AoF and CSRF vulnerabilities in D-Link DAP 1150

Hello 3APA3A! I want to warn you about new security vulnerabilities in D-Link DAP 1150 Wi-Fi Access Point and Router. These are Abuse of Functionality and Cross-Site Request Forgery vulnerabilities. This is my third advisory from series of advisories about vulnerabilities in D-Link products. Abus...

CVE-2012-0789

Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service memory consumption by triggering many strtotime function calls, which are not properly handled by the phpdateparsetzfile cache...

CVE-2012-1057

Cross-site request forgery CSRF vulnerability in the clickthrough tracking functionality in the Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that increase node rankings via the...

GLSA-201201-16 : X.Org X Server/X Keyboard Configuration Database: Screen lock bypass

The remote host is affected by the vulnerability described in GLSA-201201-16 X.Org X Server/X Keyboard Configuration Database: Screen lock bypass Starting with the =x11-base/xorg-server-1.11 package, the X.Org X Server again provides debugging functionality that can be used terminate an applicati...

CVE-2011-4132

CVE-2011-4132 affects the Linux kernel’s Journaling Block Device (JBD) cleanup_journal_tail function. The vulnerability allows local users to trigger a denial of service (assertion error and kernel oops) when handling an ext3 or ext4 image containing an invalid log first block value. The descript...

CVE-2011-4132

The cleanupjournaltail function in the Journaling Block Device JBD functionality in the Linux kernel 2.6 allows local users to cause a denial of service assertion error and kernel oops via an ext3 or ext4 image with an "invalid log first block value."...

Poison Ivy Variant Changes Benign Code to Malicious After Download

Trojan downloaders are the cannon fodder of the malware world: expendable, commoditized foot soldiers with a single function. Once their job is complete–downloading the executable or other malicious component–the downloaders are no longer useful. However, researchers have found that there are now...

Yuku Forums Cross Site Scripting

Exploit Title: Yuku Forums Cross Site Scripting Date: 24.01.2012 Author: Sony Software Link: http://www.yuku.com/ Google Dorks: inurl:.yuku.com intext:forum Web Browser : Mozilla Firefox Blog : http://st2tea.blogspot.com PoC: http://st2tea.blogspot.com/2012/01/yuku-forums-cross-site-scripting.htm...

Unfixed XSS vulnerability at www.blogsky.com

Security researcher a3q, has submitted on 21/01/2012 a cross-site-scripting XSS vulnerability affecting www.blogsky.com, which at the time of submission ranked 1089 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/01/2012. It is currently...

CVE-2011-4868

The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS DDNS and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via crafted packets...

PHP < 5.3.9 Multiple DoS Vulnerabilities - Windows

PHP is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if...

[BSA-061] Security Update for openswan

Harald Jenny uploaded new packages for openswan which fixed the following security problems: CVE-2011-4073 Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service pluto IKE daemo...

Authentication flaw

The administration functionality in Wuzly 2.0 allows remote attackers to bypass authentication by setting the dXNlcm5hbWU cookie...

CVE-2011-3839

The administration functionality in Wuzly 2.0 allows remote attackers to bypass authentication by setting the dXNlcm5hbWU cookie...

Unfixed XSS vulnerability at www.archifind.co.il

Security researcher Codeshift3r, has submitted on 17/12/2011 a cross-site-scripting XSS vulnerability affecting www.archifind.co.il, which at the time of submission ranked 1874444 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/12/2011. It i...

CVE-2011-3914

The internationalization aka i18n functionality in Google V8, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write...

Traq 2.3 Authentication Bypass / Code Execution

group'isadmin' 32. header"Location: login.php"; 33. This function is called in each script located into /admicp/ directory to make sure the user has admin rights, but this is a broken authorization schema due to the header function doesn't stop the execution flow. This can be exploited by malicio...

CVE-2010-5051

Cross-site scripting XSS vulnerability in admin/core/adminfunc.php in razorCMS 1.0 stable allows remote attackers to inject arbitrary web script or HTML via the content parameter in an edit action to admin/index.php...

CVE-2011-3376

Removed by vendor...

Новые уязвимости в poMMo

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Information Leakage, Insufficient Anti-automation и Abuse of Functionality уязвимостях в poMMo. Information Leakage WASC-13: После введения емайла на subscribe.php, на странице http://site/pommo/user/process.php выводится pendingcode в качестве...