Full Disclosure
Posted by Larry W. Cashdollar on Feb 21
Title: xaviershay-dm-rails v0.10.3.8 mysql credential exposure
Author: Larry W. Cashdollar, @_larry0
Date: 2015-02-17
Download Site: https://rubygems.org/gems/xaviershay-dm-rails
Vendor: Martin Gamsjaeger, Dan Kubb
Vendor Notified: 2015-02-17
Vendor Contact: notreal [at] rhnh.net
Description: This gem provides the railtie that allows datamapper to hook into rails3 and thus behave like a rails
framework component. Just like activerecord does in…
Posted by Taoguang Chen on Feb 21
#Type Confusion Infoleak Vulnerability in unserialize() with DateTimeZone
Taoguang Chen <[ () chtg](http://github.com/chtg)> – Write Date:
2015.1.29 – Release Date: 2015.2.20
Affected Versions
————
Affected is PHP 5.6 < 5.6.6
Affected is PHP 5.5 < 5.5.22
Affected is PHP 5.4 < 5.4.38
Credits
————
This vulnerability was disclosed by Taoguang Chen.
Description
————
“`
static int…
Posted by Taoguang Chen on Feb 21
#Use After Free Vulnerability in unserialize() with DateTime* [CVE-2015-0273]
Taoguang Chen <[ () chtg](http://github.com/chtg)> – Write Date:
2015.1.29 – Release Date: 2015.2.20
Affected Versions
————
Affected is PHP 5.6 < 5.6.6
Affected is PHP 5.5 < 5.5.22
Affected is PHP 5.4 < 5.4.38
Credits
————
This vulnerability was disclosed by Taoguang Chen.
Description
————
“`
static int…
Posted by Steffen Rösemann on Feb 21
Advisory: Multiple SQLi, stored/reflecting XSS- and CSRF-vulnerabilities in
phpBugTracker v.1.6.0
Advisory ID: SROEADV-2015-16
Author: Steffen Rösemann
Affected Software: phpBugTracker v.1.6.0
Vendor URL: https://github.com/a-v-k/phpBugTracker
Vendor Status: patched
CVE-ID: will asked to be assigned after release on FullDisclosure via
OSS-list
Tested on: OS X 10.10 with Firefox 35.0.1 ; Kali Linux 3.18, Iceweasel 31
==========================…
Posted by Steffen Rösemann on Feb 21
Advisory: Stored XSS-Vulnerabilities in MyBB v. 1.8.3
Advisory ID: SROEADV-2015-15
Author: Steffen Rösemann
Affected Software: MyBB v. 1.8.3
Vendor URL: http://www.mybb.com
Vendor Status: patched
CVE-ID: –
==========================
Vulnerability Description:
==========================
MyBB v. 1.8.3 suffers from multiple stored XSS-vulnerabilities in the
administrative backend.
==================
Technical Details:
==================
The…
Posted by Stefan Kanthak on Feb 21
Hi @ll,
the just released iTunes 12.1.1 for Windows still comes with
outdated and VULNERABLE 3rd party libraries and vulnerable
command lines:
In AppleMobileDeviceSupport.msi:
* libeay32.dll and ssleay32.dll 0.9.8za from 2014-06-05
The current version is 0.9.8ze and has 21 security fixes
which are missing in 0.9.8za; see <http://openssl.org/news/>
At last, these DLLs are no more 7 years old as before, but
“only” 8…
Posted by Stefan Kanthak on Feb 21
Hi @ll,
in order to prevent the start of the defunct USENET news client
(alias “Windows Mail”) that Microsoft installs with Windows 7
and later versions of Windows as “Microsoft Outlook NewsReader”,
the installation of all editions of Microsoft Office 2010 which
include Microsoft Outlook 2010 as well as the standalone version
of the latter create the following registry entries for the
“Microsoft Outlook NewsReader”…
Posted by Praveen D on Feb 21
CVE-2015-0555
Introduction
*************************************************************
There is a Buffer Overflow Vulnerability which leads to Remote Code
Execution.
Vulnerability is due to input validation to the API ReadConfigValue and
WriteConfigValue API’s in XnsSdkDeviceIpInstaller.ocx
This is different from CVE-2014-3911 as the version of iPolis 1.12.2
(latest as of 12/12/2014).
CVE-2014-3911 is related to different ActiveX and on…
Posted by Paweł on Feb 21
Hello,
What do you think about it?
https://trac.videolan.org/vlc/ticket/13875
VLC for Android Beta was downloaded by over 10.000.000. This file crash
this app. On VLC beta for Windows bug is exploitable. Currently for windows
is fixed, but for android is still vulnerable.
Posted by Levon Kayan on Feb 21
Hi,
We just released version 1.2 of our PE encrypter, hyperion.
[ CHANGELOG ]
– added support for Windows 8 and 8.1
[ DESCR ]
Hyperion is a runtime encrypter for 32-bit portable executables. It is
a reference implementation and bases on the paper “Hyperion:
Implementation of a PE-Crypter”.
[ LINKS ]
Tool @ http://www.nullsecurity.net/tools/binary.html
Papers/slides available @ http://nullsecurity.net/papers.html
cheers,
noptrix