Full Disclosure
Posted by Pierre Kim on Jul 02
Please find a text-only version below sent to security mailing-lists.
The complete version on exploits about my last advisory of ipTIME
products is posted here:
https://pierrekim.github.io/blog/2015-07-01-poc-with-RCE-against-127-iptime-router-models.html
=== text-version of the advisory ===
Disclaimer
This advisory is licensed under a Creative Commons Attribution
Non-Commercial
Share-Alike 3.0 License:…
Posted by David Leo on Jul 02
http://seclists.org/fulldisclosure/2015/Jun/109
Big Whale said:
“Tested on Google Chrome 43.0.2357.130 (64-bit) (Linux) and it works”
“clearly URL spoofing”
Thanks for testing!
http://seclists.org/oss-sec/2015/q3/0
0pc0deFR said:
“Work on Google Chrome Ubuntu”
Bonjour, thanks for testing!
http://seclists.org/oss-sec/2015/q2/824
Daniel Micay said:
“It does display a window with the oracle.com address”…
Posted by Vulnerability Lab on Jul 01
Document Title:
===============
Blueberry Express v5.9.x – SEH Buffer Overflow Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1535
Video: http://www.vulnerability-lab.com/get_content.php?id=1537
Release Date:
=============
2015-06-29
Vulnerability Laboratory ID (VL-ID):
====================================
1535
Common Vulnerability Scoring System:…
Posted by Vulnerability Lab on Jul 01
Document Title:
===============
FCS Scanner v1.0 & v1.4 – Command Inject Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1538
Release Date:
=============
2015-06-30
Vulnerability Laboratory ID (VL-ID):
====================================
1538
Common Vulnerability Scoring System:
====================================
5.9
Product & Service Introduction:…
Posted by Vulnerability Lab on Jul 01
Document Title:
===============
Ebay Magento Bug Bounty #14 – Persistent Description Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1463
EIBBP-31602
Release Date:
=============
2015-06-30
Vulnerability Laboratory ID (VL-ID):
====================================
1463
Common Vulnerability Scoring System:
====================================
3.8
Product & Service Introduction:…
Posted by Vulnerability Lab on Jul 01
Document Title:
===============
Pinterest Bug Bounty #1 – Persistent contact_name Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1431
Release Date:
=============
2015-06-30
Vulnerability Laboratory ID (VL-ID):
====================================
1431
Common Vulnerability Scoring System:
====================================
3.3
Product & Service Introduction:…
Posted by MustLive on Jun 30
Hello participants of Mailing List.
After making public release of DAVOSET
(http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2013-June/008850.html),
I’ve made next update of the software. DAVOSET v.1.2.5 was released – DDoS
attacks via other sites execution tool (http://websecurity.com.ua/davoset/).
Video demonstration of DAVOSET: http://www.youtube.com/watch?v=RKi35-f346I
GitHub: https://github.com/MustLive/DAVOSET…
Posted by Roney Gomes on Jun 30
2015-06-30 3:08 GMT-03:00 David Leo <david.leo () deusen co uk>:
Did not work for me. I have been redirected to Oracle’s actual website
and then to a blank page later. Strangely though, it worked on the
desktop version of Opera.
Posted by Big Whale on Jun 30
Tested on Google Chrome 43.0.2357.130 (64-bit) (Linux) and it works. I do not think it is some kind of DoS attack, it
is clearly URL spoofing vulnerability. Perhaps, your report does not clarify the vulnerability precisely.
Chrome Rewards – Application Security – Google
| |
| | | | | |
| Chrome Rewards – Application Security – GoogleChrome Reward Program Rules |
| |
| View on www.google.com | Preview by Yahoo |
|…
Posted by David Leo on Jun 30
Impact:
The “click to verify” thing is completely broken…
Anyone can be “BBB Accredited Business” etc.
You can make whitehouse.gov display “We love Islamic State” 🙂
Note:
No user interaction on the fake page.
Code:
***** index.html
<script>
function next()
{
w.location.replace(‘http://www.oracle.com/index.html?’+n);n++;
setTimeout(“next();”,15);…