Home page logo
/
fulldisclosure logo
Full Disclosure Mailing List

A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. It higher traffic than other lists, but the relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.

List Archives

JanFebMarAprMayJunJulAugSepOctNovDec
201419427343432521317416762
2013282162290263227259277303187294222224
2012611477390382323428394393210277236280
2011590687439561572565367393370995466511
2010637502564453408631417445414523342696
2009979380465318282292550455421339386502
2008615496600821681403591559639531739635
2007593629573744555661662530709935582641
200699274018658677891058770771578678545495
2005939676950666678437766107889067710651531
200413581534149911531451103113701314109111741424731
200350540529650042189212511942176318061123782
2002314835685381456313

Latest Posts

DoS attacks (ICMPv6-based) resulting from IPv6 EH drops Fernando Gont (Aug 22)
Folks,

Ten days ago or so we published this I-D:
<http://www.ietf.org/internet-drafts/draft-gont-v6ops-ipv6-ehs-in-real-world-00.txt>

Section 5.2 of the I-D discusses a possible attack vector based on a
combination of "forged" ICMPv6 PTB messages and IPv6 frag drops by
operators, along with proposed countermeasures -- but let me offer a
more informal and practical explanation:

1) It is known that filtering of packets containing...

Re: Hilariously Bad SQRL Implementation Sanguinarious (Aug 21)
Why would any sane rational human being implement something from
Gibson? I still remember him saying how implementing raw sockets in
Windows XP will totally and utterly destroy the entire internet. I
would implement time proven solutions based on real world testing not
an experimental solution from a rather dubious source.

I suppose, as an interesting side project, it might be interesting to
explore but for production, I wouldn't touch with...

Re: Hilariously Bad SQRL Implementation Travis Biehn (Aug 20)
An additional note, the SQRL protocol itself is pretty poorly documented on
the GRC website:
https://www.grc.com/sqrl/details.htm

Instead of writing technical specifications like online sales copy for
penis pills perhaps we can get a draft in an ... RFC like format.

On Sun, Aug 17, 2014 at 8:22 PM, Scott Arciszewski <kobrasrealm () gmail com>
wrote:

Re: Hilariously Bad SQRL Implementation Scott Arciszewski (Aug 20)
Apparently, a barebones Android client exists.

https://twitter.com/SGgrc/status/501201214613123072

Unfortunately, I don't have access to the source code. Otherwise, I might
examine, thoroughly, what it's trying to do and write the spec for him.

[CORE-2014-0004] - Delphi and C++ Builder VCL library Buffer Overflow CORE Advisories Team (Aug 20)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Delphi and C++ Builder VCL library Buffer Overflow

1. *Advisory Information*

Title: Delphi and C++ Builder VCL library Buffer Overflow
Advisory ID: CORE-2014-0004
Advisory URL:
http://www.coresecurity.com/advisories/delphi-and-c-builder-vcl-library-buffer-overflow
Date published: 2014-08-20
Date of last update: 2014-08-20
Vendors contacted: Embarcadero...

WHMCS Moipapi DoS & Memory Consumption Vulnerability 5.3.5 surivaton surivaton (Aug 20)
WHMCS has been notified.

# Exploit Title: WHMCS Moipapi DoS & Memory Consumption Vulnerability 5.3.5
# Google Dork: inurl:/modules/gateways/callback/moipapi.php
-intext:"Gateway Module "moipapi" Not Activated"
# Date: 23/7/2014
# Exploit Author: surivaton
# Vendor Homepage: whmcs.com
# Version: 5.3.5
# Tested on: Linux, Windows
Possible denial of service with memory consumption and taking up disc space

URL:...

[The ManageOwnage Series, part I]: blind SQL injection in two servlets (metasploit module included) Pedro Ribeiro (Aug 20)
TL;DR
CVE-2014-3996 / CVE-2014-3997
Blind SQL injection in ManageEngine Desktop Central, Password Manager
Pro and IT360 (including MSP versions)
Scroll to the bottom for the Metasploit module link; the module will
be submitted to Metasploit proper in a pull request in the next few
days.

