VARIoT IoT vulnerabilities database

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCashDrawer.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, Value Serial/USB Receipt printers, and USB Standard Duty cash drawers, aka ZDI-CAN-2505. Windows for HP Point of Sale Run on product OLE Point of Sale (OPOS) The driver contains a vulnerability that allows arbitrary code execution. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the Open method in OPOSCashDrawer.ocx. By supplying an overly long string to this method, an attacker can exploit this condition to achieve code execution under the context of the browser process. Attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04583185 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04583185 Version: 2 HPSBHF03279 rev.2 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. These vulnerabilities could be remotely exploited resulting in execution of code. References: CVE-2014-7888 (ZDI-CAN-2512, SSRT101696) CVE-2014-7889 (ZDI-CAN-2511, SSRT101695) CVE-2014-7890 (ZDI-CAN-2510, SSRT101694) CVE-2014-7891 (ZDI-CAN-2509, SSRT101693) CVE-2014-7892 (ZDI-CAN-2508, SSRT101692) CVE-2014-7893 (ZDI-CAN-2507, SSRT101691) CVE-2014-7894 (ZDI-CAN-2506, SSRT101690) CVE-2014-7895 (ZDI-CAN-2505, SSRT101689) CVE-2014-7897 (SSRT101689) CVE-2014-7898 (SSRT101689) SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The package contains update common control objects for all of the impacted products in the table below. Download the SP70564 from the Support and Drivers site for the impacted product. Go to http://www.hp.com : Chose Support then Download Drivers Enter in your POS system name, such as product name HP rp5800 Retail System then click on Go. Choose the Appropriate OS after selecting the link for the appropriate product. The latest drivers will be in the Software - POS section. Download the OPOS Common Control Objects v1.13.003 Softpaq. HP Product Description Prod Num CVE Number, Impacted Driver Monitors HP Retail RP7 VFD Customer Display QZ701AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Retail Integrated 2x20 Display G6U79AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Retail Integrated 2x20 Complex G7G29AA / AT CVE-2014-7889 OPOSLineDisplay.ocx Printers HP PUSB Thermal Receipt Printer ALL FK224AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP SerialUSB Thermal Receipt Printer BM476AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Hybrid POS Printer with MICR US FK184AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Value PUSB Receipt Printer F7M67AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Value Serial/USB Receipt Printer ALL F7M66AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx Cash Drawers HP USB Standard Duty Cash Drawer E8E45AA / AT CVE-2014-7895 OPOSCashDrawer.ocx MSR HP Mini MSR FK186AA / AT CVE-2014-7892 OPOSMSR.ocx HP Retail Integrated Dual-Head MSR QZ673AA / AT CVE-2014-7892 OPOSMSR.ocx HP Integrated Single Head MSR w/o SRED J1A33AA / AT CVE-2014-7892 OPOSMSR.ocx HP Integrated Single Head w/o MSR SRED J1A34AA / AT CVE-2014-7892 OPOSMSR.ocx HP RP7 Single Head MSR w/o SRED K1K15AA/AT CVE-2014-7892 OPOSMSR.ocx Keyboards HP POS Keyboard FK221AA / AT CVE-2014-7891 OPOSPOSKeyboard.ocx CVE-2014-7892 OPOSMSR.ocx CVE-2014-7890 OPOSToneIndicator.ocx HP POS Keyboard with MSR FK218AA / AT CVE-2014-7891 OPOSPOSKeyboard.ocx CVE-2014-7892 OPOSMSR.ocx CVE-2014-7890 OPOSToneIndicator.ocx Pole Displays POS Pole Display FK225AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Graphical POS Pole Display QZ704AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP LCD Pole Display F7A93AA / AT CVE-2014-7889 OPOSLineDisplay.ocx Scanners HP Imaging Barcode Scanner BW868AA / AT CVE-2014-7897 OPOSScanner.ocx HP Linear Barcode Scanner QY405AA / AT CVE-2014-7897 OPOSScanner.ocx HP Presentation Barcode Scanner QY439AA / AT CVE-2014-7897 OPOSScanner.ocx HP Retail Integrated Barcode Scanner E1L07AA / AT CVE-2014-7897 OPOSScanner.ocx HP Wireless Barcode Scanner E6P34AA / AT CVE-2014-7897 OPOSScanner.ocx HP 2D Value Wireless Scanner K3L28AA CVE-2014-7897 OPOSScanner.ocx HISTORY Version:1 (rev.1) - 4 March 2015 Initial release Version:2 (rev.2) - 20 March 2015 Corrected and clarified download instructions Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iEYEARECAAYFAlUMUjIACgkQ4B86/C0qfVkuCwCcC+h95jOOyvg4mWsqhdPSXYbV 9wEAniU7Opjr4sXaxMR+P0nqd3A6n+Zu =CQuO -----END PGP SIGNATURE-----

