".Zip" top-level domains draw potential for information leaks

Googles recent offering of the ".zip" top-level domain TLD has led security researchers and likely threat actors to register numerous domains for red teaming and phishing attacks, respectively, causing new challenges for organizations and cybersecurity professionals. As a result of user...

Yet More ImageMagick Vulnerabilities

ImageMagick is a popular open-source image manipulation library used by many websites and software applications to process and display images. A couple of vulnerabilities have recently been discovered in ImageMagick by MetabaseQ. Two vulnerabilities CVE-2022-44267 and CVE-2022-44268 allow attacke...

DOS set token through erc777 hook

Lines of code Vulnerability details Impact The wfCash is an erc777 token. ERC777.solL376-L380 Users can get the control flow before sending token and after receiving tokens. This creates attack vectors that require extra caution in designing modules. Any combination of modules may lead to a...

Anti-Virus Privileged File Write

Dear list, This mail is not about a single vulnerability, but a more or less general technique I discovered to abuse the restore from quarantine feature in anti-virus solutions to gain local admin rights. As I also presented this attack at the IT SECX conference, I had to invent a name for it too...

U.S. Dept Of Defense: Remote File Inclusion, Malicious File Hosting, and Cross-site Scripting (XSS) in ████████

Details: There is currently a security misconfiguration on plain.php function located on the host http://██████████/ allowing attackers to include webserver contents of their choosing no restriction on filetypes and/or IP addresses, as well as embed malicious javascript payloads in the response v...

CVE-2016-1672

The ModuleSystem::RequireForJsInner function in extensions/renderer/modulesystem.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vector...

Heartbleed Cupid Wireless Attacks Expose OpenSSL Over WPA

Regardless that the fervor over the Heartbleed OpenSSL vulnerability has died down considerably, patching the bug should remain a top priority for enterprises because researchers continue to find new exploit vectors. The latest takes aim at Heartbleed over wireless networks. A researcher with...

Sonexis ConferenceManager Multiple Cross-site Scripting (XSS) Vulnerabilities

Vulnerability title: Sonexis ConferenceManager Multiple Cross-site Scripting XSS Vulnerabilities Solutionary ID: SERT-VDN-1005 Solutionary disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Sonexis-XSS-Vulnerabilities.html CVE ID: Pending CVSS risk rating: 3.9 Product: Sonexis...

WebDAV Application DLL Hijacker

This module presents a directory of file extensions that can lead to code execution when opened from the share. The default EXTENSIONS option must be configured to specify a vulnerable application type. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2010-0624: Heap-based buffer overflow in GNU Tar and GNU Cpio

I. BACKGROUND GNU Tar and GNU Cpio are popular programs for managing archive files. Both programs are included in many linux distributions. GNU Tar is commonly used for exchanging source code archives. Both programs include a client implementation for the remote mag tape protocol rmt. This protoc...

GNU Tar and GNU Cpio heap-based buffer overflow vulnerability

Exploit for unknown platform in category local exploits ============================================================= GNU Tar and GNU Cpio heap-based buffer overflow vulnerability ============================================================= I. BACKGROUND GNU Tar and GNU Cpio are popular programs...

APHP ImgList 1.2.2 Cross Site Scripting Vulnerability

No description provided by source. ======================================================================================== | Title : APHP ImgList 1.2.2 Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi -...

Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting (2)

Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting 2 source: https://www.securityfocus.com/bid/9628/info It has been alleged that Microsoft Internet Explorer is prone to a weakness that may potentially allow for the execution of hostile script code in the context of the My Compute...

Apache 2.x APR Exploit Code

I had planned to write this tool in C for the sake of using native functionality like crypt3 to support digest authentication. I'd also planned to support intermediate proxies, but a determined user can implement this via various tunneling applications with minimal complications, and I don't need...