Category Archives: Full Disclosure

Full Disclosure

xdg-open RCE

Posted by joernchen on Nov 14

Hi,

I just ran into some RCE issue with xdg-open today and figured it’s known
and unfixed since 2013-06-10 [0] (respectively 2013-07-07 upstream [1])

As apparently noone cares about this I just leave a silly PoC [3]
(should work with Chromium on Arch/Gentoo Linux) here. Additional
requirement is a Window Manager which is _NOT_ one of the following:

* KDE
* GNOME
* MATE
* XFCE
* ENLIGHTENMENT

Cheers,

joernchen

[0]…

XSS Reflected in Page visualization agents in Pand ora FMS v5.1SP1 – Revisión PC141031 (CVE-2014- 8629)

Posted by William Costa on Nov 14

I. VULNERABILITY

————————-

XSS Reflected in Page visualization agents in Pandora FMS v5.1SP1 –
Revisión PC141031

II. BACKGROUND
Pandora FMS is the monitoring software chosen by several companies all
around the world for managing their IT infrastructure. Besides ensuring
high performance and maximum flexibility, it has aIII.

DESCRIPTION
————————-
Has been detected a Reflected XSS vulnerability in Pandora FMS…

CVE-2014-8683 XSS in Gogs Markdown Renderer

Posted by Timo Schmid on Nov 14

XSS in Gogs Markdown Renderer
=============================
Researcher: Timo Schmid <tschmid () ernw de>

Description
===========
Gogs(Go Git Service) is a painless self-hosted Git Service written in
Go. (taken
from [1])

It is very similiar to the github hosting plattform. Multiple users can
create
multiple repositories and share code with others with the git version
control
system. Repositories can be marked as public or private to…

CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs

Posted by Timo Schmid on Nov 14

Unauthenticated SQL Injection in Gogs repository search
=======================================================
Researcher: Timo Schmid <tschmid () ernw de>

Description
===========
Gogs(Go Git Service) is a painless self-hosted Git Service written in
Go. (taken
from [1])

It is very similiar to the github hosting plattform. Multiple users can
create
multiple repositories and share code with others with the git version
control
system….

CVE-2014-8681 Blind SQL Injection in Gogs label search

Posted by Timo Schmid on Nov 14

Blind SQL Injection in Gogs label search
========================================
Researcher: Timo Schmid <tschmid () ernw de>

Description
===========
Gogs(Go Git Service) is a painless self-hosted Git Service written in
Go. (taken
from [1])

It is very similiar to the github hosting plattform. Multiple users can
create
multiple repositories and share code with others with the git version
control
system. Repositories can be marked as…

Prey Anti-Theft for Android missing SSL certificate validation [STIC-2014-0731]

Posted by Programa STIC on Nov 14

Fundación Dr. Manuel Sadosky – Programa STIC Advisory
www.fundacionsadosky.org.ar

Prey Anti-Theft for Android missing SSL certificate validation

1. *Advisory Information*

Title: Prey Anti-Theft for Android missing SSL certificate validation
Advisory ID: STIC-2014-0731
Advisory URL: http://www.fundacionsadosky.org.ar/publicaciones-2
Date published: 2014-11-11
Date of last update: 2014-11-11
Vendors contacted: Fork Ltd….

CVE-2014-7290 Atlas Systems Aeon XSS (Cross-Site Scripting) Vulnerability

Posted by Jing Wang on Nov 14

CVE-2014-7290 Atlas Systems Aeon XSS (Cross-Site Scripting) Vulnerability

Exploit Title: Atlas Systems Aeon XSS Vulnerability
Product: Aeon
Vendor: Atlas Systems
Vulnerable Versions: 3.6 3.5
Tested Version: 3.6
Advisory Publication: Nov 12, 2014
Latest Update: Nov 12, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-7290
Solution Status: Fixed by Vendor
Credit: Wang Jing [Mathematics, Nanyang Technological…

Bypass Google Open Redirect Filter Based on Googleads.g.doubleclick.net

Posted by Jing Wang on Nov 14

Bypass Google Open Redirect Filter Based on Googleads.g.doubleclick.net
<http://googleads.g.doubleclick.net/>
— Google Covert Redirect Vulnerability Based on Googleads.g.doubleclick.net
<http://googleads.g.doubleclick.net/>

The vulnerability exists at “Logout?” page with “&continue” parameter, i.e.
https://www.google.com/accounts/Logout?service=writely&continue=https://googleads.g.doubleclick.net

The…

Google DoubleClick.net(Advertising) System URL Redirection Vulnerabilities Can be Used by Spammers

Posted by Jing Wang on Nov 14

Google DoubleClick.net(Advertising) System URL Redirection Vulnerabilities
Can be Used by Spammers

Although Google does not include Open Redirect vulnerabilities in its bug
bounty program, its preventive measures against Open Redirect attacks have
been quite thorough and effective to date.

However, Google might have overlooked the security of its DoubleClick.net
<http://doubleclick.net/> ​advertising system. After some test, it is found…

CFP: AIPR2015 China – Artificial Intelligence and Pattern Recognition

Posted by Hazel Ann on Nov 14

The Fourth International Conference on Informatics & Applications (ICIA2015)

July 20-22, 2015 » Takamatsu, Japan
Kagawa University

Venue: Takamatsu Symbol Tower

http://sdiwc.net/conferences/icia2015/

icia2015 () sdiwc net

All registered papers will be included in SDIWC Digital Library
==============================================================

The conference aims to enable researchers build connections between
different digital…