Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: SiteMinder Multiple Vulnerabilities
From: Tero Hänninen <tero () betabyte net>
Date: Mon, 11 Jul 2005 19:26:12 +0200
On Fri, 2005-07-08 at 14:03 +0000, c0ntexb () gmail com wrote:

 /*
  *****************************************************************************************************************
  $ An open security advisory #10 - Siteminder v5.5 Vulnerabilities
  *****************************************************************************************************************
  1: Bug Researcher: c0ntex - c0ntexb[at]gmail.com
  2: Bug Released: July 08 2005
  3: Bug Impact Rate: Medium / Hi
  4: Bug Scope Rate: Remote
  *****************************************************************************************************************
  $ This advisory and/or proof of concept code must not be used for commercial gain.
  *****************************************************************************************************************


What patch level did you research this on? I've tested with 5QMR7 HF-08 and it doesn't seem to be 
working.

Similar (the same?) vulnerability was reported on 17th of January by
Marc Ruef (http://www.securityfocus.com/archive/1/387569) and has been
fixed by Netegrity/CA some time ago in the 5QMR7 agents (HF-06 if I
recall correctly). 

Best Regards,
Tero Hänninen

-- 
Tero Hänninen | tero () betabyte net | http://www.betabyte.net/ |
           Overflow error in /dev/null

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]