Dave B

**Name of the Vulnerable Software and Affected Versions** Mercurial versions prior to 1.6.4 **Description** The issue allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack due to the failure to verify the Common Name field of SSL certificates. **Recommendations** For versions prior to 1.6.4, update to version 1.6.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ikiwiki versions prior to 3.20110122 **Description** The issue allows remote attackers to insert arbitrary JavaScript due to insufficient checking in comments, potentially leading to Cross Site Scripting (XSS) attacks. **Recommendations** For versions prior to 3.20110122, update to version 3.20110122 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Smoothwall Express versions 3.0 SP3 and earlier, Smoothwall Express version 3.1 **Description** A cross-site scripting (XSS) issue exists in the web management interface, specifically in the httpd/cgi-bin/ipinfo.cgi file. This allows remote attackers to inject arbitrary web script or HTML via the `IP` parameter in a "Run" action. **Recommendations** For Smoothwall Express versions 3.0 SP3 and earlier, and version 3.1, consider restricting access to the ipinfo.cgi file until a patch is available. As a temporary workaround, avoid using the `IP` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Smoothwall Express versions 3.0 SP3 and earlier, Smoothwall Express version 3.1 **Description** A cross-site request forgery (CSRF) issue exists in the web management interface, specifically in the httpd/cgi-bin/shutdown.cgi endpoint. This allows remote attackers to hijack the authentication of administrators for requests that perform a reboot via a request to "cgi-bin/shutdown.cgi". **Recommendations** For Smoothwall Express versions 3.0 SP3 and earlier, and version 3.1, consider disabling access to the "cgi-bin/shutdown.cgi" endpoint until a fix is available to prevent exploitation. Restrict access to the web management interface to minimize the risk of CSRF attacks.

**Name of the Vulnerable Software and Affected Versions** phpMyAdmin versions 3.3.x through 3.3.10.0 phpMyAdmin versions 3.4.x through 3.4.0 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via a crafted table name, triggering improper HTML rendering on a Tracking page. This is related to the libraries/tbl links.inc.php and tbl tracking.php files. **Recommendations** For phpMyAdmin versions 3.3.x through 3.3.10.0, update to version 3.3.10.1 or later. For phpMyAdmin versions 3.4.x through 3.4.0, update to version 3.4.1 or later.

**Name of the Vulnerable Software and Affected Versions** libcloud versions prior to 0.4.1 **Description** The issue allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack because libcloud does not verify SSL certificates for HTTPS connections. This is partly due to an upstream issue with python's SSL module. **Recommendations** For versions prior to 0.4.1, update to version 0.4.1 or later to resolve the issue. As a temporary workaround, consider disabling HTTPS connections until a patch is available. Restrict access to sensitive resources to minimize the risk of exploitation. Avoid using libcloud for critical operations that require secure connections until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** pfSense versions 1.2.3 through 2 beta 4 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the `ifnum` or `ifname` parameters in the graph.php file. **Recommendations** For pfSense version 1.2.3, avoid using the `ifnum` and `ifname` parameters in the graph.php file until a patch is available. For pfSense version 2 beta 4, restrict access to the graph.php file to minimize the risk of exploitation.