Posted by Dirk-Willem van Gulik on Oct 14

The production versions of NSD accepts this fine ‘as is’ (FreeBSD-9.3); bind requires a bit of careful escaping.

On te wire one then sees the raw ‘binary’ — which can indeed be very raw:

000001d0 XX XX XX XX 31 28 29 20 7b 20 3a 3b 7d 3b 20 65 () { :;}; e|
000001e0 63 68 6f 20 63 76 65 2d 32 30 31 34 2d 36 32 37 |cho cve-2014-627|
000001f0 31 2c 20 63 76 65 2d 32 30 31 34 30 37 31 36 39 |1, cve-201407169|
00000200 2c…

Posted by omarbv on Oct 14

______ _ _ ____ ___ _ _
/ / _ ___ ___ | |_ ___ __| |/ ___/ _ | | |
/ /| |_) / _ / _ | __/ _ / _` | | | | | | | |
/ / | _ < (_) | (_) | || __/ (_| | |__| |_| | | |
/_/ |_| ____/ ___/ _____|__,_|_______/|_| _|

RootedCON 2015 – ‘Call for Papers’

PLEASE, READ CAREFULLY ALL THE DETAILS IN THIS DOCUMENT.

-=] About RootedCON

RootedCON is a security congress that will take…

Posted by E Boogie on Oct 14

Hello again Full disclosure,

One final email. A couple things to note about this.

I’ve been testing A LOT on A LOT of different browsers and Android
Devices.. The more I test, the more It becomes clear that my u0000
vulnerability is not legit and there is a different much larger CSP issues
at play here. (I did a lot of testing before reporting but there is a lot
going on here that caused me to mess up here).

First – The issue is not that…

Posted by Abraham Aranguren on Oct 14

Dear Full Disclosure friends,

We are pleased to let you know that OWASP OWTF 1.0 “Lionheart” has been released!
Dedicated to the courage and hard work shown by all OWASP OWTF contributors,
mentors, everybody that gave us cool ideas, etc. to make this amazing
release happen, to all of you, thank you!

Some links:
– – Handy redirect: http://owtf.org/
(takes you to: https://www.owasp.org/index.php/OWASP_OWTF)
– – Getting started -…

Posted by oststrom (public) on Oct 13

Hash: SHA1

*Preliminary VulnNote*

CVE-2014-2023 – Tapatalk for vbulletin 4.x – multiple blind sql injection
(pre-auth)

============================================================================
========

Overview

——–

date : 10/12/2014

cvss : 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N) base

cwe : 89

vendor : Tapatalk Inc

product : Tapatalk for vBulletin 4.x

versions affected: latest (to…

Posted by oststrom (public) on Oct 13

Hash: SHA1

CVE-2014-2022 – vbulletin 4.x – SQLi in breadcrumbs via xmlrpc API
(post-auth)

============================================================================
==

Overview

——–

date : 10/12/2014

cvss : 7.1 (AV:N/AC:H/Au:S/C:C/I:C/A:C) base

cwe : 89

vendor : vBulletin Solutions

product : vBulletin 4

versions affected : latest 4.x (to date); verified <= 4.2.2

*…

Posted by oststrom (public) on Oct 13

Hash: SHA1

CVE-2013-2021 – vBulletin 5.x/4.x – persistent XSS in AdminCP/ApiLog via
xmlrpc API (post-auth)

============================================================================
====================

Overview

——–

date : 10/12/2014

cvss : 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P) base

cwe : 79

vendor : vBulletin Solutions

product : vBulletin 4

versions affected : latest 4.x and 5.x (to date);…

Posted by E Boogie on Oct 13

I’ve done a little more testing and what I’ve found is pretty startling.

I tested on a Galaxy Note 2 running Android 4.4.2 and the CSP bypass worked.

I also tested on an old version of Safari on an iPad (Safari/7534.48.3) and
the CSP bypass also worked.

If you are so kind, please use ejj.io/test.php to test this for me. If it
worked, please press the “IT WORKED” button.

This way I can compile a large finger print of…

Posted by Dirk-Willem van Gulik on Oct 13

Security Advisory

DNS Reverse Lookup as a vector for the Bash vulnerability (CVE-2014-6271 et.al.)

CVE-2014-3671

references:
CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278
CVE-2014-7186 and, CVE-2014-7187

* Summary:

Above CVEs detail a number of flaws in bash prior related to the parsing
of environment variables (aka BashBug, Shellshock). Several networked
vectors for…

Posted by Vulnerability Lab on Oct 13

Document Title:
===============
PayPal Inc BB #85 MB iOS 4.6 – Auth Bypass Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=895

PayPal Security UID: Vxda0S

Video: http://www.vulnerability-lab.com/get_content.php?id=1338

View: https://www.youtube.com/watch?v=RXubXP_r2M4

Release Date:
=============
2014-10-09

Vulnerability Laboratory ID (VL-ID):
====================================…