Posted by ITAS Team on Jan 13
# Exploit Title: SQL Injection Vulnerability in Microweber 0.95
# Vendor: https://microweber.com/
# Download link: https://microweber.com/download
(https://github.com/microweber/microweber)
# CVE ID: CVE-2014-9464
# Vulnerability: SQL Injection
# Affected version: Version 0.95 before 12/09/2014.
# Fixed version: Version 0.95 updated on 12/11/2014
# Author:…
Posted by Julius Kivimäki on Jan 13
ayy lmao
//Julius Kivimäki, leader of Lizard Squad
2015-01-12 10:29 GMT+00:00 Robert Cavanaugh <sleuth1337 () gmail com>:
Posted by Peter Lapp on Jan 13
Edit: Corrected the date in the timeline from 01/12/14 to 01/12/15.
Details
=======
Product: F5 BIG-IP Application Security Manager (ASM)
Vulnerability: Cross Site Scripting
Author: Peter Lapp, lappsec () gmail com
CVE: None assigned
Vulnerable Versions: Confirmed 11.4.0, 11.4.1. Likely 11.4.x-11.5.x.
Fixed Version: 11.6
Summary
=======
The F5 ASM is a web application firewall designed to protect web
applications from attacks. It allows for a…
Posted by Martin Schuhmacher on Jan 13
Hi
i just did
$ dd if=/dev/zero bs=1M count=32 | curl http://$IP/
Response: Unauthorized request
did i miss anything?
Firmware: snom360-SIP 8.7.4.8
not downloadable any more for some reason?
Yours
Martin
Fixes CVE-2014-9221 denial-of-service vulnerability.
Fixes CVE-2014-9221 denial-of-service vulnerability.
Red Hat Security Advisory 2015-0036-01 – HTCondor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority scheme, and resource monitoring and management. The HTCondor scheduler can optionally notify a user of completed jobs by sending an email. Due to the way the daemon sent the email message, authenticated users able to submit jobs could execute arbitrary code with the privileges of the condor user. This issue was discovered by Florian Weimer of Red Hat Product Security.
Red Hat Security Advisory 2015-0035-01 – HTCondor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority scheme, and resource monitoring and management. The HTCondor scheduler can optionally notify a user of completed jobs by sending an email. Due to the way the daemon sent the email message, authenticated users able to submit jobs could execute arbitrary code with the privileges of the condor user. This issue was discovered by Florian Weimer of Red Hat Product Security.