FortConsult regularly publishes some of the vulnerabilities we ourselves find when performing security tests. Our security consultants work with vulnerabilities and security flaws every single day, e.g. when performing security tests or assessing new security threats on behalf of our customers. As a result, we have built up a unique core competence in terms of security flaws, which means that we regularly discover new flaws in existing products.   FortConsult advisories should not be confused with the advisories that are issued via early warning services, and which can, for example, be found at www.securityfocus.com under BugTraq.   Our general policy is that we do not publish a vulnerability until we have informed the manufacturer, who has then remedied the security breach and issued a patch or workaround. However, there can be cases in which it is in our customers′ interests to inform them of the problem at an earlier stage, in which case we will do so - whilst making sure that the manufacturer is informed to this effect.   You can see our latest advisories and research papers below. If you are interested in a more detailed explanation, you are welcome to contact us. Customers that have a subscription for StayAlert™ are automatically informed if the newly discovered vulnerability is significant for their IT systems, in the same way as they are notified of all other new security flaws that are discovered.   Overview of Advisories No. Discovery Date Title Status Advisory Availability 18 June 2008 Direct Web Remoting - Cross-Site Scripting on Error Page Vendor Notified Advisory Public 17 November 2007 PunBB imgUpload extention Vendor Notified Advisory Public 16 June 2007 DotNotNuke Cross-Site Redirection Vendor Corrected Advisory Public 15 June 2007 ISPmgr local root Vendor Notified Advisory Public 14 June 2007 DotNetNuke 4.4.0. admin login bypass Vendor Corrected Advisory Public 13 May 2007 IDIS NVR format string DoS and code-exec Vendor Notified Advisory Private 12 December 2006 Citrix Session - Reliability OpenProxy Vendor Corrected Advisory Public 11 March 2007 Music700 router / VoIP remote command exec Vendor Notified Advisory Public 10 February 2007 eWire PHP component remote code execution Vendor Notified Advisory Public 9 January 2007 Steema SL "TeeCharts ActiveX" data proxy Vendor Notified Advisory Public (See Proof of Concept) 8 September 2006 Citrix Unspecified Heap & Stack Vulns Vendor Corrected Advisory Public 7 May 2006 Lotus Notes Pre-login Information Leakage Vendor Corrected Advisory Public 6 April 2006 Lotus SameTime Sandbox Escape Vendor Corrected Advisory Public 5 March 2006 Cisco VPN Privilege Escalation Vendor Corrected Advisory Public 4 March 2006 Lotus Domino tunekrnl priv esc via heap Vendor Corrected Advisory Public 3 March 2006 Lotus Domino tunekrnl priv esc via stack Vendor Corrected Advisory Public 2 March 2006 Cryptomathic Primink_CSP ActiveX Exploit (research assistance to CIRT.DK) Vendor Corrected Advisory Public 1 October 2005 Paros Proxy Default "sa" password Remote Command Exec / Data Disclosure Vendor Corrected Advisory Public Research Papers No. Publication Date Title Availability 3 June 2008 Site Wide XSS PDF Paper Available 2 October 2006 Tor: Practical Onion Hacking PDF Paper Available 1 March 2006 Tor: Peeling the Onion PDF Paper Available Proof of Concept No. Publication Date Title Availability A12 December 2006 Citrix Session - Reliability OpenProxy Demo A9 January 2007 Steema SL "TeeCharts ActiveX" data proxy Demo 1 Demo 2 R1 October 2006 Tor: Practical Onion Hacking - packet injection tools Tools mentioned in PDF Paper Available Back >