , , ,
parallels

Parallels Plesk Remote Code Execution Vulnerability

Disclosed June 5, 2013    No Patch Available
Vendors: Parallels, Inc.
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
RPA-screenshot

Advanced Architectures with the Retina Protection Agent

Posted May 31, 2013    Morey Haber

One of the extended features of Retina CS is the Retina Protection Agent. This component is licensed with Retina and allows for users to assess hosts for vulnerabilities using a local scanning agent verses a network scan. This forgoes the need of a traditional SaaS or on-premise vulnerability assessment solution to perform a scan outside…

Categories:
Vulnerability Management
Tags:
, , , ,
monkey

Monkey HTTP Daemon Buffer Overflow

Disclosed May 30, 2013    Fully Patched
Vendors: Monkey HTTP Daemon Development Group
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker