SQL Injection Vulnerability in ArticleFR

Advisory ID: HTB23225
Product: ArticleFR
Vendor: Free Reprintables
Vulnerable Version(s): 3.0.4 and probably prior
Tested Version: 3.0.4
Advisory Publication:  July 23, 2014  [without technical details]
Vendor Notification: July 23, 2014 
Public Disclosure: August 20, 2014 
Vulnerability Type: SQL Injection [CWE-89]
CVE Reference: CVE-2014-5097
Risk Level: High 
CVSSv2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Solution Status: Solution Available
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory/ ) 

-----------------------------------------------------------------------------------------------

Advisory Details:

High-Tech Bridge Security Research Lab discovered SQL injection vulnerability in ArticleFR, which can
be exploited to perform SQL Injection attacks and gain complete control over vulnerable website.

1) SQL Injection in ArticleFR: CVE-2014-5097

The vulnerability exists due to insufficient sanitization of the "id" HTTP GET parameter passed to
"/rate.php" script, when "act" HTTP GET parameter is set to either "get" or "set". A remote attacker can
send a specially crafted HTTP GET request and execute arbitrary SQL commands in application’s
database. 

(Continue reading)

Moritz Muehlenhoff | 20 Aug 11:59 2014
Picon

[SECURITY] [DSA 3007-1] cacti security update


-------------------------------------------------------------------------
Debian Security Advisory DSA-3007-1                   security <at> debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
August 20, 2014                        http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package        : cacti
CVE ID         : CVE-2014-5025 CVE-2014-5026 CVE-2014-5027 CVE-2014-5261 
                 CVE-2014-5262

Multiple security issues (cross-site scripting, missing input sanitising
and SQL injection) have been discovered in Cacti, a web interface for 
graphing of monitoring systems.

For the stable distribution (wheezy), these problems have been fixed in
version 0.8.8a+dfsg-5+deb7u4.

For the unstable distribution (sid), these problems have been fixed in
version 0.8.8b+dfsg-8.

We recommend that you upgrade your cacti packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce <at> lists.debian.org
CERT | 20 Aug 11:13 2014
Picon

Deutsche Telekom CERT Advisory [DTC-A-20140820-001] check_mk vulnerabilities

Deutsche Telekom CERT Advisory [DTC-A-20140820-001] 

Summary:
Several vulnerabilities were found in check_mk prior versions 1.2.4p4 and 1.2.5i4.
The vulnerabilities are:
1 - Reflected Cross-Site Scripting (XSS)
2 - write access to config files (.mk files) 
3 - arbitrary code execution 

Recommendations:
Install software release 1.2.4p4, 1.2.5i4 or later. 

Homepage: http://mathias-kettner.de/check_mk.html

Details:
a) application
b) problem
c) CVSS
d) detailed description

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
a1) check_mk (git hash: 4b71709) [CVE-2014-5338]

b1) Reflected Cross-Site Scripting (XSS)

c1) CVSS 8.5 AV:N/AC:M/Au:S/C:C/I:C/A:C

d1) The check_mk application is susceptible to reflected XSS attacks. This is mainly the result of
improper output encoding. Reflected XSS can be triggered by sending a malicious URL to a user of the
check_mk application. Once the XSS attack is triggered, the attacker has access to the full check_mk (and
(Continue reading)

jackie | 20 Aug 10:33 2014

ICETC2014 - IEEE Extended Submission until Aug. 28, 2014

		   Apologies for cross-posting.
          Kindly forward to those who may be of interest.
=======================================================================
  International Conference on Education Technologies and Computers
			   (ICETC2014)
	  Lodz University of Technology, Lodz, Poland
	 	     September 22-24, 2014

	  http://sdiwc.net/conferences/2014/icetc2014

The conference is technically co-sponsored by IEEE Poland Section. All
registered papers will be submitted to IEEE for potential inclusion
to IEEE Xplore as well as other Abstracting and Indexing (A&I) 
databases.

Paper submission has been extended until August 28, 2014. For more 
details
and updates please visit the conference website or email us at 
icetc <at> sdiwc.net
=======================================================================
** T H A N K  Y O U  A N D  H O P E  T O  S E E  Y O U  T H E R E **

security-alert | 20 Aug 00:01 2014
Picon

[security bulletin] HPSBUX03095 SSRT101674 rev.1 - HP-UX running OpenSSL, Multiple Vulnerabilities


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04404655

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04404655
Version: 1

HPSBUX03095 SSRT101674 rev.1 - HP-UX running OpenSSL, Multiple
Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-08-14
Last Updated: 2014-08-14

Potential Security Impact: Remote Denial of Service (DoS), unauthorized
access.

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running
OpenSSL. These vulnerabilities could be exploited remotely to create a Denial
of Service (DoS), allow unauthorized access.

