Posted by Jing Wang on Dec 09

*ESPN espn.go.com <http://espn.go.com/> Login & Register Page XSS and Dest
Redirect Privilege Escalation Security Vulnerabilities*

*Domain:*
http://espn.go.com/

*”*As of August 2013, ESPN is available to approximately 97,736,000 pay
television households (85.58% of households with at least one television
set) in the United States.[2]
<http://en.wikipedia.org/wiki/ESPN#cite_note-2> In addition to the flagship
channel and its…

Posted by VMware Security Response Center on Dec 09

————————————————————————
VMware Security Advisory

Advisory ID: VMSA-2014-0013
Synopsis: VMware vCloud Automation Center product updates address a
critical remote privilege escalation vulnerability
Issue date: 2014-12-09
Updated on: 2014-12-09 (Initial Advisory)
CVE number: CVE-2014-8373

————————————————————————

1. Summary…

Posted by Alfred Baroti on Dec 09

Hi,
I was wondering if someone found something similar with this. I didn’t find anything similar with this before.

Here is:

root () pay1-test:~# ssh zimadmin () 0
zimadmin () 0’s password:
——-;i——————————————
—–.,if——————————————
—–,tLE,————–..:;ji———————
—-;ittL;———-.;;;tjfGj.———————…

Posted by A. W. on Dec 09

[+] Humhub [1] SQL injection vulnerability
[+] Discovered by: Jos Wetzels, Emiel Florijn
[+] Affects: Humhub <= 0.10.0-rc.1

The Humhub social networking kit versions 0.10.0-rc.1 and prior suffer
from an SQL injection vulnerability, which has now been resolved in
cooperation with the vendor [2], in its notification listing
functionality allowing an attacker to obtain backend database access.
In the actionIndex() function located in…

Posted by Shawn on Dec 08

Hi Agostino,

I don’t think this issue impact on Grsecurity/PaX, which
Hardened-Gentoo is using PaX.

Posted by Agostino Sarubbo on Dec 08

On Gentoo (Hardened) I always get form
./get_offset2lib:

Offset2lib (libc): 0x0

Posted by stephen () averagesecurityguy info on Dec 08

Coinbase User Enumeration
=========================
The Coinbase web site allows user enumeration, which would normally not be a big deal, but in this case, we are able to
enumerate a users username, “real name”, and an MD5 hash of the user’s email address. Using a large list of email
addresses and a tool like hashcat it is possible to determine the email address for many of these users. Keep in mind
that the real name is user…

Posted by Jeffrey Walton on Dec 08

Now might be a good time to reflect on the past, and recall Sony has
had at least 22 breaches in the past.

Thanks to Security Curmudgeon for putting this list together:
http://attrition.org/security/rant/sony_aka_sownage.html.

Posted by Security Explorations on Dec 06

Hello All,

We discovered multiple security issues in Google App Engine that allow
for a complete Java VM security sandbox escape.

There are more issues pending verification – we estimate them to be in
the range of 30+ in total.

Quick summary of our developments so far:
– we bypassed GAE whitelisting of JRE classes / achieved complete Java VM
security sandbox escape (17 full sandbox bypass PoC codes exploiting 22
issues in total),
– we…

Posted by Vulnerability Lab on Dec 05

Document Title:
===============
NASA Orion – Bypass, Persistent Issue & Embed Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1339

[VU#666988] US CERT

Vulnerability Magazine:
http://magazine.vulnerability-db.com/?q=articles/2014/12/05/nasa-mars-orion-program-researcher-reveals-vulnerability-boarding-pass

Reference Article:…