==========================================================================

==========================================================================...

Information disclosure vulnerability in WordPress Mobile Pack allows anybody to read password protected posts (WordPress plugin) dxw Security (Aug 20)
Details
================
Software: WordPress Mobile Pack
Version: 2.0.1
Homepage: http://wordpress.org/plugins/wordpress-mobile-pack/
Advisory report:
https://security.dxw.com/advisories/information-disclosure-vulnerability-in-wordpress-mobile-pack-allows-anybody-to-read-password-protected-posts/
CVE: Awaiting assignment
CVSS: 5 (Medium; AV:N/AC:L/Au:N/C:P/I:N/A:N)

Description
================
Information disclosure vulnerability in WordPress...

CVE-2014-5307 - Privilege Escalation in Panda Security Products Portcullis Advisories (Aug 20)
Vulnerability title: Privilege Escalation in Panda Security
CVE: CVE-2014-5307
Vendor: Panda Security
Product: Multiple
Affected version: Panda 2014 Products
Fixed version: Hotfix hft131306s24_r1
Reported by: Kyriakos Economou

Details:

Latest, and possibly earlier builds, of the PavTPK.sys kernel mode
driver of Panda Security software suffer from a heap overflow bug that
allows any user to elevate their privileges through an IOCTL request and...

CVE-2014-4973 - Privilege Escalation in ESET Windows Products Portcullis Advisories (Aug 20)
Vulnerability title: Privilege Escalation in ESET Windows Products
CVE: CVE-2014-4973
Vendor: ESET
Product: ESET Windows Products
Affected version: v5.0 - 7.0 (Firewall Module Build 1183 (20140214) and
earlier)
Fixed version: v6 - v7 (Firewall Module Build 1212 (20140609))
Reported by: Kyriakos Economou

Details:

Versions 5.0 - 7.0 of ESET Smart Security and ESET Endpoint Security
products for Windows XP OS allow a low privileged user to execute...

PRESS RELEASE :: Phuture Conference Denver OCT 11 stevyn prothero (Aug 19)
Press Release August 2014
For immediate publication

At a press conference held today, officials from the Phuture
Conference, have announced heretofore covert plans to stage a "Hacker
Conference" in Denver, Colorado on October 11th of this year,
beginning at or around 9 am in a location to be announced. The event
will end around 9pm with a dance party.

Phuture is a small scale relaxed technology conference held annually
in Denver...

VISA USA VULNERABILITY labz (Aug 18)

Hilariously Bad SQRL Implementation Scott Arciszewski (Aug 18)
If any of you are familiar with Stephen Gibson's SQRL protocol for user
authentication (really neat idea), you might have come across this PHP
implementation before: https://github.com/geir54/php-sqrl

Unfortunately, this library is actually pretty terrible. Not only does it
pass all of the data off to a Heroku app to perform the signature
verification, it is also vulnerable to SQL Injection:...

CVE-2014-3577: Apache HttpComponents client: Hostname verification susceptible to MITM attack Dirk-Willem van Gulik (Aug 18)
Security Advisory - Apache Software Foundation
Apache HttpComponents / hc.apache.org

Hostname verification susceptible to MITM attack

CVE-2014-3577 / CVSS 1.4

Apache HttpComponents (prior to revision 4.3.5/4.0.2) may be susceptible
to a 'Man in the Middle Attack' due to a flaw in the default hostname
verification during SSL/TLS when a specially crafted server side...

Outlook.com for Android fails to validate server certificates Securify B.V. (Aug 17)
------------------------------------------------------------------------
Outlook.com for Android fails to validate server certificates
------------------------------------------------------------------------
Yorick Koster, April 2014

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
Outlook.com for Android's WebView contains an insecure...

More Lists

Dozens of other network security lists are archived at SecLists.Org.


[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]