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMICR.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2512. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the Open method in OPOSMICR.ocx. By supplying an overly long string to this method, an attacker can exploit this condition to achieve code execution under the context of the browser process. Attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04583185 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04583185 Version: 2 HPSBHF03279 rev.2 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. These vulnerabilities could be remotely exploited resulting in execution of code. References: CVE-2014-7888 (ZDI-CAN-2512, SSRT101696) CVE-2014-7889 (ZDI-CAN-2511, SSRT101695) CVE-2014-7890 (ZDI-CAN-2510, SSRT101694) CVE-2014-7891 (ZDI-CAN-2509, SSRT101693) CVE-2014-7892 (ZDI-CAN-2508, SSRT101692) CVE-2014-7893 (ZDI-CAN-2507, SSRT101691) CVE-2014-7894 (ZDI-CAN-2506, SSRT101690) CVE-2014-7895 (ZDI-CAN-2505, SSRT101689) CVE-2014-7897 (SSRT101689) CVE-2014-7898 (SSRT101689) SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The package contains update common control objects for all of the impacted products in the table below. Download the SP70564 from the Support and Drivers site for the impacted product. Go to http://www.hp.com : Chose Support then Download Drivers Enter in your POS system name, such as product name HP rp5800 Retail System then click on Go. Choose the Appropriate OS after selecting the link for the appropriate product. The latest drivers will be in the Software - POS section. Download the OPOS Common Control Objects v1.13.003 Softpaq. HP Product Description Prod Num CVE Number, Impacted Driver Monitors HP Retail RP7 VFD Customer Display QZ701AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Retail Integrated 2x20 Display G6U79AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Retail Integrated 2x20 Complex G7G29AA / AT CVE-2014-7889 OPOSLineDisplay.ocx Printers HP PUSB Thermal Receipt Printer ALL FK224AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP SerialUSB Thermal Receipt Printer BM476AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Hybrid POS Printer with MICR US FK184AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Value PUSB Receipt Printer F7M67AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Value Serial/USB Receipt Printer ALL F7M66AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx Cash Drawers HP USB Standard Duty Cash Drawer E8E45AA / AT CVE-2014-7895 OPOSCashDrawer.ocx MSR HP Mini MSR FK186AA / AT CVE-2014-7892 OPOSMSR.ocx HP Retail Integrated Dual-Head MSR QZ673AA / AT CVE-2014-7892 OPOSMSR.ocx HP Integrated Single Head MSR w/o SRED J1A33AA / AT CVE-2014-7892 OPOSMSR.ocx HP Integrated Single Head w/o MSR SRED J1A34AA / AT CVE-2014-7892 OPOSMSR.ocx HP RP7 Single Head MSR w/o SRED K1K15AA/AT CVE-2014-7892 OPOSMSR.ocx Keyboards HP POS Keyboard FK221AA / AT CVE-2014-7891 OPOSPOSKeyboard.ocx CVE-2014-7892 OPOSMSR.ocx CVE-2014-7890 OPOSToneIndicator.ocx HP POS Keyboard with MSR FK218AA / AT CVE-2014-7891 OPOSPOSKeyboard.ocx CVE-2014-7892 OPOSMSR.ocx CVE-2014-7890 OPOSToneIndicator.ocx Pole Displays POS Pole Display FK225AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Graphical POS Pole Display QZ704AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP LCD Pole Display F7A93AA / AT CVE-2014-7889 OPOSLineDisplay.ocx Scanners HP Imaging Barcode Scanner BW868AA / AT CVE-2014-7897 OPOSScanner.ocx HP Linear Barcode Scanner QY405AA / AT CVE-2014-7897 OPOSScanner.ocx HP Presentation Barcode Scanner QY439AA / AT CVE-2014-7897 OPOSScanner.ocx HP Retail Integrated Barcode Scanner E1L07AA / AT CVE-2014-7897 OPOSScanner.ocx HP Wireless Barcode Scanner E6P34AA / AT CVE-2014-7897 OPOSScanner.ocx HP 2D Value Wireless Scanner K3L28AA CVE-2014-7897 OPOSScanner.ocx HISTORY Version:1 (rev.1) - 4 March 2015 Initial release Version:2 (rev.2) - 20 March 2015 Corrected and clarified download instructions Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iEYEARECAAYFAlUMUjIACgkQ4B86/C0qfVkuCwCcC+h95jOOyvg4mWsqhdPSXYbV 9wEAniU7Opjr4sXaxMR+P0nqd3A6n+Zu =CQuO -----END PGP SIGNATURE-----

