|
|
Prev week |
Colapse all |
Post message
H2HC Cancun - Registrations are open 2010-10-19 Rodrigo Rubira Branco (BSDaemon) (rodrigo kernelhacking com) Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass 2010-10-19 Roberto Suggi Liverani (roberto suggi security-assessment com) Re: RE: [Full-disclosure] XSS in Oracle default fcgi-bin/echo 2010-10-19 paul szabo sydney edu au Dear An, > Referrer: <script>alert(1)</script> Yes, but... seems not all echo's get a Referer passed to them. Cheers, Paul Paul Szabo psz (at) maths.usyd.edu (dot) au [email concealed] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia [ more ] [ reply ] Re: [Full-disclosure] XSS in Oracle default fcgi-bin/echo 2010-10-19 paul szabo sydney edu au Dear Riyaz, > The mere mention of fcgi-bin/echo in your first mail is enough for anybody > to derive the PoC. Here's what I found in under a minute: > */fcgi-bin/echo/<script>aler('xss')</script>* Sorry, that is a different issue: the one you mention was patched by Oracle a long time ago. (All the [ more ] [ reply ] Antivirus detection after malware execution 2010-10-18 jason n00bz net The purpose of this writeup is to detail the execution of malicious code via a protocol handler (hcp) prior to being detected by Anti-Virus Technology. It should be noted that detection does occur by AV however only after the code is executed and placed into memory. Using this technique, an attac [ more ] [ reply ] Holoo Insecure Library Loading Vulnerability 2010-10-18 apa-iutcert nsec ir A vulnerability has been discovered in Holoo, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: ? idapi32.dll ? idr20009.dll ? odbc32.dll This can [ more ] [ reply ] Sahar Money Manager Insecure Library Loading Vulnerability 2010-10-18 apa-iutcert nsec ir A vulnerability has been discovered in Sahar Money Manager, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: * unicows.dll This can be exploited t [ more ] [ reply ] Rafe 7 Insecure Library Loading Vulnerability 2010-10-18 apa-iutcert nsec ir A vulnerability has been discovered in Rafe 7, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: ? idapi32.dll ? idbat32.dll ? idr20009.dll ? idsql [ more ] [ reply ] Brilliant Accounting System (59) Insecure Library Loading Vulnerability 2010-10-18 apa-iutcert nsec ir A vulnerability has been discovered in Brilliant Accounting System (59), which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: ? idapi32.dll ? idr20009 [ more ] [ reply ] Accounting Pro 2003 Insecure Library Loading Vulnerability 2010-10-18 apa-iutcert nsec ir A vulnerability has been discovered in Accounting Pro 2003, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list loaded is as follows: ? idapi32.dll ? idr20009.dll ? idsql3 [ more ] [ reply ] Xilisoft Video Converter Ultimate Insecure Library Loading Vulnerability 2010-10-18 apa-iutcert nsec ir A vulnerability has been discovered in Xilisoft Video Converter Ultimate , which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: ? quserex.dll ? wintab [ more ] [ reply ] Secunia Research: RealPlayer QCP Sample Chunk Parsing Buffer Overflow 2010-10-18 Secunia Research (remove-vuln secunia com) rPSA-2010-0066-1 samba samba-client samba-server samba-swat 2010-10-17 rPath Update Announcements (announce-noreply rpath com) rPath Security Advisory: 2010-0066-1 Published: 2010-10-17 Products: rPath Appliance Platform Linux Service 2 rPath Linux 2 Rating: Severe Exposure Level Classification: Remote System User Deterministic Privilege Escalation Updated Versions: samba=conary.rpath.com@rpl:2/3.0.33-1.4-1 [ more ] [ reply ] rPSA-2010-0065-1 krb5 krb5-server krb5-services krb5-workstation 2010-10-17 rPath Update Announcements (announce-noreply rpath com) rPSA-2010-0064-1 libtiff 2010-10-17 rPath Update Announcements (announce-noreply rpath com) rPath Security Advisory: 2010-0064-1 Published: 2010-10-17 Products: rPath Appliance Platform Linux Service 2 rPath Linux 2 Rating: Severe Exposure Level Classification: Remote User Deterministic Unauthorized Access Updated Versions: libtiff=conary.rpath.com@rpl:2/3.8.2-5.1-1 rPath [ more ] [ reply ] rPSA-2010-0063-1 perl 2010-10-17 rPath Update Announcements (announce-noreply rpath com) rPath Security Advisory: 2010-0063-1 Published: 2010-10-17 Products: rPath Appliance