Posted by Robert Cavanaugh on Jan 12
Hi FD,
I’m sure you’re all sick to death of hearing about Lizard Squad and the
skid marks they’re leaving all over the place, so we’ll make this brief:
Lizard Squad has been rekt and the source code for their bots is now
available for your viewing pleasure.
https://github.com/pop-pop-ret/lizkebab
0wned by: Chippy1337, @packetprophet
If you lulz’d, send BTC to 129UQoB3JvZg3iDERYZiXeHPkwT1iJF8u4
<…
Posted by Peter Lapp on Jan 12
Details
=======
Product: F5 BIG-IP Application Security Manager (ASM)
Vulnerability: Cross Site Scripting
Author: Peter Lapp, lappsec () gmail com
CVE: None assigned
Vulnerable Versions: Confirmed 11.4.0, 11.4.1. Likely 11.4.x-11.5.x.
Fixed Version: 11.6
Summary
=======
The F5 ASM is a web application firewall designed to protect web
applications from attacks. It allows for a custom HTML page to be displayed
to end users when they trigger a…
Posted by ITAS Team on Jan 12
# Exploit Title: XSS Vulnerability in Fork CMS 3.8.3
# Google Dork: N/A
# Date: 12/26/2014
# Exploit Author: Le Ngoc phi (phi.n.le () itas vn) and ITAS Team (www.itas.vn)
# Vendor Homepage: http://www.fork-cms.com
# Software Link: http://www.fork-cms.com/blog/detail/fork-3.8.4-released
# Version: Fork 3.8.3
# Tested on: N/A
# CVE : CVE-2014-9470
::VULNERABILITY DETAIL::
– Vulnerable parameter: q_widget
– Vulnerable file:…
Posted by kapejod () googlemail com on Jan 12
Snom SIP phones (www.snom.com) have a builtin HTTP/HTTPS configuration
interface, which is enabled by default.
By making a single HTTP POST request all available memory (and CPU) can be
exhausted, resulting in a reboot of the phone.
This even works if the HTTP/HTTPS interface is protected by username and
password (probably the credentials are checked a few more lines later when
the complete request has been received).
Affected models: MP, 3XX,…
Posted by Brandon Perry on Jan 12
After releasing this, I actually got quite a bit of flak (whatever happened
to responsible/coordinated disclosure?!).
Today, Space Rogue wrote a pretty good article about Full Disclosure:
https://twitter.com/spacerog/status/554704824705761280
I tend to agree with the post, and I feel that this vulnerability actually
is a great example of the points Space Rogue makes.
For instance, according to McAfee’s official KB article (…
Posted by Brandon Perry on Jan 12
WordPress Photo Gallery Unauthenticated SQL injection
Version 1.2.7 and likely prior of the Photo Gallery plugin (almost 500,000
downloads to date) are vulnerable to an unauthenticated boolean-based and
time-based blind SQL injection.
Vulnerable version:
https://downloads.wordpress.org/plugin/photo-gallery.1.2.7.zip
Within the following GET request, the order_by parameter, specifically, is
vulnerable.
GET…
Posted by CORE Security Technologies Advisories-team (jrv) on Jan 12
Core Security – Corelabs Advisory
http://corelabs.coresecurity.com/
Corel Software DLL Hijacking
1. *Advisory Information*
Title: Corel Software DLL Hijacking
Advisory ID: CORE-2015-0001
Advisory URL:
http://www.coresecurity.com/advisories/corel-software-dll-hijacking
Date published: 2015-01-12
Date of last update: 2015-01-06
Vendors contacted: Corel
Release mode: User release
2. *Vulnerability Information*
Class: Uncontrolled Search Path…
The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in RealNetworks GameHouse RealArcade Installer 2.6.0.481 performs unexpected type conversions for invalid parameter types, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted arguments to the (1) AddTag, (2) Ping, (3) QueuePause, (4) QueueRemove, (5) QueueTop, (6) RemoveTag, (7) TagRemoved, or (8) message method.
RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Installer) 2.6.0.481 and 3.0.7 uses weak permissions (Create Files/Write Data) for the GameHouse Games directory tree, which allows local users to gain privileges via a Trojan horse DLL in an individual game’s directory, as demonstrated by DDRAW.DLL in the Zuma Deluxe directory.
This Lizard is out to get your home router.
During Christmas we reported that a hacker group calling themselves the Lizard Squad, took responsibility for ruining the day for Sony PlayStation and Microsoft Xbox users by taking the gaming networks offline. This and previous attacks, which included a bomb threat directed at an American Airlines flight with Sony Entertainment president John Smedley on board, have been revealed to be a marketing campaign to advertise a new product available for rent to anyone who wants to cause a Denial-of-Service (DDoS) attack to the target of their choice.
You may not be a hacker, but the power for this service could be coming from your home office! Security blogger, Brian Krebs, whose own site was attacked, found out that the network of infected devices that powers the Product-That-Must-Not-Be-Named (that’s because Lizard Squad gleefully thanked Brian for the publicity on their Twitter account) is made up mostly of compromised home routers. On that same Twitter account, Lizard Squad said that they are using 250-500k infected routers.
These are the devices in everyone’s home that we warned you about in our blog, Your home network is at risk of cybersecurity attacks. Most people neglect the security of these devices by using the default user name and password that comes from the manufacturer out-of-the-box.
Our research determined that nearly 80% of all home routers in use today are thinly protected by common, easily hacked passwords, making routers an easy entry point to the home network for hackers,” said Avast Software’s CEO, Vincent Steckler.
Lizard Squad has just proven that point.
Today’s router security situation is very reminiscent of PCs in the 1990s, with lax attitudes towards security combined with new vulnerabilities being discovered every day creating an easily exploitable environment, “ Steckler said. “The main difference is people have much more personal information stored on their devices today than they did back then. Consumers need strong yet simple-to-use tools that can prevent attacks before they happen.”
Open the Avast user interface, click Scan from the menu on the left, then choose Scan for network threats. Avast will take a look at your router and report back any issues. In most cases, if there is an issue to be addressed, then it will direct you to your router manufacturer’s website.
The Home Network Security Solution is available in free and paid versions of Avast 2015. Get it at www.avast.com.
For more steps you can take to protect your home router, please see our blog post, 12 ways to boost your router’s security.
