python-oauth2: Uses poor PRNG in nonce

It was found that python-oauth2 did not properly generate random values for use in nonces. An attacker able to capture network traffic of a website using OAuth2 authentication could use this flaw to conduct replay attacks against that website...

python-oauth2: _check_signature() ignores the nonce value when validating signed urls

It was found that python-oauth2 did not properly verify the nonce of a signed URL. An attacker able to capture network traffic of a website using OAuth2 authentication could use this flaw to conduct replay attacks against that website...

python-oauth2: Uses poor PRNG in nonce

It was found that python-oauth2 did not properly generate random values for use in nonces. An attacker able to capture network traffic of a website using OAuth2 authentication could use this flaw to conduct replay attacks against that website...

python-oauth2: _check_signature() ignores the nonce value when validating signed urls

It was found that python-oauth2 did not properly verify the nonce of a signed URL. An attacker able to capture network traffic of a website using OAuth2 authentication could use this flaw to conduct replay attacks against that website...

WordPress 3.8.1 / 3.8.2 / 4.2.2 Cross Site Request Forgery Vulnerability

A cross site request forgery vulnerability in the comment form of WordPress versions 3.8.1, 3.8.2, and 4.2.2 allows for administrative impersonation. Details ================ Software: WordPress Version: 3.8.1,3.8.2,4.2.2 Homepage: http://wordpress.org/ Advisory report:...

WordPress 3.8.1 / 3.8.2 / 4.2.2 Cross Site Request Forgery

Details ================ Software: WordPress Version: 3.8.1,3.8.2,4.2.2 Homepage: http://wordpress.org/ Advisory report: https://security.dxw.com/advisories/comment-form-csrf-allows-admin-impersonation-via-comments-in-wordpress-4-2-2/ CVE: Awaiting assignment CVSS: 4.3 Medium;...

Popular WordPress SEO Plugin Fixes XSS Bug

The Yoast WordPress SEO plugin, which has been downloaded more than 14 million times, has a serious cross-site scripting vulnerability that can allow an attacker to force a vulnerable site to execute arbitrary HTML code. The bug may have been reported to the plugin’s developer as long as two year...

Pixiewps - Bruteforce Offline the WPS Pin (Pixie Dust Attack)

Pixiewps is a tool written in C used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some APs pixie dust attack. It is meant for educational purposes only. All credits for the research go to Dominique Bongard. DEPENDENCIES Pixiewps requires libssl. To install it:...

WordPress WP Super Cache Plugin Security Vulnerability Patch

A persistent cross-site scripting XSS vulnerability exists in some versions of a popular WordPress caching engine plugin. The issue – since fixed – exposes vulnerable sites to takeover. From there, attackers could inject malicious scripts, backdoors and so forth. The plugin, WP Super Cache, has...

CVE-2015-2792

The WPML plugin before 3.1.9 for WordPress does not properly handle multiple actions in a request, which allows remote attackers to bypass nonce checks and perform arbitrary actions via a request containing an action POST parameter, an action GET parameter, and a valid nonce for the action GET...

Design/Logic Flaw

The WPML plugin before 3.1.9 for WordPress does not properly handle multiple actions in a request, which allows remote attackers to bypass nonce checks and perform arbitrary actions via a request containing an action POST parameter, an action GET parameter, and a valid nonce for the action GET...

CVE-2015-2792

The CVE-2015-2792 entry concerns the WordPress WPML plugin prior to 3.1.9. It describes a vulnerability where the plugin does not properly handle multiple actions in a single request, allowing an attacker to bypass nonce checks and perform arbitrary actions by including an action parameter in bot...

Dropbox SDK for Android Security Bypass Vulnerability

Dropbox is an innovative online file storage, synchronization, and sharing service that offers free client software, is open source and cross-platform, and runs on Windows, Mac OS X, and Linux operating systems. A security bypass vulnerability exists in Dropbox SDK for Android. An attacker can...

WordPress WPML Missing Authentication

One more vulnerability reported on March 02 and fixed in version 3.1.9: 4. Unauthenticated administrative functions An unauthenticated attacker may under certain conditions bypass WPML's nonce check and perform administrative functions. The administrative ajax functions are protected with nonces ...

Dropbox Patches Remotely Exploitable Vulnerability in SDK

Developers at Dropbox recently fixed a remotely exploitable vulnerability in the Android SDK version of the storage app that enabled attackers to connect applications to a Dropbox account without the user’s consent. This could have opened users up to the theft of information from any app that use...

UpdraftPlus <= 1.9.50 - Privilege Escalation via Nonce Leakage

The UpdraftPlus WordPress Backup Plugin WordPress plugin was affected by a Privilege Escalation via Nonce Leakage security vulnerability...

PT-2014-8999 · Frederick Townes · W3 Total Cache

Name of the Vulnerable Software and Affected Versions: W3 Total Cache plugin versions prior to 0.9.4.1 Description: The issue allows remote attackers to conduct cross-site request forgery CSRF attacks. This is possible due to the improper handling of empty nonces, which can lead to the hijacking ...

Amazon Linux AMI : python-oauth2 (ALAS-2014-425)

The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonce...

Medium: python-oauth2

Issue Overview: The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers t...

CVE-2014-7203

libzmq aka ZeroMQ/C++ 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors...