RESELLER | LOGIN
← Volte para a página principal
N-Stalker Latest Updates

F5 FirePass Vulnerabilities and multiple updates

By N-Stalker Team on June 24, 2008

N-Stalker has made available the latest database update for its Web Application Security Assessment Products.

You will be able to download it automatically in the following versions:

  • N-Stalker Web Application Security Scanner 2006 (Enterprise, QA and Infrastructure Edition)
    • WSI Update (N-Stalker Update Manager)
  • N-Stealth HTTP Security Scanner (not updated)

You should be able to receive it automatically next time you execute the scanner.

If you prefer to download it manually, please, use the following url: https://customer.nstalker.com.

If you need any additional assistance during this process, please, contact us at:
Web: Open new support ticket at https://customer.nstalker.com
E-mail: http://www.nstalker.com/about/contact (24hs) or
Phone: +55-11-3675-7093 (9am to 18pm GMT-0300)

This release has included the following vulnerabilities:

  • eLineStudio Site Composer 2.6 AnsFAQ.ASP TOPIC Parameter Cross-Site Scripting Vulnerability
  • eLineStudio Site Composer 2.6 AnsFAQ.ASP SQL Injection Vulnerability
  • eLineStudio Site Composer 2.6 Login.ASP Cross-Site Scripting Vulnerability
  • eLineStudio Site Composer 2.6 AnsFAQ.ASP BUTTON Parameter Cross-Site Scripting Vulnerability
  • OpenDocMan 1.2.5 Out.PHP Cross-Site Scripting Vulnerability
  • yvComment Joomla! Component 1.16 ARTICLEID Parameter SQL Injection Vulnerability [CVE-2008-2692]
  • DIY Index_Topic.PHP SQL Injection Vulnerability
  • Open Azimyt CMS 0.22 Lang-System.PHP Local File Include Vulnerability
  • SimpleNotes Snoteindex.PHP ROOTID Parameter Cross Site Scripting Vulnerability
  • SimpleNotes Snoteform.PHP MOVEWHAT Parameter Cross Site Scripting Vulnerability
  • SimpleNotes Snoteform.PHP MAXLEVEL Parameter Cross Site Scripting Vulnerability
  • SimpleNotes Snoteform.PHP SNOTEID Parameter Cross Site Scripting Vulnerability
  • SimpleNotes Snoteform.PHP ROOTID Parameter Cross Site Scripting Vulnerability
  • SimpleNotes Snoteindex.PHP MOVEWHAT Parameter Cross Site Scripting Vulnerability
  • SimpleNotes Snoteindex.PHP MAXLEVEL Parameter Cross Site Scripting Vulnerability
  • SimpleNotes Snoteindex.PHP SNOTEID Parameter Cross Site Scripting Vulnerability
  • NITRO Web Gallery 1.43 Albums.PHP SQL Injection Vulnerability
  • MyMarket 1.72 Index.PHP SQL Injection Vulnerability
  • TorrentTrader Classic Edition 1.08 Account-Signup.PHP WANTUSERNAME Parameter SQL Injection Vulnerability [CVE-2008-2428]
  • TorrentTrader Classic Edition 1.08 Account-Signup.PHP EMAIL Parameter SQL Injection Vulnerability [CVE-2008-2428]
  • TorrentTrader Classic Edition 1.08 Account-Inbox.PHP SQL Injection Vulnerability [CVE-2008-2428]
  • KEIL Software photokorn 1.542 Index.PHP SQL Injection Vulnerability
  • Easy Webstore 1.2 Index.PHP SQL Injection Vulnerability
  • nweb2fax 0.2.7 Comm.PHP Local File Include Vulnerability
  • nweb2fax 0.2.7 Viewrq.PHP Local File Include Vulnerability
  • Carscripts Classifieds Index.PHP SQL Injection Vulnerability
  • BoatScripts Classifieds Index.PHP SQL Injection Vulnerability
  • MyBizz-Classifieds Index.PHP SQL Injection Vulnerability
  • doITlive CMS 2.50 Showmedia.ASP Cross-Site Scripting Vulnerability
  • doITlive CMS 2.50 Default.ASP SQL Injection Vulnerability
  • Oxygen 2.0 Post.PHP SQL Injection Vulnerability
  • Devalcms 1.4a Index.PHP PASSWD Local File Include Vulnerability
  • Devalcms 1.4a Index.PHP BOOT.INI Local File Include Vulnerability
  • Advanced Webhost Billing System 2.7.1 News.PHP SQL Injection Vulnerability
