Wendel Guglielmetti Henrique

**Name of the Vulnerable Software and Affected Versions** IBM Web Application Firewall versions prior to update 31.030 **Description** The issue allows remote attackers to bypass intended intrusion prevention by dividing a dangerous parameter value into substrings. This can be demonstrated by a SQL statement that is split across multiple `iid` parameters and then sent to a .aspx file on an IIS web server. **Recommendations** For IBM Web Application Firewall versions prior to update 31.030, update to version 31.030 or later to resolve the issue. As a temporary workaround, consider restricting access to the `iid` parameter in affected API endpoints until a patch is available.

Name of the Vulnerable Software and Affected Versions: Armorlogic Profense Web Application Firewall versions prior to 2.2.22 Armorlogic Profense Web Application Firewall versions 2.4.x prior to 2.4.4 Description: The issue allows remote attackers to conduct cross-site scripting (XSS) attacks via a modified end tag of a SCRIPT element, due to improper implementation of the negative model. Recommendations: For versions prior to 2.2.22, update to version 2.2.22 or later. For versions 2.4.x prior to 2.4.4, update to version 2.4.4 or later.

Name of the Vulnerable Software and Affected Versions: Armorlogic Profense Web Application Firewall versions before 2.2.22 Armorlogic Profense Web Application Firewall versions 2.4.x before 2.4.4 Description: The issue allows remote attackers to bypass certain protection mechanisms via a %0A (encoded newline) in a URL, such as in a cross-site scripting (XSS) attack. This is due to the improper implementation of the "positive model". Recommendations: For versions before 2.2.22, update to version 2.2.22 or later to resolve the issue. For versions 2.4.x before 2.4.4, update to version 2.4.4 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Armorlogic Profense Web Application Firewall versions 2.2.x through 2.2.21 Armorlogic Profense Web Application Firewall versions 2.4.x through 2.4.3 Description: The issue allows remote attackers to obtain access more easily due to a default root password hash and permitted password-based root logins over SSH. Recommendations: For Armorlogic Profense Web Application Firewall versions 2.2.x through 2.2.21, update to version 2.2.22 or later. For Armorlogic Profense Web Application Firewall versions 2.4.x through 2.4.3, update to version 2.4.4 or later.

**Name of the Vulnerable Software and Affected Versions** Citrix MetaFrame Presentation Server (affected versions not specified) **Description** The issue allows local users to gain privileges through a malicious icabar.exe placed in the search path, due to an untrusted search path vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link Wireless Access-Point (DWL-2100ap) versions 2.10na and earlier **Description** The issue allows remote attackers to obtain sensitive system information, including passwords, by requesting an arbitrary .cfg file from the web server. This provides configuration information. **Recommendations** For D-Link Wireless Access-Point (DWL-2100ap) versions 2.10na and earlier, consider restricting access to the web server to minimize the risk of exploitation. Avoid using the web server to store sensitive configuration information until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.