Daniel Clemens

**Name of the Vulnerable Software and Affected Versions** Zeacom Chat Server versions prior to 5.1 **Description** The issue allows remote attackers to hijack sessions or cause a denial of service via a brute-force attack due to the use of too short a random string for the `JSESSIONID` value. This can lead to a Chat Server crash or Tomcat daemon crash. **Recommendations** For versions prior to 5.1, update to version 5.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MediaCAST versions 8 and earlier **Description** The issue allows remote attackers to discover usernames and cleartext passwords by reading the error messages returned for requests that use the `UserID` parameter to the "authenticate ad setup finished.cfm" endpoint. **Recommendations** For MediaCAST versions 8 and earlier, consider restricting access to the "authenticate ad setup finished.cfm" endpoint to minimize the risk of exploitation. Avoid using the `UserID` parameter in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MediaCAST versions 8 and earlier **Description** The default configuration of the New Atlanta BlueDragon administrative interface enables external TCP connections to port 10000, making it easier for remote attackers to have an unspecified impact via a TCP session. **Recommendations** For MediaCAST versions 8 and earlier, restrict access to the New Atlanta BlueDragon administrative interface to only allow connections from 127.0.0.1 to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MediaCAST versions 8 and earlier **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the New Atlanta BlueDragon administrative interface. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For MediaCAST versions 8 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MediaCAST versions 8 and earlier **Description** The issue allows remote attackers to have an unspecified impact via a (1) `CP RIGHTSOURCE` or (2) `bdclient Inventive` cookie to the default URI under "inventivex/managetraining/", related to an "XML injection" issue. **Recommendations** For MediaCAST versions 8 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MediaCAST versions 8 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via a CP ENLARGESTYLE cookie to the default URI under inventivex/managetraining/ or unspecified input to authenticate ad setup finished.cfm. **Recommendations** For MediaCAST versions 8 and earlier, as a temporary workaround, consider restricting access to the default URI under inventivex/managetraining/ and the authenticate ad setup finished.cfm file until a patch is available. Avoid using the CP ENLARGESTYLE cookie in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MediaCAST versions 8 and earlier **Description** The issue allows remote attackers to obtain sensitive information via unspecified vectors related to the Public/ directory tree, specifically by handling requests for inventivex/isptools/release/metadata/globalIncludeFolders.txt. **Recommendations** For MediaCAST versions 8 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Director versions prior to 5.10 **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files by using a .. (dot dot) sequence in the file parameter of Redirect.bat. **Recommendations** For versions prior to 5.10, update to version 5.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the Redirect.bat file to minimize the risk of exploitation.