Posted by Nick Boyce on Feb 10

[…]

[…]

[…]

Hi Benedikt,

The Netgear website [1] shows that a new version of the firmware was
released 2 days after your FD post – version 1.4.0.6.

The release notes [2] for the new version don’t refer to these
security issues in any way (instead they mention three fairly
minor-sounding bugs fixed). Have you had a chance to test the new
version yet, and if so can you say whether – despite Netgear’s stated
stance of WONTFIX -…

Posted by p on Feb 10

After some playing around I’ve noticed something interesting during
login phase: by sending wrong credentials, user is redirected on an
error page with url

http://192.168.1.1:666/login.cgi?cli=access%20login%20encrypted%2041544A25DC00170BA90659AD4CBDD9D9$

http://imgur.com/ZG1vU2t

In order to see what’s happening we must start the web server with the
debug output enabled:

httpd -o -p 666 -m -1 -v 5

and try again to login with wrong…

Posted by Stefan Kanthak on Feb 10

Hi @ll,

the installers or Oracle’s Java 6/7/8 for Windows and VirtualBox for
Windows load and execute several DLLs from their “application directory”.

* The online installer jxpiinstall.exe:
UXTheme.dll and RASAdHlp.dll plus
(on Windows XP) SetupAPI.dll, HNetCfg.dll and XPSP2Res.dll
(on Windows Vista and above) ProfAPI.dll, Secur32.dll, NTMarta.dll
and Version.dll

* The offline installer jre-8u66-windows-i586.exe:…

Posted by Simon Waters (Surevine) on Feb 10

Introduction: Open Real Estate is an open source CMS for managing estate agent websites.

It is written in PHP and uses the YII CMF. It supports multiple languages.

It is supported by MonoRay.net

The product has a number of commercial support offerings available and an internal market for extensions.

http://open-real-estate.info/

The core application was examined using Burp Suite Pro, SQLmap, and manual inspection (no extensions were…

Posted by Richard Tafoya on Feb 10

Hello…

Over a year ago I disclosed several vulnerabilities in Servision HVG network video recording devices. CVE-2015-0929 and
CVE-2015-0930.
https://www.kb.cert.org/vuls/id/522460

Since it’s been a while now, and hardcoded backdoor passwords in “security” devices are the current hotness…

Hardcoded Backdoor Password: A hardcoded backdoor password has been discovered in SerVision HVG firmware below version
2.2.26a100.
An…

Posted by Stefan Kanthak on Feb 10

Hi @ll,

the executable installers of WinRAR 5.30 and earlier versions
as well as ALL self-extracting archives created with them
load and execute UXTheme.dll, RichEd32.dll and RichEd20.dll
from their “application directory”.

For software downloaded with a web browser the application
directory is typically the user’s “Downloads” directory: see
<…

Posted by David Longenecker on Feb 10

Asus wireless routers running ASUSWRT firmware (in other words, anything
with an RT- in the model name) have a design flaw in which the
administrator web interface may be open to the public Internet even if you
have specifically disabled web access from the WAN.

Specifically, these routers have two separate controls that affect access
to the router web interface, and no warning that one can override the
other. In order to block public access to…