Posted by Zach C on Jun 09
We’re about halfway through the Broken, Abandoned series
(http://shadow-file.blogspot.com/2015/04/abandoned-part-01.html). I
wrote up a short summary of what we’ve covered up to now and where we
can expect to go from here.
http://shadow-file.blogspot.com/2015/06/abandoned-intermission.html
Stay tuned for Part 8!
Cheers,
Zach
Posted by xin.wang on Jun 09
#############################################################################
#
# DBAPPSECURITY LIMITED http://www.dbappsecurity.com.cn/
#
#############################################################################
#
# CVE ID: CVE-2015-4342
# Product: cacti
# Subject: SQL Injection and Location header injection from cdef id
# Author: unhex
# Date: June 9th 2015
#…
Posted by Larry W. Cashdollar on Jun 09
This advisory is in addition to the one I filed in November http://www.openwall.com/lists/oss-security/2014/11/06/1
that had the following CVEs
assigned CVE-2014-8603 CVE-2014-8604 CVE-2014-8605 CVE-2014-8606 CVE-2014-8607, advisory
http://www.vapid.dhs.org/advisory.php?v=110.
Title: Xloner v3.1.2 wordpress plugin authenticated command execution and XSS
Author: Larry W. Cashdollar, @_larry0
Date: 2015-05-10
Download Site:…
Posted by Justin Burke on Jun 09
Earlier today, Tanium was made aware of a potential scripting vulnerability
affecting the Tanium Platform. Our internal investigation revealed
vulnerabilities in some scripts and fixes have been made available via a
content update. No upgrade of the Tanium Platform (including the Tanium
Server, Tanium Console, and Tanium Client) is required to close this
vulnerability.
The vulnerability can be exploited on any version of the Tanium Platform…
Posted by Hongkai Wu on Jun 09
Workshop on Privacy-Preserving Information Retrieval, held in conjunction
with the ACM SIGIR conference (August 13, 2015; Santiago de Chile)
Submission Deadline: June
15
, 2015.
Acceptance Notifications: June
20
, 2015
Camera-ready Deadline: June
25
, 2015
Workshop: August 13, 2015
Submission types: Long papers (max. 4 pages in ACM SIG format), Position
papers (max. 2 pages in ACM SIG format)
Workshop format: Keynote speech, paper…
Apple is encouraging developers who create apps for iOS to begin moving their apps to an HTTPS-only model as soon as possible in an effort to thwart eavesdropping on insecure, plaintext HTTP connections. The move is yet one more sign that major Internet and technology companies are becoming ever more resistant to large-scale, passive surveillance […]
ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.
The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.
Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.
The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a “deconfigured interpreter.”