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCheckScanner.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2507. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the Open method in OPOSCheckScanner.ocx. By supplying an overly long string to this method, an attacker can exploit this condition to achieve code execution under the context of the browser process. Attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04583185 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04583185 Version: 2 HPSBHF03279 rev.2 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. These vulnerabilities could be remotely exploited resulting in execution of code. References: CVE-2014-7888 (ZDI-CAN-2512, SSRT101696) CVE-2014-7889 (ZDI-CAN-2511, SSRT101695) CVE-2014-7890 (ZDI-CAN-2510, SSRT101694) CVE-2014-7891 (ZDI-CAN-2509, SSRT101693) CVE-2014-7892 (ZDI-CAN-2508, SSRT101692) CVE-2014-7893 (ZDI-CAN-2507, SSRT101691) CVE-2014-7894 (ZDI-CAN-2506, SSRT101690) CVE-2014-7895 (ZDI-CAN-2505, SSRT101689) CVE-2014-7897 (SSRT101689) CVE-2014-7898 (SSRT101689) SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The package contains update common control objects for all of the impacted products in the table below. Download the SP70564 from the Support and Drivers site for the impacted product. Go to http://www.hp.com : Chose Support then Download Drivers Enter in your POS system name, such as product name HP rp5800 Retail System then click on Go. Choose the Appropriate OS after selecting the link for the appropriate product. The latest drivers will be in the Software - POS section. Download the OPOS Common Control Objects v1.13.003 Softpaq. HP Product Description Prod Num CVE Number, Impacted Driver Monitors HP Retail RP7 VFD Customer Display QZ701AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Retail Integrated 2x20 Display G6U79AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Retail Integrated 2x20 Complex G7G29AA / AT CVE-2014-7889 OPOSLineDisplay.ocx Printers HP PUSB Thermal Receipt Printer ALL FK224AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP SerialUSB Thermal Receipt Printer BM476AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Hybrid POS Printer with MICR US FK184AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Value PUSB Receipt Printer F7M67AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Value Serial/USB Receipt Printer ALL F7M66AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx Cash Drawers HP USB Standard Duty Cash Drawer E8E45AA / AT CVE-2014-7895 OPOSCashDrawer.ocx MSR HP Mini MSR FK186AA / AT CVE-2014-7892 OPOSMSR.ocx HP Retail Integrated Dual-Head MSR QZ673AA / AT CVE-2014-7892 OPOSMSR.ocx HP Integrated Single Head MSR w/o SRED J1A33AA / AT CVE-2014-7892 OPOSMSR.ocx HP Integrated Single Head w/o MSR SRED J1A34AA / AT CVE-2014-7892 OPOSMSR.ocx HP RP7 Single Head MSR w/o SRED K1K15AA/AT CVE-2014-7892 OPOSMSR.ocx Keyboards HP POS Keyboard FK221AA / AT CVE-2014-7891 OPOSPOSKeyboard.ocx CVE-2014-7892 OPOSMSR.ocx CVE-2014-7890 OPOSToneIndicator.ocx HP POS Keyboard with MSR FK218AA / AT CVE-2014-7891 OPOSPOSKeyboard.ocx CVE-2014-7892 OPOSMSR.ocx CVE-2014-7890 OPOSToneIndicator.ocx Pole Displays POS Pole Display FK225AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Graphical POS Pole Display QZ704AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP LCD Pole Display F7A93AA / AT CVE-2014-7889 OPOSLineDisplay.ocx Scanners HP Imaging Barcode Scanner BW868AA / AT CVE-2014-7897 OPOSScanner.ocx HP Linear Barcode Scanner QY405AA / AT CVE-2014-7897 OPOSScanner.ocx HP Presentation Barcode Scanner QY439AA / AT CVE-2014-7897 OPOSScanner.ocx HP Retail Integrated Barcode Scanner E1L07AA / AT CVE-2014-7897 OPOSScanner.ocx HP Wireless Barcode Scanner E6P34AA / AT CVE-2014-7897 OPOSScanner.ocx HP 2D Value Wireless Scanner K3L28AA CVE-2014-7897 OPOSScanner.ocx HISTORY Version:1 (rev.1) - 4 March 2015 Initial release Version:2 (rev.2) - 20 March 2015 Corrected and clarified download instructions Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iEYEARECAAYFAlUMUjIACgkQ4B86/C0qfVkuCwCcC+h95jOOyvg4mWsqhdPSXYbV 9wEAniU7Opjr4sXaxMR+P0nqd3A6n+Zu =CQuO -----END PGP SIGNATURE-----

