Computer Security Vulnerabilities

Mario Alejandro Vilas Jerez | 1 Dec 2009 04:47

Picon

WinAppDbg 1.3 is out!

What is WinAppDbg?

==================

The WinAppDbg python module allows developers to quickly code instrumentation

scripts in Python under a Windows environment.

It uses ctypes to wrap many Win32 API calls related to debugging, and provides

an object-oriented abstraction layer to manipulate threads, libraries and

processes, attach your script as a debugger, trace execution, hook API calls,

handle events in your debugee and set breakpoints of different kinds (code,

hardware and memory). Additionally it has no native code at all, making it

easier to maintain or modify than other debuggers on Windows.

The intended audience are QA engineers and software security auditors wishing to

test / fuzz Windows applications with quickly coded Python scripts. Several

ready to use utilities are shipped and can be used for this purposes.

Current features also include disassembling x86 native code (using the open

source diStorm project, see http://ragestorm.net/distorm/), debugging multiple

(Continue reading)

FreeBSD Security Officer | 1 Dec 2009 02:20

Picon

Upcoming FreeBSD Security Advisory


Hi all,

A short time ago a "local root" exploit was posted to the full-disclosure
mailing list; as the name suggests, this allows a local user to execute
arbitrary code as root.

Normally it is the policy of the FreeBSD Security Team to not publicly
discuss security issues until an advisory is ready, but in this case
since exploit code is already widely available I want to make a patch
available ASAP.  Due to the short timeline, it is possible that this
patch will not be the final version which is provided when an advisory
is sent out; it is even possible (although highly doubtful) that this
patch does not fully fix the issue or introduces new issues -- in short,
use at your own risk (even more than usual).

The patch is at
  http://people.freebsd.org/~cperciva/rtld.patch
and has SHA256 hash
  ffcba0c20335dd83e9ac0d0e920faf5b4aedf366ee5a41f548b95027e3b770c1

I expect a full security advisory concerning this issue will go out on
Wednesday December 2nd.

c0dy | 1 Dec 2009 17:14

Theeta CMS (Cross Site Scripting,SQL Injection) Multiple Vulnerabilities

##################################################################
##################################################################
#          ___   ___  _   _____        __                   _    #
#         / _ \ / _ \| | |  __ \      / _|                 | |   #
#    _ __| | | | | | | |_| |  | | ___| |_ __ _  ___ ___  __| |   #
#   | '__| | | | | | | __| |  | |/ _ \  _/ _` |/ __/ _ \/ _` |   #
#   | |  | |_| | |_| | |_| |__| |  __/ || (_| | (_|  __/ (_| |   #
#   |_|   \___/ \___/ \__|_____/ \___|_| \__,_|\___\___|\__,_|   #
#                                                                #
#                                                                #
#                                             +-+-+-+-+          #
#                                             |C|r|e|w|          #
#                                             +-+-+-+-+          #
##################################################################
##################################################################
# [#] Theeta CMS (Cross Site Scripting,SQL Injection) Multiple Vulnerabilities  #
# [#] Discovered By c0dy                                         #
# [#] http://r00tDefaced.net                                     #
# [#] Greetz: sHoKeD-bYte, syst0x1c & r00tDefaced Members        #
##################################################################
#
# [1]-Cross Site Scripting
#
# Vulnerability Description:
#               Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web
applications which allow code #injection by malicious web users into the web pages viewed by other users.
#
# Affected items:
#          http://127.0.0.1/community/thread.php?start=[XSS] 
#          http://127.0.0.1/community/thread.php?forum=[XSS]

(Continue reading)

Secunia Research | 2 Dec 2009 13:27

Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability

====================================================================== 

                     Secunia Research 02/12/2009

   - Roxio Creator Image Rendering Integer Overflow Vulnerability -

====================================================================== 
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10

====================================================================== 
1) Affected Software 

* Roxio Easy Media Creator 9.0.136
* Roxio Creator 2010

NOTE: Other versions may also be affected.

====================================================================== 
2) Severity

(Continue reading)

smf2.review | 2 Dec 2009 04:37

Picon

40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit)

This is the first batch of vulnerabilities found by the SimpleAudit team from elhacker.net
http://labs.elhacker.net/simpleaudit

Our goal is to evaluate the security of SMF 2.0 before using it on our own server, and we have found several
security vulnerabilities.

