Windows Net-NTLMv2 Reflection DCOM/RPC

Module utilizes the Net-NTLMv2 reflection between DCOM/RPC to achieve a SYSTEM handle for elevation of privilege. Currently the module does not spawn as SYSTEM, however once achieving a shell, one can easily use incognito to impersonate the token. This module requires Metasploit:...

apache-cxf: TLS hostname verification does not work correctly with com.sun.net.ssl.*

It was discovered that when Apache CXF is configured to use the system property com.sun.net.ssl.internal.www.protocol ,it uses reflection to make the HostnameVerifier work with old com.sun.net.ssl.HostnameVerifier interface. Although the CXF implementation throws an exception, which is caught in...

apache-cxf: TLS hostname verification does not work correctly with com.sun.net.ssl.*

It was discovered that when Apache CXF is configured to use the system property com.sun.net.ssl.internal.www.protocol ,it uses reflection to make the HostnameVerifier work with old com.sun.net.ssl.HostnameVerifier interface. Although the CXF implementation throws an exception, which is caught in...

CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

Cela Link CLR-M20 2.7.1.6 - Arbitrary File Upload

Cela Link CLR-M20 2.7.1.6 - Arbitrary File Upload Exploit Title: Cela Link CLR-M20 2.7.1.6 - Arbitrary File Upload Date: 2018-07-13 Shodan Dork: CLR-M20 Exploit Author: Safak Aslan Software Link: http://www.celalink.com Version: 2.7.1.6 CVE: 2018-15137 Authentication Required: No Tested on: Windo...

reflections.ubisoft.com XSS vulnerability

Open Bug Bounty ID: OBB-643711 Description| Value ---|--- Affected Website:| reflections.ubisoft.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

DEBIAN-CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

UBUNTU-CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

ThreatList: Top Summer DDoS Trends

On Tuesday, Akamai released a report on the year’s biggest distributed denial of service DDoS attacks. The report illustrates how this time-tested attack method continues to morph and adopt new tricks, and discusses trends to watch as we move into the summer months. According to the study, Summer...

CVE-2018-8039

It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty"java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol";'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old...

What You Need To Know - Summer 2018 State of the Internet / Security: Web Attack Report

It's that time of year - the Summer 2018 State of the Internet / Security: Web Attack report is now live. This new naming schema is just one of the many changes you'll notice if you're a returning reader of quarterly report, and there are more changes coming as we work to bring you insights and...

CVE-2018-7680

Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values...

Design/Logic Flaw

Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values...

CVE-2018-7680

Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values...

Security Bulletin: IBM Cúram Social Program Management is vulnerable to Java reflection attack(CVE-2014-8903).

Summary IBM Cúram Social Program Management is vulnerable to Java reflection attack caused by external input that is used to specify a class. A remote attacker could exploit this vulnerability by injecting arbitrary class names which will be subsequently loaded. Vulnerability Details CVE-2014-890...

Security Bulletin: IBM OpenPages GRC Platform is affected by multiple XSS reflection vulnerabilities (CVE-2017-1147, CVE-2016-3048)

Summary IBM OpenPages GRC Platform has addressed potential security exposure due to multiple XSS reflection vulnerabilities. Vulnerability Details CVEID: CVE-2017-1147 DESCRIPTION: IBM OpenPages GRC Platform is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...

CVE-2017-3907

Code Injection vulnerability in the ePolicy Orchestrator ePO extension in McAfee Threat Intelligence Exchange TIE Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the response web page via unspecified vector...