  • EZTechhelp Company EZCMS 1.2 Index.PHP SQL Injection Vulnerability
  • PHPeasyblog 1.13 Newsarchive.PHP SQL Injection Vulnerability
  • WallCity-Server: Shoutcast Admin Panel 2.0 Index.PHP Local File Include Vulnerability
  • AlstraSoft AskMe Pro 2.1 Forum_Answer.PHP SQL Injection Vulnerability
  • AlstraSoft AskMe Pro 2.1 Profile.PHP SQL Injection Vulnerability
  • Application Dynamics Cartweaver PHP 3.0.10 Details.PHP SQL Injection Vulnerability
  • Conkurent PHPMyCart 1.3 Shop.PHP SQL Injection Vulnerability
  • Haudenschilt Family Connections 1.4 Home.PHP SQL Injection Vulnerability
  • Haudenschilt Family Connections 1.4 Familynews.PHP SQL Injection Vulnerability
  • Haudenschilt Family Connections 1.4 Addressbook.PHP SQL Injection Vulnerability
  • Contenido CMS 4.8.4 Backend_Search.PHP Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Include.Right_Top.PHP [RIGHT_TOP_BLANK] Parameter Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Include.Right_Top.PHP [CONTENIDO] Parameter Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Include.Newsletter_Jobs_Subnav.PHP [CONTENIDO] Parameter Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Include.Newsletter_Jobs_Subnav.PHP [RIGHT_TOP_BLANK] Parameter Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Include.Right_Top.PHP Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Include.Newsletter_Jobs_Subnav.PHP Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Setfrontenduserstate.PHP Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Session_Cleanup.PHP Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Send_Reminder.PHP Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Run_Newsletter_Job.PHP Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Optimize_Database.PHP Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Move_Old_Stats.PHP Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Move_Articles.PHP Remote File Include Vulnerability
  • Contenido CMS 4.8.4 Index.PHP Cross Site Scripting Vulnerability
  • Pre Job Board 1.0 JobSearch.PHP SQL Injection Vulnerability
  • Mambo Cache_Lite 1.1 Output.PHP Remote File Include Vulnerability
  • Gryphon gllcTS2 4.2.4 Listing.PHP DETAIL Parameter SQL Injection Vulnerability
  • Sun Glassfish HttpListenerEdit.JSF Cross Site Scripting Vulnerability
  • FacilCMS 0.1 Modules.PHP Local File Include Vulnerability
  • FacilCMS 0.1 Index.PHP Local File Include Vulnerability
  • Gravity Board X Index.PHP BOARD_ID Parameter SQL Injection Vulnerability
  • Gravity Board X Index.PHP SEARCHQUERY Parameter SQL Injection Vulnerability
  • JAMM CMS ID Parameter SQL Injection Vulnerability
  • Pooya Site Builder 6.0 GetXsl.ASPX SQL Injection Vulnerability
  • Pooya Site Builder 6.0 GetXml.ASPX SQL Injection Vulnerability
  • Pooya Site Builder 6.0 GetXls.ASPX SQL Injection Vulnerability
  • MycroCMS 0.5 ENTRY_ID Parameter SQL Injection Vulnerability
  • Gryphon gllcTS2 4.2.4 Listing.PHP SORT Parameter SQL Injection Vulnerability
  • PHP JOBWEBSITE PRO JobSearch3.PHP SQL Injection Vulnerability
  • E-SMART CART Productsofcat.ASP SQL Injection Vulnerability
  • WebChamado 1.1 Lista_Anexos.PHP SQL Injection Vulnerability
  • Pre News Manager 1.0 Index.PHP Parameter SQL Injection Vulnerability
  • Pre ADS Portal 2.0 Showcategory.PHP SQL Injection Vulnerability
  • Pre ADS Portal 2.0 Software-Description.PHP SQL Injection Vulnerability
  • Joomla! and Mambo galleries Component 1.0 AID Parameter SQL Injection Vulnerability
  • vBulletin 3.7.1 REDIRECT Parameter Cross-Site Scripting Vulnerability
  • Butterfly Organizer 2.0 Category-Delete.PHP Data Deletion Vulnerability
