Oxwall Forum version 1.8.1 suffers from a persistent cross site scripting vulnerability.
Monthly Archives: February 2016
Fiyo CMS 2.0.2.1 Cross Site Scripting
Fiyo CMS version 2.0.2.1 suffers from multiple persistent cross site scripting vulnerabilities.
Apache Tomcat Limited Directory Traversal
When accessing resources via the ServletContext methods getResource() getResourceAsStream() and getResourcePaths() the paths should be limited to the current web application. The validation was not correct and paths of the form “/..” were not rejected. Note that paths starting with “/../” were correctly rejected. Apache Tomcat versions 6.0.0 through 6.0.44, 7.0.0 through 7.0.64, and 8.0.0.RC1 through 8.0.26.
Apache Tomcat CSRF Token Leak
The index page of the Manager and Host Manager applications included a valid CSRF token when issuing a redirect as a result of an unauthenticated request to the root of the web application. This token could then be used by an attacker to construct a CSRF attack. Apache Tomcat versions 7.0.1 through 7.0.67, 8.0.0.RC1 through 8.0.31, and 9.0.0.M1 are affected.
Apache Tomcat Security Manager StatusManagerServlet Bypass
The StatusManagerServlet could be loaded by a web application when a security manager was configured. This servlet would then provide the web application with a list of all deployed applications and a list of the HTTP request lines for all requests currently being processed. This could have exposed sensitive information from other web applications such as session IDs to the web application. Apache Tomcat versions 6.0.0 through 6.0.44, 7.0.0 through 7.0.67, 8.0.0.RC1 through 8.0.30, and 9.0.0.M1 are affected.
Apache Tomcat Session Fixation
When recycling the Request object to use for a new request, the requestedSessionSSL field was not recycled. This meant that a session ID provided in the next request to be processed using the recycled Request object could be used when it should not have been. This gave the client the ability to control the session ID. In theory, this could have been used as part of a session fixation attack but it would have been hard to achieve as the attacker would not have been able to force the victim to use the ‘correct’ Request object. It was also necessary for at least one web application to be configured to use the SSL session ID as the HTTP session ID. This is not a common configuration. Apache Tomcat versions 7.0.5 through 7.0.65, 8.0.0.RC1 through 8.0.30, and 9.0.0.M1 are affected.
NSA Data Center Experiencing 300 Million Hacking Attempts Per Day
Utah State computer systems are experiencing a massive cyber attack on up to 300 Million Hacking attempts per day due to National Security Agency’s (NSA) data center in the state.
Yes, 300,000,000 hacking attempts in a day!
According to the statistical survey, it is evident that the computer systems in the US State of Utah began to experience the hacking attack a few years back,
GM Bot (Android Malware) Source Code Leaked Online
The source code of a recently discovered Android banking Trojan that has the capability to gain administrator access on your smartphone and completely erase your phone’s storage has been LEAKED online.
The banking Trojan family is known by several names; Security researchers from FireEye dubbed it SlemBunk, Symantec dubbed it Bankosy, and last week when Heimdal Security uncovered it, they
Can my mobile phone be attacked by malware?
Mobile malware is a growing threat.
Banking, shopping, email. We do things on our phones that used to only be done on our desktop PC. Hackers know valuable data is stored on people’s phones, and they increasingly find new ways to attack mobile users.
These devices have information on them that is valuable to hackers
The most common mobile threats are adware packaged as fun gaming apps that provide little value and spams users with ads. SMS attacks are malware which sends unauthorized premium SMS or makes premium-service phone calls. This results in a large monthly bill for the user and a significant source of revenue for cybercrooks.
The most aggressive malware is mobile ransomware. Simplocker was the first Android ransomware to encrypt user files, and now there are thousands of variations that make it nearly impossible to recover the encrypted data on a smartphone.
Privacy is an issue with vulnerabilities such as Certifi-gate and Stagefright, both of which can be exploited to spy on users. Certifi-gate put approximately 50 percent of Android users at risk, and Stagefright made nearly 1 billion Android devices vulnerable to spyware.
Avast protects mobile devices from malware
Avast Mobile Security for Android scans mobile devices and secures them against infected files, phishing, malware, and spyware. The app provides people with the most advanced mobile malware protection available, now even faster with Avast’s leading cloud scanning engine. Install Avast Mobile Security for free!
Avast protects from unsecure Wi-Fi networks
Because cybercrooks take advantage of unsecure routers and Wi-Fi hotspots, we added Wi-Fi Security which notifies the user when connecting to an unsecure router. The user quickly identifies the security level of Wi-Fi hotspots and can evaluate the risks and decide whether to disconnect or use a VPN instead.
Avast protects user privacy
Privacy concerns range from permission-hungry apps to nosy children. Avast Mobile Security’s Privacy Advisor informs the user about what data apps have access to and ad networks included within apps. To defend their personal data against prying eyes, users can now lock an unlimited number of apps on their device using the App Locking feature.
Avast Mobile Security is available for free in the Google Play Store.
Visit Avast at Mobile World Congress
If you are attending Mobile World Congress in Barcelona, February 22 – 25, please visit Avast to see the app in hall 8.1, booth H65.
Apache Tomcat Security Manager Persistence Bypass
Apache Tomcat provides several session persistence mechanisms. The StandardManager persists session over a restart. The PersistentManager is able to persist sessions to files, a database or a custom Store. The Cluster implementation persists sessions to one or more additional nodes in the cluster. All of these mechanisms could be exploited to bypass a security manager. Session persistence is performed by Tomcat code with the permissions assigned to Tomcat internal code. By placing a carefully crafted object into a session, a malicious web application could trigger the execution of arbitrary code. Apache Tomcat versions 6.0.0 through 6.0.44, 7.0.0 through 7.0.67, 8.0.0.RC1 through 8.0.30, and 9.0.0.M1 are affected.