Full Disclosure
Posted by Ben N on Feb 15
# Blind Boolean SQL Injection in dotCMS <= 3.6.1 (CVE-2017-5344)
## Product Description
dotCMS is a scalable, java based, open source content management system
(CMS) that has been designed to manage and deliver personalized, permission
based content experiences across multiple channels. dotCMS can serve as the
plaform for sites, mobile apps, mini-sites, portals, intranets or as a
headless CMS (content is consumed via RESTful APIs). dotCMS is…
Posted by Jérémy BEAUME on Feb 15
Here are the details of the (patched) IPv4 evasion I found in Suricata IDS/IPS:
# Software
Suricata IDS/IPS
website : https://suricata-ids.org/
editor : Open Information Security Foundation (OISF) https://oisf.net/
# Impacted version
3.2.x before 3.2.13.13
3.1.3 and before
All execution mode are impacted : nfqueue, af-packet, …
# Vulnerability description
Suricata did not used the IP protocol field value to identify
fragments from a same…
Posted by KoreLogic Disclosures on Feb 15
KL-001-2017-003 : Trendmicro InterScan Remote Root Access Vulnerability
Title: Trendmicro InterScan Remote Root Access Vulnerability
Advisory ID: KL-001-2017-003
Publication Date: 2017.02.15
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-003.txt
1. Vulnerability Details
Affected Vendor: Trendmicro
Affected Product: InterScan Web Security Virtual Appliance
Affected Version: OS Version…
Posted by KoreLogic Disclosures on Feb 15
KL-001-2017-002 : Trendmicro InterScan Privilege Escalation Vulnerability
Title: Trendmicro InterScan Privilege Escalation Vulnerability
Advisory ID: KL-001-2017-002
Publication Date: 2017.02.15
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-002.txt
1. Vulnerability Details
Affected Vendor: Trendmicro
Affected Product: InterScan Web Security Virtual Appliance
Affected Version: OS Version…
Posted by KoreLogic Disclosures on Feb 15
KL-001-2017-001 : Trendmicro InterScan Arbitrary File Write
Title: Trendmicro InterScan Arbitrary File Write
Advisory ID: KL-001-2017-001
Publication Date: 2017.02.15
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-001.txt
1. Vulnerability Details
Affected Vendor: Trendmicro
Affected Product: InterScan Web Security Virtual Appliance
Affected Version: OS Version 3.5.1321.el6.x86_64; Application…
Posted by MustLive on Feb 14
Hello participants of Mailing List.
In December 2012 I released my Backdoored Web Application (BWA)
(http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2012-December/008630.html)
– a reference test of backdoors scanners. All qualitative scanners of
backdoors must find it, otherwise such scanners not good enough. So everyone
can use it to check their scanners.
In 2013 I published the results of my backdoor scanners testing
(…
Posted by Kacper Szurek on Feb 14
# Exploit ShadeYouVPN.com Client v2.0.1.11 for Windows Privilege Escalation
# Date: 14.02.2017
# Software Link: https://shadeyouvpn.com/
# Exploit Author: Kacper Szurek
# Contact: https://twitter.com/KacperSzurek
# Website: https://security.szurek.pl/
# Category: local
1. Description
`ShadeYou` service executes any file path send through socket without
verification as SYSTEM user….
Posted by Eric Flokstra on Feb 14
# Exploit Title: Kodi – Local File Inclusion
# Date: 12 February 2017
# Exploit Author: Eric Flokstra
# Vendor Homepage: https://kodi.tv/
# Software Link: https://kodi.tv/download/
# Version: Kodi version 17.1 (Krypton), Chorus version 2.4.2
# Tested on: Linux
# CVE: CVE-2017-5982
Kodi (formerly XBMC) is a free and open-source media player software
application developed by the XBMC Foundation. Chorus is a web interface
for controlling and…
Posted by Ming on Feb 14
#Overview
The Wall of Sheep would like to announce a call for presentations at DEF
CON 25 at the Caesars Palace in Las Vegas, NV from Thursday, July 27th to
Sunday, July 30th. This will be the 5th anniversary of our Speaker
Workshops. The Wall of Sheep’s workshops goal is to deliver talks that
increase security awareness and provide skills that can be immediately
applied after the conference. Our audience ranges from those who are new to…
Posted by Sydream Labs on Feb 14
# Riverbed RiOS insecure cryptographic storage (CVE-2017-5670)
## Description
Riverbed Steelhead hardware appliances are used to optimize and
accelerate network traffic.
There can be implemented as TLS endpoints, so they have a secure vault
aimed to store private TLS certificates for servers.
The secure vault has FIPS mode support.
## Improper encryption implementation
The secure vault used on the Steelhead appliance (and potentially other…