17 matches found
TACK 1.07 Buffer Overflow
Exploit Author: Juan Sacco - http://www.exploitpack.com Program: tack - Terminal action checker Tested on: GNU/Linux - Kali Linux 2.0 x86 Description: TACK v1.07 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on...
TACK 1.07 - Local Stack Buffer Overflow
Exploit Author: Juan Sacco - http://www.exploitpack.com Program: tack - Terminal action checker Tested on: GNU/Linux - Kali Linux 2.0 x86 Description: TACK v1.07 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on...
TACK 1.07 - Local Stack-Based Buffer Overflow Exploit
Exploit for linux platform in category local exploits Exploit Author: Juan Sacco - http://www.exploitpack.com Program: tack - Terminal action checker Tested on: GNU/Linux - Kali Linux 2.0 x86 Description: TACK v1.07 and prior is prone to a stack-based buffer overflow vulnerability because the...
Ubercart Webform Checkout Pane - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-087
Ubercart Webform Checkout Pane module allows you to define Webform nodes as checkout/order panes in Ubercart. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an...
SA-CONTRIB-2015-066 - Tracking Code - Cross Site Request Forgery (CSRF)
Tracking Code module allows you to create tracking code snippets and control their visibility. The module doesn't sufficiently protect some URLs against CSRF. A malicious user can cause an administrator to disable tracking codes by getting their browser to make a request to a specially-crafted UR...
SA-CONTRIB-2013-088 - Secure Pages - Missing Encryption of Sensitive Data
The Secure Pages module manages redirects between HTTP and HTTPS pages. A flaw in the URL path matching could lead some pages and forms to be transmitted via plain HTTP, even if the administrator intended those pages to use HTTPS. This flaw may surface either due to a malicious user enticing a us...
Moxie Marlinspike on TACK, Convergence and Trust Agility
Dennis Fisher talks with Moxie Marlinspike about his new IETF proposal, TACK, which lays out a way for sites to assert the authenticity of their public keys. They also discuss the Convergence system for replacing the CA infrastructure and the ways in which browser vendors can help enable better...
Researchers Unveil New Way to Trust Certificates
Two independent researchers are proposing an extension for TLS to provide greater trust in certificate authorities, which have become a weak link in the entire public key infrastructure after some big breaches involving fraudulent SSL certificates. TACK, short for Trust Assertions for Certificate...
SA-CONTRIB-2012-073 - Glossary - Cross-Site Scripting (XSS)
CVE: CVE-2012-2339 The glossary module scans posts for glossary terms, adding an indicator. By hovering over the indicator, users may learn the definition of that term. The module does not sufficiently sanitize the taxonomy information. This leaves sites vulnerable to Cross-Site Scripting attacks...
SA-CONTRIB-2012-054 - Chaos tool suite - Cross Site Scripting (XSS)
CVE: CVE-2012-2082 This suite is primarily a set of APIs and tools to improve the developer experience. It also contains a module called the Page Manager whose job is to manage pages. In particular it manages panel pages, but as it grows it will be able to manage far more than just Panels. The...
SA-CONTRIB-2010-008 - Recent Comments - Cross Site Scripting
Recent Comments module provides a high-performance, fully themable block of recent comments. This release includes a fix for a cross-site scripting XSS vulnerability in which JavaScript could be inserted in the title of the Recent Comments block via a custom block title interface. This custom tit...
SA-CONTRIB-2009-110 - Taxonomy Timer - SQL Injection
The Taxonomy Timer module enables users to set expiration dates for Taxonomy Terms. At the time of expiration other terms can be assigned, or nodes can be unpublished. In some cases the module does not properly sanitize user input, leading to a SQL Injection vulnerability. Such an attack may lead...
SA-CONTRIB-2009-108 - Gallery Assist - Cross Site Scripting
The Gallery Assist module provides a simple way to create image galleries on a site. The module does not sanitize node titles, leading to a Cross Site Scripting XSS vulnerability. Versions affected Gallery Assist module for Drupal 6.x prior to Gallery Assist 6.x-1.7 Drupal core is not affected. I...
SA-CONTRIB-2009-106 - Agreement - Cross Site Scripting
The Agreement module enables the display of a text-based agreement think "Terms of Service" that users of a particular role must accept before they are given access to the site. The module does not sanitize some of the user-supplied fields, leading to a Cross Site Scripting XSS vulnerability...
SA-CONTRIB-2009-098 - Zoomify - Cross Site Scripting
The Zoomify module integrates the Zoomify Flash applet into Drupal which can be used to pan and zoom on large images. Images are first preprocessed in order for Zoomify to work. The module fails to sanitize a value in the node title, leading to a Cross Site Scripting XSS vulnerability. Versions...
SA-CONTRIB-2009-080 - Simplenews Statistics - Multiple vulnerabilities
The Simplenews Statistics module provides newsletter statistics such as the open rate and CTR click-through rate. The module suffers multiple vulnerabilities, including Cross Site Request Forgeries CSRF, Cross Site Scripting problem Cross Site Scripting and Open Redirect. This problem allows an...
SA-CONTRIB-2009-009 Forward module can be used as a spam relay
This vulnerability allows spammers or spambots to use sites with the Forward module installed to send nearly unlimited e-mail. Due to improper use of Drupal's flood control API, it is possible for one user to send an unlimited numbers of mails using the forward module. Important note : the securi...