Advisory: Captive Portal Redirection for HTTPS Websites

Grace NacesAdvisories

What to do when users get browser and smartphone security warnings when connecting to your network ANTlabs gateways have a unique feature that can redirect HTTPS web requests to the captive portal or landing page. This feature was very useful earlier in comparison to other competitors that can only redirect … Read More

Advisory: Intel Spectre and Meltdown

Grace NacesAdvisories

Publication Date: 10th Jan 2018 Last Updated: 19th Jan 2018 Version 1.04: Interim Description On 3rd January 2018, 3 vulnerabilities were disclosed for Intel microprocessors that could allow an attacker that has local access to a server to read privileged information belonging to other processes or the operating system by … Read More

Advisory: DROWN Vulnerability (CVE-2016-0800)

Grace NacesAdvisories

Publication Date: 7 March 2016 Updated: 15 March 2016 Description A vulnerability that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. The Traffic between clients and non-vulnerable servers can be decrypted if another server supporting SSLv2 … Read More

Advisory: SQL Injection and Reflected Cross Site Scripting Vulnerabilities (CVE-201502849 and CVE-2015-2850)

Grace NacesAdvisories

Publication Date: 06 Jul 2015 Description SQL Injection Vulnerability A vulnerability which allows user to perform queries on the underlying datastore via ppli URL parameter of the default login page main.ant; CVE-2015-2849 Cross-Site Scripting Vulnerability A reflected cross-site scripting vulnerability exists in the msg URL parameter of the admin login page … Read More