19 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-14899
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a...
Kazakh Organizations Targeted by 'Bloody Wolf' Cyber Attacks
Organizations in Kazakhstan are the target of a threat activity cluster dubbed Bloody Wolf that delivers a commodity malware called STRRAT aka Strigoi Master. "The program selling for as little as $80 on underground resources allows the adversaries to take control of corporate computers and hijac...
Mailtraq WebMail 2.17.7.3550 Cross Site Scripting
Exploit Title: Persistent Cross Site Scripting XSS - Mailtraq WebMail version 2.17.7.3550 CVE: CVE-2019-9558 Exploit Author: Aloyce J. Makalanga Contact: https://twitter.com/aloycemjr Vendor Homepage: http://www.mailtraq.com/mail-server-software Category: webapps Attack Type: Remote Impact:...
Piwigo Multiple Vulnerabilities
Piwigo is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:piwigo:piwigo"; if description...
Open Databases a Juicy Extortion Target
Recent attacks against insecure MongoDB, Hadoop and CouchDB installations represent a new phase in online extortion, born from ransomware’s roots with the promise of becoming a nemesis for years to come. “These types of attacks have grown from ones of opportunity to full-scale automated and...
SAP NetWeaver AS JAVA 7.5 Cross Site Scripting
Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bugs: XSS Sent: 29.09.2015 Reported: 30.09.2015 Vendor response: 30.09.2015 Date of Public Advisory: 08.03.2016 Reference: SAP Security Note 2238765 Author: Vahagn Vardanyan ERPScan...
Drupal Core Session Data Hijacking Vulnerability
Drupal is a free and open source content management system developed in PHP. A session data hijacking vulnerability exists in Drupal Core. In some older versions of PHP, user-supplied session data stored in Drupal could be serialized, leading to remote code execution...
Google released SSLv3 vulnerability summary analysis report-vulnerability warning-the black bar safety net
! This morning, Google released a SSLv3 vulnerability a brief analysis of the report. According to Google's statement,the exploit runs through all of the SSLv3 version, the use of the vulnerability, the hacker can by a man in the middle attacks, etc. in a similar manneras long as the hijacking of...
OAuth authentication memory vulnerability caution a user identity hijacking-vulnerability warning-the black bar safety net
With OpenSSL, like OAuthOpen Authorizationas a widely used open-source third-party login authentication Protocol, this year also broke a security vulnerability. In the third session of the know the security Forum, from Sina Weibo of the blue di snowball shows Sina as early as year 3 months...
Flash content-type sniffing allows Cross Site Data Hijacking
As documented at http://blog.detectify.com/post/86298380233/the-pitfalls-of-allowing-file-uploads-on-your-website it is possible to upload a flash file to confluence with a different content-type than for flash and when embedded on an attacker's domain will be able to make requests to the...
Flash content-type sniffing allows Cross Site Data Hijacking
As documented at http://blog.detectify.com/post/86298380233/the-pitfalls-of-allowing-file-uploads-on-your-website it is possible to upload a flash file to confluence with a different content-type than for flash and when embedded on an attacker's domain will be able to make requests to the...
Flash content-type sniffing allows Cross Site Data Hijacking
As documented at http://blog.detectify.com/post/86298380233/the-pitfalls-of-allowing-file-uploads-on-your-website it is possible to upload a flash file to confluence with a different content-type than for flash and when embedded on an attacker's domain will be able to make requests to the...
Discuz跨域数据劫持+附件类型限制绕过
简要描述: 两个凑一块发了 详细说明: 1 跨域数据劫持(csrf token formhash盗取) 下载远程附件功能不会对文件内容(文件格式)进行检测导致可以上传恶意的swf文件(扩展名还是图片扩展名),进而进行跨域数据劫持: 伪造图片CrossDomainDataHijack.jpg相关代码: package com.powerflasher.SampleApp import flash.external.ExternalInterface; import flash.display.Sprite; import flash.display.Sprite; import...
Flash cross-domain data hijacking vulnerability,a large wave of site affected-vulnerability warning-the black bar safety net
0×0 1,Background Many of the uploaded file to the back-end logic in the realization, only validate the file extension and Content-Type, not uploading the contents of the file for verification. Typically such processing logic is simply not rigorous, will not cause too much of a security risk. But...
New and Improved Madi Spyware Campaign Continues
Madi, the religiously-titled spyware that was discovered last week and thought to be dead, appears to be making a comeback, complete with updates. Kaspersky Lab researcher Nicolas Brulez reverse-engineered the new iteration of the malware, which surfaced on Wednesday. Unlike last week’s original...
Researcher to Show Off GSM Intercept Attack at Defcon
At the Defcon conference later this week, Chris Paget, a well-known security researcher who focuses on wireless and RFID issues, will give a demonstration of a technique that enables him to intercept calls made on GSM wireless handsets without any interaction with the user’s handset. The techniqu...
Teach you how to use php to sniff the hijacking of server data-vulnerability warning-the black bar safety net
A few days ago a thorn in our maillist send a foreigner to write articles, to the effect that you can use php to achieve data hijacking and forwarding. I scan a bit, and indeed feasible, then today out of previously used crap of the time, to write a piece of code to verify it idea. Foreigner...
PT-2007-3716 · Prototype · Prototypejs
Name of the Vulnerable Software and Affected Versions: prototypejs versions prior to 1.5.1 RC3 Description: The issue allows remote attackers to obtain data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript...
SnipSnap: HTTP response splitting
Background SnipSnap is a user friendly content management system with features such as wiki and weblog. Description SnipSnap contains various HTTP response splitting vulnerabilities that could potentially compromise the sites data. Some of these attacks include web cache poisoning, cross-user...