  • Butterfly Organizer 2.0 Delete.PHP Data Deletion Vulnerability
  • Butterfly Organizer 2.0 View.PHP SQL Injection Vulnerability
  • Butterfly Organizer 2.0 Module-Contacts.PHP Cross-Site Scripting Vulnerability
  • Butterfly Organizer 2.0 View.PHP Cross-Site Scripting Vulnerability
  • Butterfly Organizer 2.0 View.PHP Cross-Site Scripting Vulnerability
  • Butterfly Organizer 2.0 Viewdb2.PHP Cross-Site Scripting Vulnerability
  • Flat Calendar 1.1 DeleteEvent.PHP Authentication Bypass Vulnerability
  • Flat Calendar 1.1 Add.PHP Authentication Bypass Vulnerability
  • eFiction 3.0 Toplist.PHP SQL Injection Vulnerability
  • PHPEasyData 1.5.4 Annuaire.PHP ANNUAIRE Parameter Cross-Site Scripting Vulnerability
  • PHPEasyData 1.5.4 Login.PHP SQL Injection Vulnerability
  • PHPEasyData 1.5.4 Annuaire.PHP ANNUAIRE Parameter SQL Injection Vulnerability
  • PHPEasyData 1.5.4 Annuaire.PHP BY Parameter Cross-Site Scripting Vulnerability
  • PHPEasyData 1.5.4 Annuaire.PHP CAT_ID Parameter Cross-Site Scripting Vulnerability
  • PHPEasyData 1.5.4 Last_Records.PHP Cross-Site Scripting Vulnerability
  • Noticia Portal Detalle_Noticia.PHP SQL Injection Vulnerability
  • FOG Forum 0.8.1 Index.PHP FOG_LANG Parameter Local File Include Vulnerability
  • FOG Forum 0.8.1 Index.PHP FOG_SKIN Parameter Local File Include Vulnerability
  • TNT Forum Index.PHP PASSWD Local File Include Vulnerability
  • TNT Forum 0.9.4 Index.PHP BOOT.INI Local File Include Vulnerability
  • SyndeoCMS 2.5.1 Index.PHP EDIT_ARTICLE Parameter Local File Include Vulnerability
  • SyndeoCMS 2.5.1 Index.PHP SECTION Parameter Cross Site Scripting Vulnerability
  • SyndeoCMS 2.5.1 Studenteditor.PHP Local File Include Vulnerability
  • SyndeoCMS 2.5.1 Index.PHP EDIT_NEWSLETTER Parameter Local File Include Vulnerability
  • ASPPortal Reply.ASP SQL Injection Vulnerability
  • ASP News Management 2.2 Viewnews.ASP SQL Injection Vulnerability
  • Experts 1.0 Answer.PHP SQL Injection Vulnerability
  • Hot Links SQL-PHP Search.PHP Cross Site Scripting Vulnerability
  • Hot Links SQL-PHP Reviews.PHP Cross Site Scripting Vulnerability
  • Hot Links SQL-PHP Report.PHP Cross Site Scripting Vulnerability
  • Insanely Simple Blog 0.5 Index.PHP TERM Parameter SQL Injection Vulnerability [CVE-2008-2670]
  • Insanely Simple Blog 0.5 Index.PHP ID Parameter SQL Injection Vulnerability [CVE-2008-2670]
  • Insanely Simple Blog 0.5 Index.PHP CURRENT_SUBSECTION Parameter SQL Injection Vulnerability [CVE-2008-2670]
  • yblog 0.2.2.2 Search.PHP SQL Injection Vulnerability [CVE-2008-2669]
  • yblog 0.2.2.2 Uss.PHP SQL Injection Vulnerability [CVE-2008-2669]
  • yblog 0.2.2.2 User.PHP SQL Injection Vulnerability [CVE-2008-2669]
  • yblog 0.2.2.2 Search.PHP Cross-Site Scripting Vulnerability [CVE-2008-2668]
  • yblog 0.2.2.2 Uss.PHP Cross-Site Scripting Vulnerability [CVE-2008-2668]
  • yblog 0.2.2.2 User.PHP Cross-Site Scripting Vulnerability [CVE-2008-2668]
  • ErfurtWiki R1.02b Css.PHP EWIKI_ID Parameter Local File Include Vulnerability [CVE-2008-2672]
  • ErfurtWiki R1.02b Css.PHP EWIKI_ACTION Parameter Local File Include Vulnerability [CVE-2008-2672]
  • ErfurtWiki R1.02b Ewiki.PHP Local File Include Vulnerability [CVE-2008-2672]
  • DCFM Blog 0.9.4 Comments.PHP SQL Injection Vulnerability [CVE-2008-2671]
  • Tornado Knowledge Retrieval System 4.2 P Parameter Cross Site Scripting Vulnerability
  • Rapid-Source Rapid-Recipe 1.6.7 Joomla! Component RECIPE_ID Parameter SQL Injection Vulnerability
  • Flux CMS 1.5 Loadsave.PHP Arbitrary File Overwrite Vulnerability
  • Realm CMS 2.3 Inc_Routines.ASP SQL Injection Vulnerability [CVE-2008-2679]