References:
(Continue reading)

security-alert | 19 Aug 23:07 2014
Picon

[security bulletin] HPSBUX03092 SSRT101668 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04398943

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04398943
Version: 1

HPSBUX03092 SSRT101668 rev.1 - HP-UX running Java6, Remote Unauthorized
Access, Disclosure of Information, and Other Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-08-19
Last Updated: 2014-08-19

Potential Security Impact: Remote unauthorized access, disclosure of
information, and other vulnerabilities

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in the Java Runtime
Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These
vulnerabilities could allow remote unauthorized access, disclosure of
information, and other vulnerabilities.

(Continue reading)

security-alert | 19 Aug 23:04 2014
Picon

[security bulletin] HPSBUX03091 SSRT101667 rev.1 - HP-UX running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04398922

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04398922
Version: 1

HPSBUX03091 SSRT101667 rev.1 - HP-UX running Java7, Remote Unauthorized
Access, Disclosure of Information, and Other Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-08-19
Last Updated: 2014-08-19

Potential Security Impact: Remote unauthorized access, disclosure of
information, and other vulnerabilities

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Java Runtime
Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These
vulnerabilities could allow remote unauthorized access, disclosure of
information, and other vulnerabilities.

(Continue reading)

security-alert | 19 Aug 22:17 2014
Picon

[security bulletin] HPSBMU03101 rev.1 - HP Asset Manager, CloudSystem Chargeback, running OpenSSL, Remote Disclosure of Information or Unauthorized Access


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04401858

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04401858
Version: 1

HPSBMU03101 rev.1 - HP Asset Manager, CloudSystem Chargeback, running
OpenSSL, Remote Disclosure of Information or Unauthorized Access

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-08-19
Last Updated: 2014-08-19

Potential Security Impact: Remote disclosure of information or unauthorized
access

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP Asset Manager
and CloudSystem Chargeback running OpenSSL. The vulnerability could be
exploited remotely to allow disclosure information or unauthorized access.

This OpenSSL vulnerability was detected in specific OpenSSL versions. OpenSSL
(Continue reading)

security-alert | 19 Aug 21:42 2014
Picon

[security bulletin] HPSBMU03094 rev.1 - HP Connect-IT, running OpenSSL, Remote Disclosure of Information or Unauthorized Access


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04401666

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04401666
Version: 1

HPSBMU03094 rev.1 - HP Connect-IT, running OpenSSL, Remote Disclosure of
Information or Unauthorized Access

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-08-19
Last Updated: 2014-08-19

Potential Security Impact: Remote disclosure of information or unauthorized
access

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP Connect-IT
running OpenSSL. The vulnerability could be exploited remotely to allow
disclosure information or unauthorized access.

This OpenSSL vulnerability was detected in specific OpenSSL versions. OpenSSL
(Continue reading)

Info RiseCON | 19 Aug 20:31 2014

[Call For Papers] RiseCON - Rosario, Argentina

RiseCON - Rosario Information Security Conference 2014
www.risecon.org
Fechas: 6 y 7 de noviembre de 2014
Locación: Plataforma Lavarden (Av Mendoza 1085) - Rosario, Santa Fe, Argentina

RiseCON es el primer y mayor evento de seguridad informática y hacking
realizado en la ciudad de Rosario, con nivel y trascendencia
internacional.

Para la 1º edición de RiseCON convocamos a todos aquellos que se
encuentren interesados en exponer sus investigaciones, trabajos y/o
desarrollos en el campo de la seguridad informática.

Las charlas podrán enviarse hasta del 15 de Septiembre (inclusive) a
cfp <at> risecon.org, adjuntando en un documento la siguiente información:

- Título de la Presentación
- Autor
- Duración estimada (máximo de 45 minutos)
- Temática
- Resumen de la charla (máximo 3000 palabras)
- ¿Incluye demo en vivo?
- ¿Presentará alguna nueva herramienta?
- ¿Presentará algún nuevo exploit?
- ¿La charla ha sido presentada anteriormente en alguna otra conferencia?
- Teléfono de contacto (Fijo y Celular)

Los temas de interés (pero no limitados) para charlas, trainings
(arancelados) y workshops (gratuitos) son los siguientes:

(Continue reading)

Security Alert | 19 Aug 16:23 2014

ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities



ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities

EMC Identifier: ESA-2014-071
 
CVE Identifier: CVE-2014-2517, CVE-2014-2505, CVE-2014-0640, CVE-2014-0641
 
Severity Rating: CVSS v2 Base Score: See below for individual scores
 

Affected Products:
RSA Archer GRC Platform version 5.x
 

Summary:  
RSA Archer GRC Platform 5.5 SP1 contains fixes for multiple security vulnerabilities that could
potentially be exploited by malicious users to compromise the affected system. 
 

Details:  
The vulnerabilities addressed in RSA Archer GRC Platform 5.5 SP1 are:

1.	Privilege Escalation Vulnerability (CVE-2014-2517)
This vulnerability can be potentially exploited by malicious non-privileged users to perform
unauthorized operations on certain functionality within the RSA Archer GRC Platform. 
CVSSv2 Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

(Continue reading)


Gmane