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSScanner.ocx for Imaging Barcode scanners, Linear Barcode scanners, Presentation Barcode scanners, Retail Integrated Barcode scanners, Wireless Barcode scanners, and 2D Value Wireless scanners. HP Point of Sale PCs running Windows with OPOS Drivers are prone to multiple arbitrary code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. HP Point of Sale PCs running OPOS drivers prior to 1.13.003 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04583185 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04583185 Version: 2 HPSBHF03279 rev.2 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. These vulnerabilities could be remotely exploited resulting in execution of code. References: CVE-2014-7888 (ZDI-CAN-2512, SSRT101696) CVE-2014-7889 (ZDI-CAN-2511, SSRT101695) CVE-2014-7890 (ZDI-CAN-2510, SSRT101694) CVE-2014-7891 (ZDI-CAN-2509, SSRT101693) CVE-2014-7892 (ZDI-CAN-2508, SSRT101692) CVE-2014-7893 (ZDI-CAN-2507, SSRT101691) CVE-2014-7894 (ZDI-CAN-2506, SSRT101690) CVE-2014-7895 (ZDI-CAN-2505, SSRT101689) CVE-2014-7897 (SSRT101689) CVE-2014-7898 (SSRT101689) SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The package contains update common control objects for all of the impacted products in the table below. Download the SP70564 from the Support and Drivers site for the impacted product. Go to http://www.hp.com : Chose Support then Download Drivers Enter in your POS system name, such as product name HP rp5800 Retail System then click on Go. Choose the Appropriate OS after selecting the link for the appropriate product. The latest drivers will be in the Software - POS section. Download the OPOS Common Control Objects v1.13.003 Softpaq. HP Product Description Prod Num CVE Number, Impacted Driver Monitors HP Retail RP7 VFD Customer Display QZ701AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Retail Integrated 2x20 Display G6U79AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Retail Integrated 2x20 Complex G7G29AA / AT CVE-2014-7889 OPOSLineDisplay.ocx Printers HP PUSB Thermal Receipt Printer ALL FK224AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP SerialUSB Thermal Receipt Printer BM476AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Hybrid POS Printer with MICR US FK184AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Value PUSB Receipt Printer F7M67AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Value Serial/USB Receipt Printer ALL F7M66AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx Cash Drawers HP USB Standard Duty Cash Drawer E8E45AA / AT CVE-2014-7895 OPOSCashDrawer.ocx MSR HP Mini MSR FK186AA / AT CVE-2014-7892 OPOSMSR.ocx HP Retail Integrated Dual-Head MSR QZ673AA / AT CVE-2014-7892 OPOSMSR.ocx HP Integrated Single Head MSR w/o SRED J1A33AA / AT CVE-2014-7892 OPOSMSR.ocx HP Integrated Single Head w/o MSR SRED J1A34AA / AT CVE-2014-7892 OPOSMSR.ocx HP RP7 Single Head MSR w/o SRED K1K15AA/AT CVE-2014-7892 OPOSMSR.ocx Keyboards HP POS Keyboard FK221AA / AT CVE-2014-7891 OPOSPOSKeyboard.ocx CVE-2014-7892 OPOSMSR.ocx CVE-2014-7890 OPOSToneIndicator.ocx HP POS Keyboard with MSR FK218AA / AT CVE-2014-7891 OPOSPOSKeyboard.ocx CVE-2014-7892 OPOSMSR.ocx CVE-2014-7890 OPOSToneIndicator.ocx Pole Displays POS Pole Display FK225AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Graphical POS Pole Display QZ704AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP LCD Pole Display F7A93AA / AT CVE-2014-7889 OPOSLineDisplay.ocx Scanners HP Imaging Barcode Scanner BW868AA / AT CVE-2014-7897 OPOSScanner.ocx HP Linear Barcode Scanner QY405AA / AT CVE-2014-7897 OPOSScanner.ocx HP Presentation Barcode Scanner QY439AA / AT CVE-2014-7897 OPOSScanner.ocx HP Retail Integrated Barcode Scanner E1L07AA / AT CVE-2014-7897 OPOSScanner.ocx HP Wireless Barcode Scanner E6P34AA / AT CVE-2014-7897 OPOSScanner.ocx HP 2D Value Wireless Scanner K3L28AA CVE-2014-7897 OPOSScanner.ocx HISTORY Version:1 (rev.1) - 4 March 2015 Initial release Version:2 (rev.2) - 20 March 2015 Corrected and clarified download instructions Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iEYEARECAAYFAlUMUjIACgkQ4B86/C0qfVkuCwCcC+h95jOOyvg4mWsqhdPSXYbV 9wEAniU7Opjr4sXaxMR+P0nqd3A6n+Zu =CQuO -----END PGP SIGNATURE-----