  • Realm CMS 2.3 Inc_Routines.ASP SQL Injection Vulnerability [CVE-2008-2681]
  • Realm CMS 2.3 Compact.ASP CMPCTEDDB Parameter Cross-Site Scripting Vulnerability [CVE-2008-2680]
  • Realm CMS 2.3 Compact.ASP BOYUT Parameter Cross-Site Scripting Vulnerability [CVE-2008-2680]
  • pNews 2.08 Index.PHP SQL Injection Vulnerability [CVE-2008-2673]
  • ASPilot Pilot Cart 7.3 Pilot.ASP SQL Injection Vulnerability
  • Telephone Directory 2008 Edit1.PHP Cross-Site Scripting Vulnerability [CVE-2008-2677]
  • Telephone Directory 2008 View_More.PHP SQL Injection Vulnerability [CVE-2008-2678]
  • Telephone Directory 2008 Edit1.PHP SQL Injection Vulnerability [CVE-2008-2678]
  • miniCWB 2.1.1 Connector.PHP _SERVER Parameter Cross-Site Scripting Vulnerability
  • miniCWB 2.1.1 Connector.PHP _SESSION Parameter Cross-Site Scripting Vulnerability
  • miniCWB 2.1.1 Connector.PHP _POST Parameter Cross-Site Scripting Vulnerability
  • miniCWB 2.1.1 Connector.PHP _GET Parameter Cross-Site Scripting Vulnerability
  • ProManager 0.73 Config.PHP Local File Include Vulnerability
  • Real Estate Website 1.0 Location.ASP SQL Injection Vulnerability
  • Real Estate Website 1.0 Location.ASP Cross-Site Scripting Vulnerability
  • NextGEN Gallery WordPress Plugin 0.96 Admin.PHP HTML Injection Vulnerability
  • iJoomla News Portal Component 1.0 ITEMID Parameter SQL Injection Vulnerability
  • XOOPS Uploader Module 1.1 FILENAME Parameter Directory Traversal Vulnerability
  • BrowserCRM 5.2 Clients.PHP Remote File Include Vulnerability
  • Joomla! and Mambo JotLoader Component CID Parameter SQL Injection Vulnerability
  • phpInv 0.8 Entry.PHP Local File Include Vulnerability
  • phpInv 0.8 Search.PHP Cross-Site Scripting Vulnerability
  • yvComment Joomla! Component 1.16 ARTICLEID Parameter SQL Injection Vulnerability
  • Galatolo WebManager 1.0 COM Parameter Local File Include Vulnerability
  • JiRo\’s FAQ Manager eXperience 1.0 FID Parameter SQL Injection Vulnerability
  • Joomla! GameQ Component CATEGORY_ID Parameter SQL Injection Vulnerability
  • WEBalbum 2.0 Photo_Add-C.PHP HTML Injection Vulnerability
  • F5 FirePass 6.0.2.3 SSL VPN Index.PHP Cross-Site Scripting Vulnerability
  • F5 FirePass 6.0.2.3 SSL VPN Webyfiers.PHP Cross-Site Scripting Vulnerability
  • Power Phlogger 2.2.5 EdCss.PHP SQL Injection Vulnerability
  • Joomla! and Mambo Simple Shop Component 3.4 CATID Parameter SQL Injection Vulnerability
  • SamTodo 1.1 COMPLETED Parameter Cross Site Scripting Vulnerability
  • SamTodo 1.1 TID Parameter Cross Site Scripting Vulnerability
  • Phoenix View CMS Admin_Frame.PHP Local File Include Vulnerability [CVE-2008-2533]
  • Phoenix View CMS Gbuch.Admin.PHP SQL Injection Vulnerability [CVE-2008-2533]
  • Phoenix View CMS Todo.Admin.PHP SQL Injection Vulnerability [CVE-2008-2533]
  • Phoenix View CMS News.Admin.PHP SQL Injection Vulnerability [CVE-2008-2533]
  • Phoenix View CMS Menue.Admin.PHP SQL Injection Vulnerability [CVE-2008-2533]
  • Phoenix View CMS Links.Admin.PHP SQL Injection Vulnerability [CVE-2008-2533]
  • Phoenix View CMS Todo.Admin.PHP Cross-Site Scripting Vulnerability [CVE-2008-2533]
  • Phoenix View CMS News.Admin.PHP Cross-Site Scripting Vulnerability [CVE-2008-2533]
  • Phoenix View CMS Menue.Admin.PHP Cross-Site Scripting Vulnerability [CVE-2008-2533]
  • Phoenix View CMS Links.Admin.PHP Cross-Site Scripting Vulnerability [CVE-2008-2533]
  • Phoenix View CMS Gbuch.Admin.PHP Cross-Site Scripting Vulnerability [CVE-2008-2533]
  • Joomla! and Mambo Simple Shop Component 3.4 CATID Parameter SQL Injection Vulnerability [CVE-2008-2568]