Platform Linux Service 2 rPath Linux 2 Rating: Informational Exposure Level Classification: Local User Deterministic Unauthorized Access Updated Versions: perl=conary.rpath.com@rpl:2/5.8.8-16.1-1 r [ more ] [ reply ] rPSA-2010-0058-1 bzip2 bzip2-extras 2010-10-17 rPath Update Announcements (announce-noreply rpath com) rPath Security Advisory: 2010-0058-1 Published: 2010-10-17 Products: rPath Appliance Platform Linux Service 2 rPath Linux 2 Rating: Informational Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: bzip2=conary.rpath.com@rpl:2/1.0.6-0.1-1 [ more ] [ reply ] Re: [Full-disclosure] XSS in Oracle default fcgi-bin/echo 2010-10-17 Riyaz Walikar (riyazwalikar gmail com) Hi Paul, The mere mention of fcgi-bin/echo in your first mail is enough for anybody to derive the PoC. Here's what I found in under a minute: /fcgi-bin/echo/<script>aler('xss')</script> Anybody with a days work in Web Application security would be able to figure this out knowing the vulnerable scr [ more ] [ reply ] Re: [SquirrelMail-Security] XSS in Squirrelmail plugin 'Virtual Keyboard' <= 0.9.1 2010-10-16 Moritz Naumann (security moritz-naumann com) Hi Paul, On 16.10.2010 02:44 Paul Lesniewski wrote: > On Tue, Oct 5, 2010 at 9:28 AM, Moritz Naumann > <security (at) moritz-naumann (dot) com [email concealed]> wrote: >> Squirrelmail plugin 'Virtual Keyboard' version 0.9.1 and lower is >> vulnerable to cross site scripting (XSS). [..] > As a member of the SquirrelMail develo [ more ] [ reply ] Re: [SquirrelMail-Security] XSS in Squirrelmail plugin 'Virtual Keyboard' <= 0.9.1 2010-10-16 Paul Lesniewski (paul squirrelmail org) On Tue, Oct 5, 2010 at 9:28 AM, Moritz Naumann <security (at) moritz-naumann (dot) com [email concealed]> wrote: > Hi, > > Squirrelmail plugin 'Virtual Keyboard' version 0.9.1 and lower is > vulnerable to cross site scripting (XSS). > > The vkeyboard.php script fails to sanitize the value of HTTP GET > parameter 'passformname' [ more ] [ reply ] RE: [Full-disclosure] XSS in Oracle default fcgi-bin/echo 2010-10-13 paul szabo sydney edu au Dear Thor, Amazing how people claim being logical ... sure sign they aren't! > ... Irrespective of the method you choose to validate "bona-fide" > recipients of your PoC, you will have no control over what the > recipient chooses to do with it once they have it. As such, logic > dictates that you [ more ] [ reply ] RE: [Full-disclosure] XSS in Oracle default fcgi-bin/echo 2010-10-13 Thor (Hammer of God) (thor hammerofgod com) >You make wrong assumptions, and jump to conclusions: > - Not anyone, but bona-fide ones only. > - I do not "own" an Oracle site to test. >Were not those obvious to right-thinking people? You misunderstand. Irrespective of the method you choose to validate "bona-fide" recipients of your PoC, you w [ more ] [ reply ] [USN-1004-1] Django vulnerability 2010-10-13 Jamie Strandboge (jamie canonical com) =========================================================== Ubuntu Security Notice USN-1004-1 October 13, 2010 python-django vulnerability CVE-2010-3082 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 10.10 This [ more ] [ reply ] RE: [Full-disclosure] XSS in Oracle default fcgi-bin/echo 2010-10-13 paul szabo sydney edu au Dear Thor, >>Hmm... maybe difficult to verify, since I did not post a PoC test. >>Maybe a kind Oracle admin could point me to a patched fcgi-bin/echo? >>Funny if any such existed: an admin careful to keep patches up-to-date, but >>careless in not following security recommendations to remove... >>Ma [ more ] [ reply ] H2HC 2009 Videos Available! 2010-10-14 Rodrigo Rubira Branco (BSDaemon) (rodrigo kernelhacking com) Dear All, It is a pleasure to announce that the H2HC 2009 videos are finally available online! We had a very exciting conference with some 0day vulnerabilities affecting Microsoft Platforms released by Cesar Cerrudo. Those vulnerabilities have been later explained in Blackhat this year, which sho [ more ] [ reply ] |
|
Privacy Statement |
I'm happy (and proud) to announce that the registrations for H2HC Cancun
are finally available online.
This is the first year of the conference in Cancun/Mexico (on 3rd of
december) and the 7th year of the Conference in São Paulo/Brazil (on
27-28 of november). We are growing fast and
[ more ] [ reply ]