Research Lab

Positive Technologies Research Team and SecurityLab are willing to cooperate with independent researches in the analysis of the discovered vulnerabilities, in contacts with software vendors and CVE Number Reservation process. The vulnerabilities will be published in sections "Laboratory" and PT-advisory. The name of the researches will be preserved.

Our disclosure policy: en.securitylab.ru/lab/disclosure-policy.php

Severity:   High (10.0) (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Vulnerability status:   Patched
Exploitation vector:   Remote
Vendor:   D-Link
Product:   D-Link DIR-300
 
Identifier:   PT-2011-29   Advisory published: 09.09.2011
CVE ID:   N/A   Fix issued: 19-09-2011
Discovered by:
Sergey Scherbel, Positive Research Center (Positive Technologies Company)
 
Severity:   Medium (4.3) (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Vulnerability status:   Patched
Exploitation vector:   Remote
Vendor:   Cisco
Product:   Cisco Secure ACS 5.x
 
Identifier:   PT-2011-27   Advisory published: 28.07.2011
CVE ID:   CVE-2011-3317   Fix issued: 13-02-2012
Discovered by:
Maxim Tsoy, Yuriy Goltsev, Alexander Zaitsev and Evgeniy Tolmachev, Positive Research Center (Positive Technologies Company)
 
Severity:   Medium (6.8) (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Vulnerability status:   Patched
Exploitation vector:   Remote
Vendor:   Cisco
Product:   Cisco Secure ACS 5.x
 
Identifier:   PT-2011-26   Advisory published: 19.07.2011
CVE ID:   CVE-2011-3293   Fix issued: 13-02-2012
Discovered by:
Maxim Tsoy, Positive Research Center (Positive Technologies Company)
 
Severity:   Medium (6.5) (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Vulnerability status:   Patched
Exploitation vector:   Remote
Vendor:   Support Incident Tracker
Product:   Support Incident Tracker 3.x
 
Identifier:   PT-2011-25   Advisory published: 13.07.2011
CVE ID:   N/A   Fix issued: 17-07-2011
Discovered by:
Yuri Goltsev, Positive Research Center (Positive Technologies Company)
 
Severity:   Medium (6.8) (AV:N/AC:L/Au:S/C:N/I:N/A:C)
Vulnerability status:   Patched
Exploitation vector:   Remote
Vendor:   Arbor Networks
Product:   Arbor Peakflow X
 
Identifier:   PT-2011-24   Advisory published: 12.07.2011
CVE ID:   CVE-2011-4637   Fix issued: 02-03-2012
Discovered by:
Dmitriy Gutsko, Positive Research Center (Positive Technologies Company)
 
Severity:   Medium (6.5) (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Vulnerability status:   Patched
Exploitation vector:   Remote
Vendor:   GLPI
Product:   GLPI 0.x
 
Identifier:   PT-2011-23   Advisory published: 11.07.2011
CVE ID:   N/A   Fix issued: 21-07-2011
Discovered by:
Yuri Goltsev, Positive Research Center (Positive Technologies Company)
 
Severity:   High (7.5) (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Vulnerability status:   Unpatched
Exploitation vector:   Remote
Vendor:   OneOrZero
Product:   OneOrZero AIMS 2.x
 
Identifier:   PT-2011-21   Advisory published: 08.07.2011
CVE ID:   N/A   Fix issued:
Discovered by:
Yuri Goltsev, Positive Research Center (Positive Technologies Company)
 
Severity:   High (7.5) (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Vulnerability status:   Unpatched
Exploitation vector:   Remote
Vendor:   OneOrZero
Product:   OneOrZero AIMS 2.x
 
Identifier:   PT-2011-20   Advisory published: 08.07.2011
CVE ID:   N/A   Fix issued:
Discovered by:
Yuri Goltsev, Positive Research Center (Positive Technologies Company)
 
Severity:   High (7.5) (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Vulnerability status:   Patched
Exploitation vector:   Remote
Vendor:   Help Request System
Product:   Help Request System 1.x
 
Identifier:   PT-2011-19   Advisory published: 07.07.2011
CVE ID:   N/A   Fix issued: 16-07-2011
Discovered by:
Yuri Goltsev, Positive Research Center (Positive Technologies Company)
 
Severity:   Medium (4.3) (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Vulnerability status:   Patched
Exploitation vector:   Remote
Vendor:   Arbor Networks
Product:   Arbor Peakflow X
 
Identifier:   PT-2011-18   Advisory published: 01.07.2011
CVE ID:   CVE-2011-4636   Fix issued: 02-03-2012
Discovered by:
Maxim Tsoy, Positive Research Center (Positive Technologies Company)