The vulnerabilities that also apply to SMF 1.1.10 were fixed by the SMF team today, on SMF 1.1.11 visit
simplemachines.org for details.

You can review the list of the published vulnerabilities in:
http://code.google.com/p/smf2-review/issues/list

 

  CSRF, RCE   PHP Remote Code Execution SMF2 www.kernel32   
  CSRF   CSRF theme change SMF2, SMF1 www.kernel32   
  CSRF   Subforum Category Collapse CSRF SMF2, SMF1 www.kernel32   
  CSRF   CSRF en el gestor de servidores de paquetes SMF2, SMF1 www.kernel32   
  XSS   XSS in package server manager SMF2, SMF1 www.kernel32   
  CSRF   CSRF package deletion and installed package disclosure SMF2 www.kernel32   
  CSRF, XSS   Attached files configuration CSRF SMF2 www.kernel32   
  XSS   XSS in "Enable basic HTML in posts" SMF2 sirdarckcat   
  RFD   Remote File Disclosure (solo en logs, y similares) SMF2 sirdarckcat   
  CSRF   CSRF en Moderation Preferences SMF2 sirdarckcat   
  XSS   XSS en el censurador de palabras SMF2, SMF1 sirdarckcat   
  CSRF   CSRF in Polls SMF2, SMF1 sirdarckcat   
  XSS   installer XSS SMF2 brlvldvlsmrtnz   
  XSS   XSS in the installer (install.php) SMF2 cicatriz.r00t   
  CSRF   CSRF in the message rule manager SMF2 cicatriz.r00t   
  XSS   XSS in smileys manager SMF2 cicatriz.r00t

(Continue reading)

Andrew Farmer | 1 Dec 2009 18:00

Picon

Re: [Full-disclosure] Remote Command Execution in dotDefender Site Management

On 30 Nov 2009, at 07:48, John Dos wrote:
> After passing the Basic Auth login you can create/delete applications.

If Basic auth is the only protection, isn't dotDefender also vulnerable to XSRF?

Robert BARABAS | 1 Dec 2009 21:01

Picon

Re: ** FreeBSD local r00t zeroday

> FreeBSD 7.1-RELEASE *** VULNERABLE
7.2 also proved to be vulnerable.
Regards,

DC
--

-- 
GnuPG / PGP-Key: A44B63B0
Fingerprint: AADB C589 5397 CADB 56DA 051C C5C6 DEE9 A44B 63B0

Juha-Matti Laurio | 2 Dec 2009 12:51

Picon

Same-origin policy bypass vulnerabilities in several VPN products reported

Vulnerabilities in several clientless SSL VPN products have been reported.

Gathering authentication cookies etc. is reportedly possible.
At time of writing US-CERT's advisory lists the status of about 90 vendors.

US-CERT Vulnerability Note VU#261869:
http://www.kb.cert.org/vuls/id/261869
Severity metric is remarkable high: 45,00.

This issue is CVE-2009-2631.

Juha-Matti

Secunia Research | 2 Dec 2009 12:53

Secunia Research: Lateral Arts Photobox uploader ActiveX Control Buffer Overflow

====================================================================== 

                     Secunia Research 02/12/2009

      - Lateral Arts uploader ActiveX Control Buffer Overflow -

====================================================================== 
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Description of Vulnerability.........................................3
Solution.............................................................4
Time Table...........................................................5
Credits..............................................................6
References...........................................................7
About Secunia........................................................8
Verification.........................................................9

====================================================================== 
1) Affected Software 

* Lateral Arts Photobox uploader ActiveX Control 2.2.0.6

NOTE: Other versions may also be affected.

====================================================================== 
2) Severity 

Rating: Highly critical

(Continue reading)

Barkın KILIÇ | 2 Dec 2009 17:44

Re: ** FreeBSD local r00t zeroday

On Tue, 1 Dec 2009 15:01:13 -0500
Robert BARABAS <dc <at> ktk.bme.hu> wrote:

> > FreeBSD 7.1-RELEASE *** VULNERABLE
> 7.2 also proved to be vulnerable.
> Regards,
> 
> DC

7.0 is also vulnerable

Group

gmane.comp.security.bugtraq.