  • Power Phlogger 2.5.5 EdCss.PHP SQL Injection Vulnerability [CVE-2008-2562]
  • 427BB 2.3.1 Register.PHP Cross-Site Scripting Vulnerability [CVE-2008-2561]
  • 427BB 2.3.1 Search.PHP Cross-Site Scripting Vulnerability [CVE-2008-2561]
  • 427BB 2.3.1 Reminder.PHP Cross-Site Scripting Vulnerability [CVE-2008-2561]
  • 427BB 2.3.1 Register.PHP Cross-Site Scripting Vulnerability [CVE-2008-2561]
  • 427BB 2.3.1 Search.PHP Cross-Site Scripting Vulnerability [CVE-2008-2561]
  • 427BB 2.3.1 Reminder.PHP Cross-Site Scripting Vulnerability [CVE-2008-2561]
  • 427BB 2.3.1 Showpost.PHP SQL Injection Vulnerability [CVE-2008-2560]
  • Booby 1.0.1 Barrel/Template.Tpl.PHP Remote File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Barrel/Template.Tpl.PHP Local File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Text-Only/Template.Tpl.PHP Remote File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Text-Only/Template.Tpl.PHP Local File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Slashdot/Template.Tpl.PHP Remote File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Slashdot/Template.Tpl.PHP Local File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Sidebar/Template.Tpl.PHP Remote File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Sidebar/Template.Tpl.PHP Local File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Penguin/Template.Tpl.PHP Remote File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Penguin/Template.Tpl.PHP Local File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Oerdec/Template.Tpl.PHP Remote File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Oerdec/Template.Tpl.PHP Local File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Mylook/Template.Tpl.PHP Remote File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Mylook/Template.Tpl.PHP Local File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Barry/Template.Tpl.PHP Remote File Include Vulnerability [CVE-2008-2645]
  • Booby 1.0.1 Barry/Template.Tpl.PHP Local File Include Vulnerability [CVE-2008-2645]
  • QuickerSite 1.8.5 Bs_Login.ASP Authentication-Bypass Vulnerability
  • QuickerSite 1.8.5 Default.ASP SQL Injection Vulnerability
  • QuickerSite 1.8.5 Upload.ASP File Upload Vulnerability
  • QuickerSite 1.8.5 Rss.ASP Cross-Site Scripting Vulnerability
  • QuickerSite 1.8.5 Picker.ASP CCOLOR Parameter Cross-Site Scripting Vulnerability
  • QuickerSite 1.8.5 Picker.ASP PARAMCODE Parameter Cross-Site Scripting Vulnerability
  • QuickerSite 1.8.5 Default.ASP Cross-Site Scripting Vulnerability
  • QuickerSite 1.8.5 ShowThumb.ASPX Cross-Site Scripting Vulnerability
  • QuickerSite 1.8.5 MailPage.ASP Mailbombing Vulnerability
  • QuickerSite 1.8.5 Bs_Login.ASP Site Design Edition Vulnerability
  • meBiblio 0.4.7 Search_Mask.Inc.PHP Cross-Site Scripting Vulnerability [CVE-2008-2646]
  • meBiblio 0.4.7 Journal_Change_Mask.Inc.PHP SQL Injection Vulnerability [CVE-2008-2647]
  • meBiblio 0.4.7 Dbadd.Inc.PHP Cross-Site Scripting Vulnerability [CVE-2008-2646]
  • meBiblio 0.4.7 Add_Journal_Mask.Inc.PHP Cross-Site Scripting Vulnerability [CVE-2008-2646]
  • meBiblio 0.4.7 Insert_Mask.Inc.PHP Cross-Site Scripting Vulnerability [CVE-2008-2646]
  • ComicShout 2.8 News.PHP SQL Injection Vulnerability [CVE-2008-2456]
  • Novell iChain 2.3 Multiple Remote Vulnerabilities [CVE-2005-0798]
  • Novell iChain 2.2 SP2 Multiple Unspecified Potential Vulnerabilities [CVE-2005-0744]

This entry was posted in N-Stalker Latest Updates. Bookmark the permalink.
Products
About N-Stalker
Contact

Rua Monte Alegre, 61 - cj 81
Sao Paulo, BRA, 05014-000
BRA Phone: +55-11-3868-1997
Contact us