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSPOSPrinter.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the Open method in OPOSPOSPrinter.ocx. By supplying an overly long string to this method, an attacker can exploit this condition to achieve code execution under the context of the browser process. Attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04583185 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04583185 Version: 2 HPSBHF03279 rev.2 - HP Point of Sale PCs Running Windows with OPOS Drivers, Remote Execution of Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. These vulnerabilities could be remotely exploited resulting in execution of code. References: CVE-2014-7888 (ZDI-CAN-2512, SSRT101696) CVE-2014-7889 (ZDI-CAN-2511, SSRT101695) CVE-2014-7890 (ZDI-CAN-2510, SSRT101694) CVE-2014-7891 (ZDI-CAN-2509, SSRT101693) CVE-2014-7892 (ZDI-CAN-2508, SSRT101692) CVE-2014-7893 (ZDI-CAN-2507, SSRT101691) CVE-2014-7894 (ZDI-CAN-2506, SSRT101690) CVE-2014-7895 (ZDI-CAN-2505, SSRT101689) CVE-2014-7897 (SSRT101689) CVE-2014-7898 (SSRT101689) SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The package contains update common control objects for all of the impacted products in the table below. Download the SP70564 from the Support and Drivers site for the impacted product. Go to http://www.hp.com : Chose Support then Download Drivers Enter in your POS system name, such as product name HP rp5800 Retail System then click on Go. Choose the Appropriate OS after selecting the link for the appropriate product. The latest drivers will be in the Software - POS section. Download the OPOS Common Control Objects v1.13.003 Softpaq. HP Product Description Prod Num CVE Number, Impacted Driver Monitors HP Retail RP7 VFD Customer Display QZ701AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Retail Integrated 2x20 Display G6U79AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Retail Integrated 2x20 Complex G7G29AA / AT CVE-2014-7889 OPOSLineDisplay.ocx Printers HP PUSB Thermal Receipt Printer ALL FK224AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP SerialUSB Thermal Receipt Printer BM476AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Hybrid POS Printer with MICR US FK184AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Value PUSB Receipt Printer F7M67AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx HP Value Serial/USB Receipt Printer ALL F7M66AA / AT CVE-2014-7895 OPOSCashDrawer.ocx CVE-2014-7894 OPOSPOSPrinter.ocx CVE-2014-7888 OPOSMICR.ocx CVE-2014-7893 OPOSCheckScanner.ocx Cash Drawers HP USB Standard Duty Cash Drawer E8E45AA / AT CVE-2014-7895 OPOSCashDrawer.ocx MSR HP Mini MSR FK186AA / AT CVE-2014-7892 OPOSMSR.ocx HP Retail Integrated Dual-Head MSR QZ673AA / AT CVE-2014-7892 OPOSMSR.ocx HP Integrated Single Head MSR w/o SRED J1A33AA / AT CVE-2014-7892 OPOSMSR.ocx HP Integrated Single Head w/o MSR SRED J1A34AA / AT CVE-2014-7892 OPOSMSR.ocx HP RP7 Single Head MSR w/o SRED K1K15AA/AT CVE-2014-7892 OPOSMSR.ocx Keyboards HP POS Keyboard FK221AA / AT CVE-2014-7891 OPOSPOSKeyboard.ocx CVE-2014-7892 OPOSMSR.ocx CVE-2014-7890 OPOSToneIndicator.ocx HP POS Keyboard with MSR FK218AA / AT CVE-2014-7891 OPOSPOSKeyboard.ocx CVE-2014-7892 OPOSMSR.ocx CVE-2014-7890 OPOSToneIndicator.ocx Pole Displays POS Pole Display FK225AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP Graphical POS Pole Display QZ704AA / AT CVE-2014-7889 OPOSLineDisplay.ocx HP LCD Pole Display F7A93AA / AT CVE-2014-7889 OPOSLineDisplay.ocx Scanners HP Imaging Barcode Scanner BW868AA / AT CVE-2014-7897 OPOSScanner.ocx HP Linear Barcode Scanner QY405AA / AT CVE-2014-7897 OPOSScanner.ocx HP Presentation Barcode Scanner QY439AA / AT CVE-2014-7897 OPOSScanner.ocx HP Retail Integrated Barcode Scanner E1L07AA / AT CVE-2014-7897 OPOSScanner.ocx HP Wireless Barcode Scanner E6P34AA / AT CVE-2014-7897 OPOSScanner.ocx HP 2D Value Wireless Scanner K3L28AA CVE-2014-7897 OPOSScanner.ocx HISTORY Version:1 (rev.1) - 4 March 2015 Initial release Version:2 (rev.2) - 20 March 2015 Corrected and clarified download instructions Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iEYEARECAAYFAlUMUjIACgkQ4B86/C0qfVkuCwCcC+h95jOOyvg4mWsqhdPSXYbV 9wEAniU7Opjr4sXaxMR+P0nqd3A6n+Zu =CQuO -----END PGP SIGNATURE-----