Advertisement

Search Archive

Page

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 26

Articles in period: 256

December 2009

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane

Recent entries

[SECURITY] [DSA 2628-2] nss-pam-ldapd update (18 Jun 2013)
[SECURITY] [DSA 2698-1] tiff security update (18 Jun 2013)
APPLE-SA-2013-06-18-1 Java for OS X 2013-004 and Mac OS X v10.6 Update (18 Jun 2013)
[SECURITY] [DSA 2710-1] xml-security-c security update (18 Jun 2013)
FreeBSD Security Advisory FreeBSD-SA-13:06.mmap (18 Jun 2013)
[security bulletin] HPSBHF02885 rev.2 - HP Integrated Lights-Out iLO3 (17 Jun 2013)
LSE Leading Security Experts GmbH - LSE-2013-06-13 - Avira AntiVir Eng (13 Jun 2013)
[ MDVSA-2013:173 ] subversion (13 Jun 2013)
[SECURITY] [DSA 2707-1] dbus security update (13 Jun 2013)
[ MDVSA-2013:172 ] wireshark (12 Jun 2013)
SQL Injection in Dolphin (12 Jun 2013)
[security bulletin] HPSBMU02884 rev.1 - HP Service Manager and HP Serv (11 Jun 2013)
t2'13: Call for Papers 2013 (Helsinki / Finland) (11 Jun 2013)
[security bulletin] HPSBHF02885 rev.1 - HP Integrated Lights-Out iLO3 (11 Jun 2013)
[SECURITY] [DSA 2706-1] chromium-browser security update (10 Jun 2013)
[SECURITY] [DSA 2705-1] pymongo security update (10 Jun 2013)
[SECURITY] [DSA 2704-1] mesa security update (9 Jun 2013)
[SECURITY] [DSA 2703-1] subversion security update (9 Jun 2013)
Bluetooth Chat Connect v1.0 iOS - Multiple Vulnerabilities (9 Jun 2013)
Fail2ban 0.8.9, Denial of Service (Apache rules only) (8 Jun 2013)
Netgear FVG318 is vunerable to DOS attack (8 Jun 2013)

Archives

43	June 2013
111	May 2013
230	April 2013
130	March 2013
135	February 2013
97	January 2013
104	December 2012
97	November 2012
125	October 2012
105	September 2012
147	August 2012
131	July 2012
129	June 2012
128	May 2012
188	April 2012
161	March 2012
134	February 2012
136	January 2012
155	December 2011
155	November 2011
151	October 2011
160	September 2011
159	August 2011
157	July 2011
117	June 2011
152	May 2011
212	April 2011
250	March 2011
158	February 2011
145	January 2011
216	December 2010
171	November 2010
221	October 2010
161	September 2010
269	August 2010
223	July 2010
178	June 2010
254	May 2010
186	April 2010
186	March 2010
160	February 2010
209	January 2010
256	December 2009
146	November 2009
261	October 2009
249	September 2009
271	August 2009
279	July 2009
284	June 2009
325	May 2009
316	April 2009
295	March 2009
255	February 2009
320	January 2009
273	December 2008
254	November 2008
284	October 2008
362	September 2008
323	August 2008
317	July 2008
249	June 2008
379	May 2008
344	April 2008
425	March 2008
477	February 2008
452	January 2008
385	December 2007
473	November 2007
491	October 2007
435	September 2007
517	August 2007
410	July 2007
412	June 2007
451	May 2007
511	April 2007
510	March 2007
579	February 2007
685	January 2007
464	December 2006
611	November 2006
568	October 2006
564	September 2006
606	August 2006
610	July 2006
796	June 2006
725	May 2006
628	April 2006
659	March 2006
602	February 2006
613	January 2006
415	December 2005
430	November 2005
441	October 2005
441	September 2005
473	August 2005
595	July 2005
366	June 2005
394	May 2005
568	April 2005
595	March 2005
567	February 2005
426	January 2005
536	December 2004
489	November 2004
396	October 2004
480	September 2004
439	August 2004
406	July 2004
527	June 2004
369	May 2004
456	April 2004
441	March 2004
730	February 2004
470	January 2004
372	December 2003
448	November 2003
460	October 2003
679	September 2003
477	August 2003
487	July 2003
282	June 2003
394	May 2003
425	April 2003
510	March 2003
411	February 2003
445	January 2003
287	December 2002
427	November 2002
453	October 2002
366	September 2002
407	August 2002
450	July 2002
379	June 2002
298	May 2002
426	April 2002
292	March 2002
1	December 2001
2	July 2001
1	July 2000
2	January 2000

Design

Zawodny | Right Menu | Left Menu

Your Own Design

Paste the URL of your CSS below. Download CSS template