Full Disclosure
Posted by Securify B.V. on Nov 06
————————————————————————
Cisco RV Series multiple vulnerabilities
————————————————————————
Yorick Koster, June 2013
————————————————————————
Abstract
————————————————————————
Multiple vulnerabilities have been found in Cisco RV Series devices that
allows an…
Posted by MustLive on Nov 05
Hello list!
There are Abuse of Functionality, Brute Force and Cross-Site Request Forgery
vulnerabilities in D-Link DAP-1360 (Wi-Fi Access Point and Router).
————————-
Affected products:
————————-
Vulnerable is the next model: D-Link DAP-1360, Firmware 1.0.0. This model
with other firmware versions also must be vulnerable.
D-Link will fix these vulnerabilities in the next version of firmware (will
be released in…
Posted by KoreLogic Disclosures on Nov 05
Title: VMWare vmx86.sys Arbitrary Kernel Read
Advisory ID: KL-001-2014-004
Publication Date: 2014.11.04
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt
1. Vulnerability Details
Affected Vendor: VMWare
Affected Product: Workstation
Affected Version: 10.0.0.40273
Platform: Microsoft Windows XP SP3 x86, Microsoft Windows Server 2003 SP2 x86, Microsoft Windows 7 SP1 x86
CWE…
Posted by iliketurtles on Nov 03
# CNIL CookieViz XSS + SQL injection leading to user pwnage
#
# Product link: https://github.com/LaboCNIL/CookieViz
# CVE references CVE-2014-8351, CVE-2014-8352
TL;DR
—–
Since October 2014, the French National Commission on Informatics and
Liberty “CNIL” is performing some controls upon “tracing cookies” (ads,
webaudience etc.) set by French websites:…
Posted by Portcullis Advisories on Nov 03
Vulnerability title: Multiple Authenticated SQL Injections in EllisLab ExpressionEngine Core
CVE: CVE-2014-5387
Vendor: EllisLab
Product: ExpressionEngine Core
Affected version: Versions earlier than 2.9.0 Fixed version: 2.9.1 Reported by: Jerzy Kramarz and Alex Murillo Moya
Details:
SQL injection has been found and confirmed within the software as an authenticated user. A successful attack could
allow an authenticated attacker to access…
Posted by Hanno Böck on Nov 01
Found this with the help of fuzzing / address sanitizer.
Nothing to worry about too much, unlikely to cause any severe issues,
but it’s interesting how many issues there are that can be trivially
found via fuzzing.
Please note also that imagemagick 6.8.9-9 fixes another issue that got
CVE-2014-8561:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=764872
CVE-2014-8354: ImageMagick – Out-of-bounds read / heap overflow in
resize code…
Posted by David Fifield on Nov 01
It appears that this problem is now fixed. The software now generates a
CA certificate with an unpredictable private key when run for the first
time. The fix is in the released version 3.2.1.
I’ve updated the advisory page.
David Fifield
Posted by Security Explorations on Oct 31
Hello All,
We’ve been recently informed by a 3rd party that Oracle planned to release
fixes for the vulnerabilities covered by our SE-2014-01 [1] project in Nov
2014.
We initially thought that someone mistakenly took Oct for Nov (Oracle CPU
was released on Oct 14, 2014), but the credibility of the source of this
information made us dig a little bit further into this.
As a result we found out the following.
OJVM PSU patches covering…
Posted by SEC Consult Vulnerability Lab on Oct 31
SEC Consult Vulnerability Lab Security Advisory < 20141031-0 >
=======================================================================
title: XML External Entity Injection (XXE) and Reflected XSS
product: Scalix Web Access
vulnerable version: 11.4.6.12377 and 12.2.0.14697
fixed version: –
impact: Critical
homepage: http://www.scalix.com/
found: 2014-08-27…
Posted by Scott Arciszewski on Oct 30
Yes, you’re absolutely right. When I said it’s “almost the ideal situation”
I probably should have clarified what I meant.
I meant to say that in both WP-API’s code and in textbook examples of hash
constructs specifically vulnerable to length extension attacks involve
concatenating the data you are intending to authenticate with a
cryptographic secret. While their particular order is not known (to me,
anyway) to be as…