Category Archives: Full Disclosure

Full Disclosure

phplist 3.2.6: XSS

Posted by Curesec Research Team (CRT) on Mar 17

Security Advisory – Curesec Research Team

1. Introduction

Affected phplist 3.2.6
Product:
Fixed in: 3.3.1
Fixed Version https://sourceforge.net/projects/phplist/files/phplist/3.3.1/
Link: phplist-3.3.1.zip/download
Vendor Website: https://www.phplist.org/
Vulnerability XSS
Type:
Remote Yes
Exploitable:
Reported to 01/10/2017
vendor:
Disclosed to 02/20/2017
public:
Release mode: Coordinated Release…

phplist 3.2.6: SQL Injection

Posted by Curesec Research Team (CRT) on Mar 17

Security Advisory – Curesec Research Team

1. Introduction

Affected phplist 3.2.6
Product:
Fixed in: 3.3.1
Fixed Version https://sourceforge.net/projects/phplist/files/phplist/3.3.1/
Link: phplist-3.3.1.zip/download
Vendor Website: https://www.phplist.org/
Vulnerability SQL Injection
Type:
Remote Yes
Exploitable:
Reported to 01/10/2017
vendor:
Disclosed to 02/20/2017
public:
Release mode: Coordinated…

Microsoft Windows "LoadUvsTable()" Buffer Overflow Vulnerability

Posted by Hossein Lotfi on Mar 16

Hello,

The details of this vulnerability can be found here if interested:

http://blogs.flexerasoftware.com/secunia-research/2016/12/microsoft_windows_loaduvstable_heap_based_buffer_overflow_vulnerability.html

Microsoft initially tried to fixed the issue in MS16-147, but the fix was
incomplete and the issue remained unpatched til Microsoft March 2017 patch
release.

https://twitter.com/hosselot/status/809059287037251584

It appears MS17-013…

Skype Insecure Library Loading Vulnerability (api-ms-win-core-winrt-string-l1-1-0.dll)

Posted by Sachin Wagh on Mar 16

Vulnerability Title: Skype Insecure Library Loading Vulnerability
(api-ms-win-core-winrt-string-l1-1-0.dll)
Affected Product: Skype
Vendor Homepage: https://www.microsoft.com/en-us/
MSRC Case 32355 TRK:0001002846
CVE-ID : CVE-2017-6517
Severity: Medium

*Description:*

Microsoft Skype contains a DLL hijacking vulnerability that could allow an
unauthenticated attacker to execute arbitrary code on the targeted system.
This vulnerability exists due…

USB Pratirodh Insecure Password Storage Information Disclosure Vulnerability

Posted by Sachin Wagh on Mar 16

Vulnerability Title: USB Pratirodh Insecure Password Storage Information
Disclosure Vulnerability
Affekted Product: USB resistance
Product Homepage: https://cdac.in/index.aspx?id=cs_eps_usb_pra
CVE-ID : CVE-2017-6911
Severity: Medium

*Description:*

USB Pratirodh is prone to sensitive information disclosure. Its Store
sensitive information such as username and password hash in usb.xml file.
An attacker with physical access to the system can…

USB Pratirodh XML External Entity Injection Vulnerability

Posted by Sachin Wagh on Mar 16

Vulnerability Title: USB Pratirodh XML External Entity Injection
Vulnerability
Affekted Product: USB resistance
Product Homepage: https://cdac.in/index.aspx?id=cs_eps_usb_pra
CVE-ID : CVE-2017-6895
Severity: Medium
Class: Twentieth [CWE-611]
Impact: XML External Entity, Information Disclosure, Denial Of Service,
Author: Sachin Wagh (@tiger_tigerboy)

*Description:*

USB Pratirodh is prone to an XML External Entity injection vulnerability.
XXE…

Axis Camera Multiple Vulnerabilities

Posted by David Wearing on Mar 16

Introduction

============

Vulnerabilities were identified in the camera software by Axis. These were
discovered during a black box assessment and therefore the vulnerability
list should not be considered exhaustive; observations suggest that it is
likely that further vulnerabilities exist.

Affected Software And Versions

==============================

Model P1204, software versions <= 5.50.4

Model P3225, software versions <= 6.30.1…

Windows DVD Maker XML External Entity File Disclosure

Posted by hyp3rlinx on Mar 16

[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DVD-MAKER-XML-EXTERNAL-ENTITY-FILE-DISCLOSURE.txt
[+] ISR: ApparitionSec

Vendor:
=================
www.microsoft.com

Product:
=================
Windows DVD Maker
v6.1.7

Windows DVD Maker is a feature you can use to make DVDs that you can watch
on a computer or on a TV using a regular DVD player….

SEC Consult SA-20170316-0 :: Authenticated command injection in multiple Ubiquiti Networks products

Posted by SEC Consult Vulnerability Lab on Mar 16

SEC Consult Vulnerability Lab Security Advisory < 20170316-0 >
=======================================================================
title: Authenticated Command Injection
product: Multiple Ubiquiti Networks products, e.g.
TS-16-CARRIER, TS-5-POE, TS-8-PRO, AG-HP-2G16,
AG-HP-2G20, AG-HP-5G23, AG-HP-5G27, AirGrid M,
AirGrid M2, AirGrid M5, AR, AR-HP,…

Microsoft Edge Fetch API allows setting of arbitrary request headers

Posted by Securify B.V. on Mar 14

————————————————————————
Microsoft Edge Fetch API allows setting of arbitrary request headers
————————————————————————
Yorick Koster, January 2017

————————————————————————
Abstract
————————————————————————
It was found that the Fetch API in Microsoft Edge…