Full Disclosure
Posted by Lord Tuskington on Oct 19
Cyanogenmod does not seem to be capable of maintaining their external
dependencies with security patches. There are many unpatched flaws,
including the CVE-2014-0107 RCE flaw in Xalan-J. For more details, see:
http://lordtuskington.blogspot.com/2014/10/more-cyanogenmod-flaws-in-dependencies.html
Lord Tuskington
Chief Financial Pinniped
TuskCorp
Posted by Lord Tuskington on Oct 19
After reading el reg’s article regarding a cyanogenmod MITM flaw, I started
looking through the code to see if I could find it. It didn’t take long.
This finding was not what users are led to believe by cyanogenmod’s blog
post:
http://www.cyanogenmod.org/blog/in-response-to-the-register-mitm-article
I reported the issue to cyanogenmod, but got a rather unsatisfactory reply.
They didn’t seem willing to modify the blog post to…
Posted by Simo Ben youssef on Oct 17
#!/usr/bin/perl
#
# Title: Fonality trixbox CE remote root exploit
# Author: Simo Ben youssef
# Contact: Simo_at_Morxploit_com
# Discovered & Coded: 2 June 2014
# Published: 17 October 2014
# MorXploit Research
# http://www.MorXploit.com
# Software: trixbox CE
# Version: trixbox-2.8.0.4.iso
# Vendor url: http://www.fonality.com/
# Download: http://sourceforge.net/projects/asteriskathome/files/trixbox%20CE/
# Vulnerable file:…
Posted by yoloswag on Oct 17
# Multiple unauthenticated SQL injections and unauthenticated remote
command injection in Centreon <= 2.5.2 and Centreon Enterprise Server <=
2.2|3.0
#
# Product link: http://www.centreon.com/
# CVE references
# |- CVE-2014-3828: Unauthenticated SQL injections
# |- CVE-2014-3829: Unauthenticated remote command injection
# CERT/CC reference: VU#298796
# Author: MaZ…
Posted by MustLive on Oct 17
Hello list!
These are Cross-Site Scripting vulnerabilities in Megapolis.Portal Manager.
It’s commercial CMS from Softline-IT (earlier Softline), which in
particularly widespread among Ukrainian government sites (including
ministry, parliament, two special services and many other web sites). In
2012 I already wrote about multiple vulnerabilities in Megapolis.Portal
Manager (http://securityvulns.ru/docs28651.html).
These particular…
Posted by CORE Advisories Team on Oct 16
Core Security – Corelabs Advisory
http://corelabs.coresecurity.com/
SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability
1. **Advisory Information**
Title: SAP Netweaver Enqueue Server Trace Pattern Denial of Service
Vulnerability
Advisory ID: CORE-2014-0007
Advisory URL:
http://www.coresecurity.com/advisories/sap-netweaver-enqueue-server-trace-pattern-denial-service-vulnerability
Date published: 2014-10-15
Date of last…
Posted by Stefan Horst on Oct 16
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: Drupal – pre-auth SQL Injection Vulnerability
Release Date: 2014/10/15
Last Modified: 2014/10/15
Author: Stefan Horst [stefan.horst[at]sektioneins.de]
Application: Drupal >= 7.0 <= 7.31
Severity: Full SQL injection, which results in total control and code execution of Website.
Risk: Highly Critical…
Posted by Nicolas Grégoire on Oct 16
IPy is a Python “class and tools for handling of IPv4 and IPv6 addresses
and networks” (https://github.com/haypo/python-ipy). This library is
sometimes used to implement blacklists forbidding internal, private or
loopback addresses.
Using octal encoding (supported by urllib2), it is possible to bypass
checks based on the result of the iptype() function. For example, IP
address ‘0177.0000.0000.0001’ is considered as…
Posted by Jing Wang on Oct 16
New York Times nytimes.com Page Design XSS Vulnerability (Almost all
Article Pages Before 2013 are Affected)
Domain:
http://www.nytimes.com/
Vulnerability Description:
The vulnerability occurs at New York Times’s URLs. Nytimes (short for New
York Times) uses part of the URLs to construct its pages. However, it seems
that Nytimes does not filter the content used for the construction at all
before 2013.
Based on Nytimes’s Design, Almost all…
Posted by Jing Wang on Oct 16
Exploit Title: OpenX Open Redirect Vulnerability
Product: OpenX
Vendor: OpenX
Vulnerable Versions: 2.8.10 and probably prior
Tested Version: 2.8.10
Advisory Publication: OCT 8, 2014
Latest Update: OCT 8, 2014
Vulnerability Type: Open Redirect [CWE-601]
CVE Reference: CVE-2014-2230
Risk Level: Low
CVSSv2 Base Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)
Solution Status: Solution Available
Credit: Wang Jing [Mathematics, Nanyang Technological…