in thisistherk/fast_obj

✍️ Description Whilst experimenting with the test code built from commit d97389 with Clang 11 +UBSan on Ubuntu 20.04.2 LTS, we discovered an OBJ file which produces a signed integer overflow and a pointer overflow followed by a SIGSEGV 🕵️‍♂️ Proof of Concept echo...

Ubiquiti Inc.: Privilege Escalation: From operator to ubnt (and root) with non-interactive Session Hijacking

EdgeOS version 1.9.1 and prior, consequence of lack of protection if the file-system, exposing sensitive information, an attacker with access to an operator read-only account, can escalate privileges to admin root access in the system...

Ubiquiti Inc.: Privilege Escalation using API->Feature

EdgeOS version 1.9.1.1 and prior, consequence of the lack of validation on the input of the Feature functionality, an attacker with access to an operator read-only account and ssh connection to the devices, can escalate privileges to admin root access in the system. The EdgeRouter X firmware...

DDoS Attack Takes Down Central Heating System Amidst Winter In Finland

Just Imaging — What if, you enter into your home from a chilling weather outside, and the heating system fails to work because of a cyber attack, leaving you in the sense of panic? The same happened late last month when an attack knocks heating system offline in Finland. Last week, a Distributed...

Python -- HTTP Header Injection in Python urllib

Guido Vranken reports: HTTP header injection in urrlib2/urllib/httplib/http.client with newlines in header values, where newlines have a semantic consequence of denoting the start of an additional header line...

PHPCMS V9 member table of contents feel free to modify the vulnerability and fix-vulnerability warning-the black bar safety net

A variable is not initialized causing the server setting registerglobal=On when members can freely modify their own member information. Due to the need registerglobal=On support, the impact is limited.. Vulnerability relates to members can modify their own balance lead to the website may have...

UPDATE: Interpol Operation Leads to Arrest of 25 Suspected Anons

Interpol announced yesterday that they had taken part in an international operation that led to the arrests of 25 alleged members of the Anonymous hacker collective. The not-arrested members of Anonymous reportedly lashed back with a stinging DDoS attack on Interpol’s website. The so-called...

Linux distributor security list destroyed after hacker compromise !

Hackers have compromised a private e-mail list used by Linux and BSD distributors to share information on embargoed security vulnerabilities and used a backdoor to sniff e-mail traffic, according to the moderator of the list. In a note to "Vendor-Sec" members, moderator Marcus Meissner said he...

Cross site scripting

Adobe Integrated Runtime AIR, aka Apollo allows context-dependent attackers to modify arbitrary files within an executing .air file compiled AIR application and perform cross-site scripting XSS attacks, as demonstrated by an application that modifies an HTML file inside itself via JavaScript that...

Code injection

Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 allows authenticated users to execute arbitrary PHP code via 1 the edit=header value, which modifies header.php, or 2 the edit=footer value, which modifies footer.php. NOTE: this issue might be resultant from th...