The Authentication Proxy feature in Cisco IOS does not properly handle invalid AAA return codes from RADIUS and TACACS+ servers, which allows remote attackers to bypass authentication in opportunistic circumstances via a connection attempt that triggers an invalid code, as demonstrated by a connection attempt with a blank password, aka Bug IDs CSCuo09400 and CSCun16016. Cisco IOS is an operating system developed by Cisco Systems for its network devices. A remote attacker could exploit the vulnerability to bypass authentication by sending a specially crafted connection request. This may lead to further attacks. This issue is tracked by Cisco Bug IDs CSCuo09400 and CSCun16016

Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary code, by leveraging administrative privileges, aka Bug ID CSCuj83189. Cisco Secure Access Control Server is prone to a remote code-execution vulnerability. Remote attackers can exploit this issue to execute arbitrary code or cause the ACS web interface unreachable. This issue being tracked by Cisco Bug ID CSCuj83189

Stack-based buffer overflow in the PmBase64Decode function in an unspecified demonstration application in MICROSYS PROMOTIC stable before 8.2.19 and PROMOTIC development before 8.3.2 allows remote attackers to execute arbitrary code by providing a large amount of data. Authentication is not required to exploit this vulnerability.The program blindly copies attacker-supplied data into a fixed-sized buffer without validating the length of this data resulting in a stack buffer overflow. The specific flaw exists within the PmBase64Decode function which ignores the passed-in length of the destination buffer. An attacker can exploit this condition to achieve code execution under the context of the process. MICROSYS PROMOTIC is a SCADA software. Failed exploit attempts will result in a denial-of-service condition

Cross-site scripting (XSS) vulnerability in the login page in Cisco Network Analysis Module (NAM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCum81269. Vendors have confirmed this vulnerability Bug ID CSCum81269 It is released as.By any third party Web Script or HTML May be inserted. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCum81269

The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp. D-Link and TRENDnet The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The D-Link DIR-636L is a router device. The D-Link DIR636L has remote command injection and verification bypass vulnerabilities that allow an attacker to execute arbitrary commands or bypass the authentication mechanism to fully control the affected device. D-Link DIR-636L is prone to a command-injection vulnerability and an authentication bypass vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. Multiple Dlink products are prone to multiple security