Posted by Steffen Rösemann on Feb 13
Advisory: Reflecting XSS vulnerabitlies, unrestricted file upload and
underlaying CSRF in Landsknecht Adminsystems CMS v. 4.0.1 (DEV, beta
version)
Advisory ID: SROEADV-2015-14
Author: Steffen Rösemann
Affected Software: Landsknecht Adminsystems CMS v. 4.0.1 (DEV, beta version)
Vendor URL: https://github.com/kneecht/adminsystems
Vendor Status: will be patched
CVE-ID: –
==========================
Vulnerability Description:…
Posted by Jing Wang on Feb 13
*CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security
Vulnerabilities*
Exploit Title: vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities
Product: vBulletin Forum
Vendor: vBulletin
Vulnerable Versions: 5.1.3 5.0.5 4.2.2 3.8.7 3.6.7 3.6.0 3.5.4
Tested Version: 5.1.3 4.2.2
Advisory Publication: Feb 12, 2015
Latest Update: Feb 12, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-9469
CVSS…
Posted by Scott Arciszewski on Feb 13
Since my last post, I have learned from Andrew Nacin (the lead developer of
WordPress and security team member that I was corresponding with) that my
emails weren’t ignored, they were lost to an aggressive spam filter.
Despite this, he has admitted fault for not following up on the bug report.
Before the spam filter blackholed my emails, I was communicating with the
security team about a separate enhancement (using openssl to sign their…
Posted by Brandon Perry on Feb 13
Couldn’t find anyone to contact regarding this, so dropping it.
eTouch SamePage v4.4.0.0.239 multiple vulnerabilities
http://www.etouch.net/products/samepage/index.html
Enterprise trial was installed in an Ubuntu virtual machine with MySQL. By default, the listening port is 18080.
Required on the Ubuntu machine to install the SamePage binary successfully:
sudo apt-get install libstdc++6:i386 libc6:i386 libXext6:i386 mysql-server
Trial…
Posted by Jing Wang on Feb 13
*CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Security
Vulnerabilities*
Exploit Title: Cit-e-Net Multiple XSS (Cross-Site Scripting) Security
Vulnerabilities
Product: Cit-e-Access
Vendor: Cit-e-Net
Vulnerable Versions: Version 6
Tested Version: Version 6
Advisory Publication: Feb 12, 2015
Latest Update: Feb 12, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-8753
CVSS Severity (version 2.0):
CVSS v2…
IBM WebSphere MQ 7.0.1 before 7.0.1.13, 7.1 before 7.1.0.6, 7.5 before 7.5.0.5, and 8 before 8.0.0.1 allows remote authenticated users to cause a denial of service (queue-slot exhaustion) by leveraging PCF query privileges for a crafted query.
The alert module in IBM InfoSphere BigInsights 2.1.2 and 3.x before 3.0.0.2 allows remote attackers to obtain sensitive Alert management-services API information via a network-tracing attack.
CRLF injection vulnerability in the Universal Access implementation in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix007, and 6.0.5 before 6.0.5.5 iFix003, when WebSphere Application Server is not used, allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via an unspecified parameter.
Race condition in the client in IBM Tivoli Storage Manager (TSM) 5.4.0.0 through 5.4.3.6, 5.5.0.0 through 5.5.4.3, 6.1.0.0 through 6.1.5.6, 6.2 before 6.2.5.4, 6.3 before 6.3.2.3, 6.4 before 6.4.2.1, and 7.1 before 7.1.1 on UNIX and Linux allows local users to obtain root privileges via unspecified vectors.