Category Archives: Full Disclosure

Full Disclosure

Full Disclosure

SEC Consult SA-20160624-0 :: ASUS DSL-N55U router XSS and information disclosure

Posted by SEC Consult Vulnerability Lab on Jun 24

SEC Consult Vulnerability Lab Security Advisory < 20160624-0 >
=======================================================================
title: XSS and information disclosure vulnerability
product: ASUS DSL-N55U router
vulnerable version: 3.0.0.4.376_2736
fixed version: 3.0.0.4_380_3679
CVE number: requested
impact: Medium
homepage: https://www.asus.com/
found:…

Full Disclosure

[KIS-2016-07] SugarCRM <= 6.5.23 (SugarRestSerialize.php) PHP Object Injection Vulnerability

Posted by Egidio Romano on Jun 23

——————————————————————————
SugarCRM <= 6.5.23 (SugarRestSerialize.php) PHP Object Injection Vulnerability
——————————————————————————

[-] Software Link:

http://www.sugarcrm.com/

[-] Affected Versions:

Version 6.5.23 CE and prior versions.

[-] Vulnerability Description:

The vulnerable code is located in the…

Full Disclosure

[KIS-2016-06] SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fopen() Usage Vulnerability

Posted by Egidio Romano on Jun 23

—————————————————————————–
SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fopen() Usage Vulnerability
—————————————————————————–

[-] Software Link:

http://www.sugarcrm.com/

[-] Affected Versions:

Version 6.5.18 CE and other versions.

[-] Vulnerability Description:

The vulnerable code is located within the MySugar::addDashlet() method:…

Full Disclosure

[KIS-2016-05] SugarCRM <= 6.5.18 Two PHP Code Injection Vulnerabilities

Posted by Egidio Romano on Jun 23

———————————————————
SugarCRM <= 6.5.18 Two PHP Code Injection Vulnerabilities
———————————————————

[-] Software Link:

http://www.sugarcrm.com/

[-] Affected Versions:

Version 6.5.18 CE and prior versions.

[-] Vulnerabilities Description:

1) The vulnerable code is located in the /include/utils/array_utils.php script:

99. function…

Full Disclosure

[KIS-2016-04] SugarCRM <= 6.5.18 Missing Authorization Check Vulnerabilities

Posted by Egidio Romano on Jun 23

————————————————————–
SugarCRM <= 6.5.18 Missing Authorization Check Vulnerabilities
————————————————————–

[-] Software Link:

http://www.sugarcrm.com/

[-] Affected Versions:

Version 6.5.18 CE and prior versions.

[-] Vulnerabilities Description:

The application fails to properly check whether the user has administrator privileges within the following…

Full Disclosure

[KIS-2016-03] SugarCRM <= 6.5.18 (SAML Authentication) XML External Entity Vulnerability

Posted by Egidio Romano on Jun 23

————————————————————————–
SugarCRM <= 6.5.18 (SAML Authentication) XML External Entity Vulnerability
————————————————————————–

[-] Software Link:

http://www.sugarcrm.com/

[-] Affected Versions:

Version 6.5.18 CE and prior versions.

[-] Vulnerability Description:

The vulnerable code is located in the constructor method of the…

Full Disclosure

[ERPSCAN-16-016] SAP NetWeaver Java AS WD_CHAT – Information disclosure vulnerability

Posted by ERPScan inc on Jun 21

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 – 7.5

Vendor URL: http://SAP.com

Bug: information disclosure

Sent: 04.12.2015

Reported: 05.12.2015

Vendor response: 05.12.2015

Date of Public Advisory: 08.03.2016

Reference: SAP Security Note 2255990

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: SAP NetWeaver AS Java WD_CHAT – Information disclosure vulnerability…

Full Disclosure

APPLE-SA-2016-06-20-1 AirPort Base Station Firmware Update 7.6.7 and 7.7.7

Posted by Apple Product Security on Jun 21

APPLE-SA-2016-06-20-1 AirPort Base Station Firmware Update 7.6.7 and
7.7.7

AirPort Base Station Firmware Update 7.6.7 and 7.7.7 is now available
and addresses the following:

AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme and AirPort
Time Capsule base stations with 802.11n; AirPort Extreme and
AirPort Time Capsule base stations with 802.11ac
Impact: A remote attacker may be able to cause arbitrary code
execution…

Full Disclosure

CVE ID Request : Horsys v8 multiple vulnerabilities

Posted by Sysdream Labs on Jun 21

# Several Vulnerabilities founded in Horsys V8

Horsys is a human resource appliation, allowing the user to manage his profile, vacation, position title and other
personnal data like address, phone number and so on.

The application runs on Windows and launches a web server. This product has been developped by Asys company.

We found that it is vulnerable to several vulnerabilities, which can lead to personal information leakage or account…

Full Disclosure

[ERPSCAN-16-015] SAP NetWeaver Java AS – multiple XSS vulnerabilities

Posted by ERPScan inc on Jun 21

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 – 7.5

Vendor URL: http://SAP.com

Bugs: XSS

Sent: 29.09.2015

Reported: 30.09.2015

Vendor response: 30.09.2015

Date of Public Advisory: 08.03.2016

Reference: SAP Security Note 2238765

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: [ERPSCAN-16-015] SAP NetWeaver Java AS – multiple XSS vulnerabilities

Advisory ID:…