vulnerabilities. The ping tool in several D-Link and TRENDnet devices has a security vulnerability. The following products and versions are affected: D-Link DIR-626L (Rev A) Version 1.04b04; D-Link DIR-636L (Rev A) Version 1.04; D-Link DIR-808L (Rev A) Version 1.03b05; D- Link DIR-810L (Rev A) Rev. 1.01b04; D-Link DIR-810L (Rev B) Rev. 2.02b01; D-Link DIR-820L (Rev A) Rev. 1.02B10; D-Link DIR-820L (Rev A) D-Link DIR-820L (Rev B) Rev 2.01b02; D-Link DIR-826L (Rev A) Rev 1.00b23; D-Link DIR-830L (Rev A) Rev 1.00b07; D-Link DIR -836L (Rev A) Version 1.01b03; TRENDnet TEW-731BR (Rev 2) Version 2.01b01

Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbitrary code with root privileges by leveraging use of a static encryption key to create session tokens. Seagate Business Storage 2-Bay NAS is prone to a remote-code-execution vulnerability. Failed exploit attempts will cause a denial-of-service condition

Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID's CSCus74184 and CSCuv94800. Web Interaction Manager is a product that can help call center business representatives use websites and text chats or real-time Web collaboration to answer customer questions; E-mail Interaction Manager is a product used to manage a large number of customer emails submitted to corporate mailboxes or websites

npppd in the PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 Fuji routers 1.00 through 3.30, SEIL/X1 routers 3.50 through 4.70, SEIL/X2 routers 3.50 through 4.70, and SEIL/B1 routers 3.50 through 4.70 allows remote attackers to cause a denial of service (infinite loop and device hang) via a crafted SSTP packet. The PPP Access Concentrator (PPPAC) in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service (DoS) vulnerability due to a flaw in processing SSTP packets.Receiving a specially crafted SSTP packet may result in the device becoming unresponsive. There are security vulnerabilities in the npppd program in PPPAC for several SEIL routers. SEIL Series Routers are prone to a remote denial-of-service vulnerability. An attacker can leverage this issue to consume resources resulting in denial-of-service condition; denying service to legitimate users. The following products are vulnerable: SEIL/x86 Fuji 1.00 through 3.30 SEIL/X1 3.50 through 4.70 SEIL/X2 3.50 through 4.70 SEIL/B1 3.50 through 4.70. The following products and versions are affected: SEIL SEIL/x86 Fuji routers from version 1.00 to version 3.30, SEIL/X1 routers from version 3.50 to version 4.70, SEIL/X2 routers from version 3.50 to version 4.70, SEIL/B1 routers from version 3.50 to version 4.70

A cross-site scripting vulnerability was found in the online help of JP1/IT Desktop Management - Manager and Hitachi IT Operations Director. Remote users can exploit a cross-site scripting vulnerability to execute malicious scripts.

