Full Disclosure
Posted by Nahuel GrisolÃa on Oct 30
Hi! I believe that what you’re saying in number 2 is not completely true.
I agree that an hmac is safer. Correct me if I’m wrong but $secret should
be at the beginning of the string in order to run a lenth extension attack.
Cheers,
Nahu.-
Posted by Jeff Costlow on Oct 30
Thanks to Oliver for reporting these to F5.
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html
Posted by Portcullis Advisories on Oct 30
Vulnerability title: XML External Entity Injection in F5 Networks Big-IP
CVE: CVE-2014-6033
Vendor: F5 Networks
Product: Big-IP
Affected version: 11.3.0.39.0
Fixed version: N/A
Reported by: Oliver Gruskovnjak
Details:
F5 Networks Big-IP is vulnerable to an XML External Entity injection attack. The following xml payload was used to
trigger the XXE (The vulnerable URL is redacted due to the number of affected systems):…
Posted by Portcullis Advisories on Oct 30
Vulnerability title: XML External Entity Injection in F5 Networks Big-IP
CVE: CVE-2014-6032
Vendor: F5 Networks
Product: Big-IP
Affected version: 11.3.0.39.0
Fixed version: N/A
Reported by: Oliver Gruskovnjak
Details:
F5 Networks Big-IP is vulnerable to an XML External Entity injection attack. The following xml payload was used to
trigger the XXE (The vulnerable URL is redacted due to the number of affected systems):
<?xml…
Posted by SCADA StrangeLove on Oct 29
Slides and demo Black Hat EU report on ATM security.
http://scadastrangelove.blogspot.com/2014/10/different-type-of-scada.html
Posted by SEC Consult Vulnerability Lab on Oct 29
SEC Consult Vulnerability Lab Security Advisory < 20141029-1 >
=======================================================================
title: Persistent cross site scripting
product: Confluence RefinedWiki Original Theme
vulnerable version: 3.x – 4.0.x
fixed version: 4.0.12
impact: high
homepage: http://www.refinedwiki.com/
found: 2014-08-07
by: Manuel…
Posted by SEC Consult Vulnerability Lab on Oct 29
SEC Consult Vulnerability Lab Security Advisory < 20141029-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: Vizensoft Admin Panel
vulnerable version: 2014
fixed version: –
impact: critical
homepage: http://www.vizensoft.com
found: 2014-07-10
by: A. Antukh, A. Baranov…
Posted by Scott Arciszewski on Oct 29
… or more accurately, asleep at the wheel!
_______________________________________________________
_________/ STORY TIME (feel free to skip this if you don’t care) __________
| |
| Recently, I made a quick analysis of all of the public projects listed |
| on HackerOne….
Posted by MustLive on Oct 28
Hello participants of Mailing List.
After making public release of DAVOSET
(http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2013-June/008850.html),
I’ve made next update of the software. At 23rd of October DAVOSET v.1.2.1
was released – DDoS attacks via other sites execution tool
(http://websecurity.com.ua/davoset/).
Video demonstration of DAVOSET: http://www.youtube.com/watch?v=RKi35-f346I
Also yesterday I opened a…
Posted by David Longenecker on Oct 28
The ASUS RT- series of wireless routers rely on an easily manipulated
process to determine if a firmware update is available, and to retrieve the
necessary update binary. In short, the router downloads via clear-text a
file from http://dlcdnet.asus.com, parses it to determine the latest
firmware version, then downloads (again in the clear) a binary file
matching that version number from the same web site. No HTTP = no assurance
that the site on…