Posted by Mevied, Matias on Aug 22
Onapsis Security Advisory ONAPSIS-2016-038: SAP HANA Information
disclosure in EXPORT
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could access business
information indexed by the SAP system.
Risk Level: Low
2. Advisory Information
=======================
– Public Release Date: 07/20/2016
– Last Revised: 07/20/2016
– Security Advisory ID: ONAPSIS-2016-038
– Onapsis SVS ID: ONAPSIS-00235
– CVE:…
Posted by x ksi on Aug 22
$ cat ./3rdparty.txt
Release (08.06.2015): Writeup with PHP PoC released
Update #1 (04.02.2016): JavaScript PoC created
Update #2 (16.06.2016): W3C SRI information added
Update #3 (01.08.2016): Added reference about the AdGholas
Update #4 (20.08.2016): Added reference about D. Trump site
Posted by psy on Aug 22
Hi FD,
I am glad to present a new release of this tool.
UFONet abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct
different attacks using; GET/POST, multithreading, proxies, origin
spoofing methods, cache evasion techniques, etc.
———
Screenshots:
http://ufonet.03c8.net/ufonet/ufonet-gui.png
http://ufonet.03c8.net/ufonet/ufonet-gui4.png
———
Video:…
Posted by David Tomaschik on Aug 22
ObiHai ObiPhone – Multiple Vulnerabilities
——————————————
Introduction
============
Multiple vulnerabilities were discovered in the web management
interface of the ObiHai ObiPhone products. The Vulnerabilities were
discovered during a black box security assessment and therefore the
vulnerability list should not be considered exhaustive.
Affected Devices and Versions
=============================
ObiPhone 1032/1062…
Posted by Black Arch on Aug 22
Dear list,
We’ve released the new BlackArch Linux ISOs along with many
improvements. They include more than 1500 tools now. The armv6h and
armv7h repositories are filled with about 1400 tools.
A short ChangeLog of the Live-ISOs:
– updated the BlackArch Linux installer
– include linux kernel 4.7.1
– added more than 100 new tools
– updated all blackarch tools
– updated all system packages
– updated menu entries for the…
It’s your computer with some very bad news: It’s just been infected by ransomware.
The post Look who’s talking? It’s not John Travolta or Bruce Willis! appeared first on Avira Blog.
Posted by Vulnerability Lab on Aug 22
Document Title:
===============
Jaws CMS v1.1.1 – Privilege Escalate CSRF Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1923
Release Date:
=============
2016-08-22
Vulnerability Laboratory ID (VL-ID):
====================================
1923
Common Vulnerability Scoring System:
====================================
3.3
Product & Service Introduction:…
Posted by Vulnerability Lab on Aug 22
Document Title:
===============
phpCollab v2.5 CMS – Privilege Escalate CSRF Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1911
Release Date:
=============
2016-08-17
Vulnerability Laboratory ID (VL-ID):
====================================
1911
Common Vulnerability Scoring System:
====================================
3.3
Product & Service Introduction:…
Posted by Vulnerability Lab on Aug 22
Document Title:
===============
AVS Audio Converter 8.2.1 – Buffer Overflow Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1920
Release Date:
=============
2016-08-22
Vulnerability Laboratory ID (VL-ID):
====================================
1920
Common Vulnerability Scoring System:
====================================
6.3
Product & Service Introduction:…
Posted by Vulnerability Lab on Aug 22
Document Title:
===============
ISPconfig v3.0.5.4 p6 – UI Exception & XSS Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1909
Release Date:
=============
2016-08-16
Vulnerability Laboratory ID (VL-ID):
====================================
1909
Common Vulnerability Scoring System:
====================================
3.5
Product & Service Introduction:…
