OpenCart failed to properly address a directory traversal vulnerability.
Monthly Archives: January 2016
Cisco Releases Security Updates
Original release date: January 20, 2016
Cisco has released security updates to address vulnerabilities in Modular Encoding Platform D9036 software, Unified Computing System (UCS) Manager software, and Firepower 9000 Series devices. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected device.
US-CERT encourages users and administrators to review the following Cisco Security Advisories on the Modular Encoding Platform D9036 and UCS Manager and Firepower 9000 vulnerabilities apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
New wave of attacks against Ukrainian power industry
The cyberattacks against the Ukrainian electric power industry continue. Background information on this story can be found in our recent publications: BlackEnergy trojan strikes again: Attacks Ukrainian electric power industry BlackEnergy by the SSHBearDoor: attacks against Ukrainian news media and electric industry BlackEnergy and the Ukrainian power outage: What we really know Yesterday we discovered
The post New wave of attacks against Ukrainian power industry appeared first on We Live Security.
LiteSpeed Web Server – Security Advisory – HTTP Header Injection Vulnerability
Posted by Onur Yilmaz on Jan 20
Information
——————–
Advisory by Netsparker
Name: HTTP Header Injection in LiteSpeed Web Server
Affected Software : LiteSpeed Web Server
Affected Versions: v5.1.0 and possibly below
Vendor Homepage : https://www.litespeedtech.com/
Vulnerability Type : HTTP Header Injection
Severity : Medium
Status : Fixed
CVE-ID : TBA
Netsparker Advisory Reference : NS-16-001
Description
——————–
While testing Netsparker, we spotted an…
OpenCart users, switch to OpenCart-CE immediately
Posted by Scott Arciszewski on Jan 20
This commit was made against the Community Edition of OpenCart on April 2,
2014.
As you can see from the commit message, it was intended to prevent file
inclusion attacks.
It’s January 19, 2016 and OpenCart proper is still doing it wrong….
mobile.facebook.com is not on HSTS preload list or sending the Strict-Transport-Security header
Posted by Ricardo Iramar dos Santos on Jan 20
Hi All,
I’ve noticed that mobile.facebook.com domain is not on HSTS preload
list or sending the Strict-Transport-Security header. All the others
domains like m.facebook.com is using HSTS properly.
I reported this to Facebook on 12/3/15 through the whitehat program
and got the answer below. I’ve checked again today and it still not
using HSTS. Not sure why Facebook is not protecting this domain with
HSTS.
Hi Ricardo,
Thank you…
Administrator auto-logout design flaw in ASUS wireless routers
Posted by David Longenecker on Jan 20
ASUS wireless routers have an optional feature (beginning with firmware
3.0.0.4.374_5656, dated April 2014) to log the administrator out after a
period of idle time. While there are scenarios where you might want to keep
an idle logged-in session, remaining logged in makes it possible for a
malicious hacker to use that session by tricking the user into clicking a
link.
Models based on the ASUSWRT firmware up to and including the most recent…
SeaWell Networks Spectrum – Multiple Vulnerabilities
Posted by Karn Ganeshen on Jan 20
About SeaWell Networks Spectrum
Session Delivery Control
SeaWell set out to improve the way operators control, monetize and scale
their IP video offerings, to meet the growing subscriber demands for video
delivered to smartphones, tablets and game consoles.
The result – Spectrum – is what we call a “Multiscreen 2.0” Session
Delivery Controller.
Spectrum is high-performance, carrier-grade software that takes ABR video
and repackages it…
GRR <= 3.0.0-RC1 (all versions) file upload filter bypass (authenficated)
Posted by Jean-Marie Bourbon on Jan 20
# Exploit Title: GRR <= 3.0.0-RC1 (all versions) RCE with privilege
escalation through file upload filter bypass (authenficated)
# Date: January 7th, 2016
# Exploit Author: kmkz (Bourbon Jean-marie) <mail.bourbon () gmail com> |
@kmkz_security
# Vendor Homepage: http://grr.devome.com/fr/
# Software Link:
http://grr.devome.com/fr/telechargement/category/3-versions-patch?download=7:grr-3-0-0-rc1
# Version: 3.0.0-RC1
# Tested on: Windows…
Cisco Security Advisory 20160120-d9036
Cisco Security Advisory – A vulnerability in Cisco Modular Encoding Platform D9036 Software could allow an unauthenticated, remote attacker to log in to the system shell with the privileges of the root user. The vulnerability occurs because the root user has a default and static password. This account is created at installation and cannot be changed or deleted without impacting the functionality of the system. An attacker could exploit this vulnerability by remotely connecting to the affected system via SSH using this account. Successful exploitation could allow the attacker to access the system with the privileges of the root user. In addition to the root user, the guest user account also has a default and static password. The guest account is created at installation and cannot be changed or deleted without impacting the functionality of the system. However, this account has limited privileges on the system. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.