Condorlab

CISCO – Denial of Servicies

Advisory ID RSN-NS-0004 Vulnerability Information Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted L2TP packet, aka Bug IDs CSCsw95722 and ...

SOLARWINDS – SQL Injection

Advisory ID RSN-NS-0002 Vulnerability Information Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor (NPM...

ASTERISK – Denial of Servicies

Advisory ID RSN-NS-0010 Vulnerability Information ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 before 11.6-cert8 does not properly handle state changes, which allows remote attackers to cause a denial of service (...

ASTERISK – Remote Code Excecution

Advisory ID RSN-NS-0014 Vulnerability Information htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute a...

MICROSOFT – Denial of Servicies

Advisory ID RSN-NS-0006 Vulnerability Information The Server in Microsoft Lync Server 2013 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon hang) via a crafted request, aka 'Lync Denial of Service V...

FORFONE – Man in the Middle

Advisory ID RSN-NS-0001 Vulnerability Information The forfone: Free Calls & Messages (aka com.forfone.sip) forfone application 1.5.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers...

CISCO – Execute Arbitrary Commands

Advisory ID RSN-NS-0003 Vulnerability Information Cisco TelePresence TC Software 4.x and 5.x before 5.1.7 and 6.x before 6.0.1 and TE Software 4.x and 6.0 allow remote authenticated users to execute arbitrary commands by using the commands...

ASTERISK – Denial of Servicies

Advisory ID RSN-NS-0013 Vulnerability Information channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.15 before 1.8.15-cert5 and 11.6 before 11.6-cer...

ASTERISK – SQL Injection

Advisory ID RSN-NS-0012 Vulnerability Information Multiple SQL injection vulnerabilities in the agent interface (agc/) in VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allow (1) remote attackers to execute ar...

CISCO – Denial of Servicies

Advisory ID RSN-NS-0005 Vulnerability Information The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3...