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-0607. Reason: This candidate is a duplicate of CVE-2015-0607. The wrong ID was used. Notes: All CVE users should reference CVE-2015-0607 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. ** Delete ** This case CVE-2015-0607 It was removed because it was found to be duplicated. CVE-2015-0607 Please refer to. Cisco IOS of Authentication Proxy The function is RADIUS and TACACS+ Invalid from server AAA There is a vulnerability that bypasses authentication due to improper handling of return codes. Vendors have confirmed this vulnerability Bug ID CSCuo09400 and CSCun16016 It is released as.A third party may be able to bypass authentication through connection attempts that trigger invalid code. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Cisco IOS Software is prone to an authentication-bypass vulnerability. This may lead to further attacks. This issue is tracked by Cisco Bug IDs CSCuo09400 and CSCun16016

D-Link DIR-820L is a dual-band cloud management wireless intelligent router from D-Link. TRENDnet TEW-731BR is a dual-band wireless router from TRENDnet. The following security vulnerabilities exist in various D-Link and RENDnet routers: 1. Local unauthorized vulnerabilities 2. Remote unauthorized vulnerabilities 3. Cross-site request forgery vulnerabilities. Attackers can use these vulnerabilities to perform unauthorized operations, gain unauthorized root permissions on the affected device, and take complete control of the affected device. The following products and versions are affected: D-Link DIR-820L (firmware version: Rev A) version 1.02B10, DIR-820L (firmware version: Rev A) version 1.05B03, DIR-820L (firmware version: Rev B) 2.01b02 Version; TRENDnet TEW-731BR (firmware version: Rev 2) version 2.01b01. Multiple D-Link and TRENDnet routers are prone to a local unauthenticated vulnerability, a remote unauthenticated vulnerability and a cross-site request-forgery vulnerability

Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS) and Cisco Security Manager, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq54654 and CSCun18263. Vendors have confirmed this vulnerability Bug ID CSCuq54654 and CSCun18263 It is released as.By any third party Web Script or HTML May be inserted. Cisco Security Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. These issues are being tracked by Cisco Bug IDs CSCuq54654 and CSCun18263. Cisco Common Services is a set of common management services used in network management equipment

Race condition in the Neighbor Discovery (ND) protocol implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service via a flood of Router Solicitation messages on the local network, aka Bug ID CSCuo67770. Vendors have confirmed this vulnerability Bug ID CSCuo67770 It is released as.A large amount on a local network by a third party Router Solicitation Service disruption via message (DoS) There is a possibility of being put into a state. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. A denial of service vulnerability exists in Cisco IOS/IOS XE Software that allows an attacker to initiate a denial of service attack and denial of service to legitimate users. Cisco IOS and IOS XE Software are prone to a remote denial-of-service vulnerability. Successful exploits may allow attackers to cause denial-of-service condition, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCuo67770

Cross-site request forgery (CSRF) vulnerability in the web GUI in Cisco Application Networking Manager (ANM), and Device Manager (DM) on Cisco 4710 Application Control Engine (ACE) appliances, allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo99753. Vendors have confirmed this vulnerability Bug ID CSCuo99753 It is released as.A third party may be able to hijack the authentication of any user. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. This issue is being tracked by Cisco Bug ID's CSCuo99753 and CSCul84792

Cross-site scripting (XSS) vulnerability in the theme login page in Fortinet FortiADC D models before 4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Versions prior to FortiADC-D 4.2 are vulnerable. Fortinet FortiADC is an application delivery controller from Fortinet, which optimizes network availability, user experience, mobile performance and cloud-based enterprise application control, and enhances server efficiency and reduces data center network complexity. sex and cost. D is one of the modules