Full Disclosure
Posted by Vulnerability Lab on May 18
Document Title:
===============
Facebook #26 – Filter Bypass & Exception Handling Redirect Web Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1483
http://www.vulnerability-lab.com/get_content.php?id=1484
Video View: https://www.youtube.com/watch?v=I65zFWF-pMg
Release Date:
=============
2015-05-09
Vulnerability Laboratory ID (VL-ID):
====================================
1483…
Posted by Hypsurus on May 17
Heiy list!
I am happy to announce FTP-Map 0.5.
since 2002 the project was dead, until now (:
i’m continue the development, I started FTP-Map 0.5 from scratch with extra code from FTP-Map 0.4
some new features:
1. anonymous login check.
2. ftpmap_detect_version_by_banner (If it’s not work will still have fingerprints (: )
3. ftpmap_findexploit() – find exploit for the FTP Server in exploit-db.
4. brute force for weak passwords….
Posted by Researcher Triponoid on May 17
Website: soundcloud.com
Credit: Researcher Triponoid
Responsible disclosure url:
http://help.soundcloud.com/customer/portal/articles/439715-responsible-disclosure
XSS vulnerabilities are in scope.
Image:
http://www.triponoid.com/wp-content/uploads/2015/05/xss-soundcloud.png
Video: https://youtu.be/FSBS60mRDn0
more info: http://www.triponoid.com/stored-xss-on-soundcloud-com/
Posted by Darya Maenkova on May 15
*Intro*
On 11th of May, a security headline broke out in the news, it was about
an attack on USIS (U.S. Investigations Services) conducted potentially
by Chinese state-sponsored hackers via a vulnerability in SAP Software.
Hackers broke into third-party software in 2013 to open personal records
of federal employees and contractors with access to classified
intelligence, according to the government’s largest private employee…
Posted by Nitin Venkatesh on May 15
# Title: Cross-site Request Forgery & Cross-site Scripting in Encrypted
Contact Form WordPress Plugin v1.0.4
# Submitter: Nitin Venkatesh
# Product: Encrypted Contact Form WordPress Plugin
# Product URL: https://wordpress.org/plugins/encrypted-contact-form/
# Vulnerability Type: Cross-site Request Forgery [CWE-352], Cross-site
scripting[CWE-79]
# Affected Versions: v1.0.4 and possibly below.
# Tested versions: v1.0.4
# Fixed Version: v1.1
#…
Posted by MustLive on May 15
Hello list!
There are vulnerabilities in Hikvision DS-2CD2012-I.
These are XML Injection, Abuse of Functionality and Brute Force
vulnerabilities. All these vulnerabilities are present in other IP cameras
and DVR of Hikvision.
————————-
Affected vendors:
————————-
Hikvision
http://www.hikvision.com
————————-
Affected products:
————————-
Vulnerable are the next models with…
Posted by Security Explorations on May 15
Hello All,
Security Explorations decided to release technical details as well as
accompanying Proof of Concept codes (three complete GAE Java sandbox
escapes) for security issues identified in Google App Engine for Java
after initial Issues 1-31 [1] have been addressed by the company. All
relevant materials can be found at our SE-2014-02 project details page
(original Google reports 3-6, POC codes for Issues 35-41):…
Posted by Hanno Böck on May 14
The Wireshark parser code for Android Logcat network packages contained
a read heap overflow in the function detect_version().
This issue was reported to the Wireshark developers on May 5th. It was
fixed in the 1.12.5 release of Wireshark, published on May 12th. The
beta release 1.99.5 and the Git head code are not affected.
Appart from…
Posted by Zach C on May 14
Part 4 is up. An undersized malloc() during firmware decoding puts our
hopes and dreams of persistent exploitation in peril.
http://shadow-file.blogspot.com/2015/05/abandoned-part-04.html
If you care to follow along, remote debugging with IDA Pro and QEMU
will be useful, particularly starting in part 5. Check out my post on
that topic, if you’re interested.
http://shadow-file.blogspot.com/2015/01/dynamically-analyzing-wifi-routers-upnp.html…
Posted by Eiji James Yoshida on May 14
Hello all,
You can detect a promiscuous interface if you use Windows Management
Instrumentation Command-line (WMIC).
You don’t need PromiscDetect and Promqry.
# Command
wmic /NAMESPACE:\rootwmi PATH MSNdis_CurrentPacketFilter GET
# NDIS_PACKET_TYPE
00000001 1 DIRECTED
00000010 2 MULTICAST
00000100 4 ALL_MULTICAST
00001000 8 BROADCAST
00010000 16 SOURCE_ROUTING
00100000 32 PROMISCUOUS…
