1529 matches found
EFF Releases Open Wireless Router Firmware
The EFF is working on an open wireless router firmware that’s designed to be a secure and flexible alternative to the existing software that runs on home and small business routers, much of which is notoriously insecure. The Open Wireless Router project, which the organization announced at the HO...
Vulnerabilities in LZO and LZ4 compression libraries
Recently disclosed vulnerabilities in the LZO and LZ4 compression libraries could allow remote code execution under certain circumstances. While these libraries are used by a large number of platforms and applications, not all programs may be vulnerable to exploitation. US-CERT recommends that al...
Critical Vulnerability in Wordpress Plugin Could Allow Site Takeover
WordPress users that have a popular plugin installed are being cautioned to upgrade immediately. A vulnerability in the plugin, MailPoet, could essentially allow an attacker to take over any site running it without authentication. MailPoet, formerly Wysija, allows developers running WordPress to...
TutorialCMS <= 1.01 Authentication Bypass Vulnerability
No description provided by source. TutorialCMS = 1.01 Authentication Bypass Discovered by: Silentz Payload: Authentication Bypass Website: http://www.w4ck1ng.com Vulnerability: Variables $loggedIn & $activated are not predefined. Vulnerable Files: login.php headerLinks.php submit1.php myFav.php...
Polipo 1.0.4 - Remote Memory Corruption 0day PoC
No description provided by source. !/usr/bin/perl estranged.pl AKA Polipo 1.0.4 Remote Memory Corruption 0day PoC Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 12.07.2009 Hzzp loves you Polipo! No use reporting this issue to Ubuntu Security unless you feel like waiting...
HT Editor 2.0.20 Buffer Overflow (ROP PoC)
No description provided by source. !/usr/bin/perl =head1 TITLE HT Editor 2.0.20 Buffer Overflow ROP PoC =head2 DESCRIPTION Since version 2.0.18, the stack overflow vulnerability has not been corrected, which I assume would make it 0day? I consequently recoded an exploit, as memory addresses have...
Red Hat Linux stickiness of /tmp
No description provided by source. from: http://marc.info/?l=full-disclosure&m=129842239022495&w=2 Developers should not rely on the stickiness of /tmp on Red Hat Linux --------------------------------------------------------------------- Recent versions of Red Hat Enterprise Linux and Fedora...
No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption Key
No description provided by source. ?php / Static encryptionkey of No-CMS lead to Session Array Injection in order to hijack administrator account then you will be able for upload php files to server via theme/module upload. This exploit generates cookie for administrator access from non-privilege...
PHP/FI 1.0/FI 2.0/FI 2.0 b10 mylog/mlog Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/713/info The PHP/FI package which was originally written by Rasmus Lerdorf is an is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features...
OpenSSL ASN1 BIO Memory Corruption Vulnerability
No description provided by source. Incorrect integer conversions in OpenSSL can result in memory corruption. -------------------------------------------------------------------------- CVE-2012-2110 This advisory is intended for system administrators and developers exposing OpenSSL in production...
[SECURITY] Fedora 20 Update: sos-3.1-1.fc20
Sos is a set of tools that gathers information about system hardware and configuration. The information can then be used for diagnostic purposes and debugging. Sos is commonly used to help support technicians and developers...
BBC News iOS App Not Hacked, Breaking News Push Messages Sent in Error
If you are one of the users of the BBC News iPhone app, then you might have receive a strange message as a breaking news notification earlier this morning. The message was sent on two separate time durations. First the message reads: "NYPD Twitter campaign 'backfires' after hashtag hijacked," the...
PlayDrone Reveals Secret Keys from Thousands of Play Store Android Apps
Google's Android Mobile operating system for smartphones and tablets have Google's own Play Store that provides its Android users the most visible way to access the world of millions of apps. App developers produce more than thousands of applications each year, but majority of newbie and...
[oss-security] Xen Security Advisory 99 - unexpected pitfall in xenaccess API
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory XSA-99 version 2 unexpected pitfall in xenaccess API UPDATES IN VERSION 2 ==================== Public Release. Added note regarding CVE. ISSUE DESCRIPTION ================= A test/example program, for exercising the Xen memaccess...
Removing user from LDAP doesn't clear LDAP group membership
Reproduction steps: 1. Setup generic LDAP user repository RW, with jira-users, jira-developers, jira-administrators groups. 2. Create user for John Smith as [email protected]. 3. Add him to jira-administrators group. 4. Remove user [email protected] John changed the company. 5. Create user for Jake Sunny as...
Removing user from LDAP doesn't clear LDAP group membership
Reproduction steps: 1. Setup generic LDAP user repository RW, with jira-users, jira-developers, jira-administrators groups. 2. Create user for John Smith as [email protected]. 3. Add him to jira-administrators group. 4. Remove user [email protected] John changed the company. 5. Create user for Jake Sunny as...
unexpected pitfall in xenaccess API
ISSUE DESCRIPTION A test/example program, for exercising the Xen memaccess API, does not take all necessary precautions against hostile guest behaviour. As a result, software developers using it as an example or template might have written and deployed vulnerable code. See the patch for technical...
[oss-security] CVE request for commons-beanutils: 'class' property is exposed, potentially leading to RCE
Hi All I have raised this twice with [email protected], on 30 April and June 3. I have received no response either time, therefore I am raising it on oss-security. CVE-2014-0114 describes a well-known issue in Apache Struts 1: "It was found that the Struts 1 ActionForm object allowed access to...
Google Play Store Update Allows Apps to Silently Gain Control of Your Device
Google just made a huge change to the way application permissions work on Android devices which has left a potential door open to malicious app developers and hackers. Google narrows down Android's 145 permissions into 13 broad categories and groups app permissions into 'groups of related...
Crowdsourcing to be Part of Phase Two of TrueCrypt Audit
TrueCrypt may yet get forked, but it won’t come at the hands of the Open Crypto Audit Project OCAP, which has a working plan to move forward with a cryptanalysis of the open source encryption software. OCAP is the brand name for the grassroots movement that arose out of the ashes of the Snowden...