ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-023
March 1, 2010
-- CVE ID:
CVE-2009-2754
-- Affected Vendors:
IBM
EMC
-- Affected Products:
IBM Informix
EMC NetWorker
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 5945.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows attackers to execute arbitrary code on
vulnerable installations of both IBM Informix Dynamic Server and EMC
Legato Networker. User interaction is not require
...
Read more »
Views:
10077
|
Added by:
b1zz4rd
|
Date:
03 March 2010
|
|
============================== ===========
Yaniv Miron aka "Lament" Advisory Feb 28, 2010
Sparta Systems TrackWise TeamAccess module Multiple Cross Site Scripting
Vulnerabilities
=========================================
=====================
I. BACKGROUND
=====================
TrackWise® by Sparta Systems: A Holistic Approach to Enterprise Quality
Management
TrackWise by Sparta Systems is an enterprise quality management solution
(EQMS)
that optimizes quality, ensures compliance and reduces costs for
world-class clients
across a range of industries. TrackWise is the only enterprise quality
management solution that offers the flexibility and configurability
to adapt to company-specific business processes,
enabling our world-class clients across a range of industries to define,
track, manage
and report on the core activities vital to their success.
...
Read more »
Views:
2518
|
Added by:
b1zz4rd
|
Date:
03 March 2010
|
|
============================== ===========
Yaniv Miron aka "Lament" Advisory Feb 27, 2010
Eshbel Priority MarketGate module Cross Site Scripting Vulnerability
=========================================
=====================
I. BACKGROUND
=====================
Priority’s ERP
The features listed below are a selection of some of the functionality
available in a selection of the Priority modules.
BI (Business Intelligence), Purchasing, BPM (Business Process
Management),
Manufacturing/Production, GL + Financials, Human Resources,
CRM (Customer Relations Management), Project Management,
Order Processing, System Administration, Service and Customer Support,
SDK (Generators), Inventory Control, User Configuration, WMS
http://www.eshbel.com//ERP-Feature.htm
=====================
II. DESCRIPTION
...
Read more »
Views:
9185
|
Added by:
b1zz4rd
|
Date:
03 March 2010
|
|
########################## www.BugReport.ir########################################
#
# AmnPardaz Security Research Team
#
# Title: 1024CMS Blind SQL Injection Vulnerability
# Vendor: http://www.1024cms.org/
# Vulnerable Version: 2.1.1 (Latest version till now)
# Exploitation: Remote with browser
# Fix: N/A
############################## #####################################################
####################
- Description:
####################
1024CMS is a PHP-based CMS which uses MySQL as its backend DBMS. It
support forums, downloads,
search capability, BB code capability, gallery, chat
...
Read more »
Views:
1599
|
Added by:
b1zz4rd
|
Date:
03 March 2010
|
|
Huawei HG510 is a device offered by the Serbian telecom operator, to
provide ADSL Internet connection.
Administration of settings on this device is allowed only from local LAN
network but not only from
private IP address (eg 192.168.1.1) then You can access with public IP
address (only from local LAN again).
There is no CSRF protection so we can create malicious web pages and
create some CSRF attacks.
Is user is logged on his device we can change passwords or some another
settings.
POC:
http://PUBLIC_IP_OF_USER/password.cgi?sysPassword=BASE64_NEW_PASSWORD
When I testing this I found one strange behavior with /rebootinfo.cgi
(reboot device script).
Normaly for all this CSRF user must be logged into device web interface
but if we request:
http
...
Read more »
Views:
1611
|
Added by:
b1zz4rd
|
Date:
03 March 2010
|
|
______________________________
Views:
1389
|
Added by:
b1zz4rd
|
Date:
03 March 2010
|
|
# Greetz to all Darkc0de ,AI,ICW, AH Memebers
# Shoutz to r45c4l,j4ckh4x0r,silic0n,
Views:
1579
|
Added by:
b1zz4rd
|
Date:
03 March 2010
|
|
Virtual Security Research,
LLC.
http://www.vsecurity.com/
Security Advisory
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Advisory Name: Chrome Password Manager Cross Origin Weakness
Release Date: 2010-02-15
Application: Google Chrome Web Browser
Versions: 4.0.249.78, 3.0.195.38, and likely earlier
Severity: Medium/Low
Author: Timothy D. Morgan <tmorgan (a) vsecurity . com>
Vendor Status: Update Released [2]
CVE Candidate: CVE-2010-0556
Reference:
...
Read more »
Views:
8713
|
Added by:
b1zz4rd
|
Date:
03 March 2010
|
|
Information disclosure vulnerability in Drupal's Realname User Reference
Widget contributed module (version 6.x-1.0)
Discovered by Martin Barbella < barbella@sas.upenn.edu>
Description of Vulnerability:
-----------------------------
Drupal is a free software package that allows an individual or a
community of users to easily publish, manage and organize a wide variety
of content on a website ( http://drupal.org/about).
The Realname CCK User Reference Widget module adds a new widget to the
User Reference CCK field type that uses the Realnames for autocompletion
( http://drupal.org/project/realname_userreference).
Only the access content permission is needed to access the page which
displays the user names and real names for users, used by
...
Read more »
Views:
8261
|
Added by:
b1zz4rd
|
Date:
03 March 2010
|
|
############################## ##################################
# .___ __ _______ .___ #
# __| _/____ _______| | __ ____ \ _ \ __| _/____ #
# / __ |\__ \\_ __ \ |/ // ___\/ /_\ \ / __ |/ __ \ #
# / /_/ | / __ \| | \/ <\ \___\ \_/ \/ /_/ \ ___/ #
# \____ |(______/__| |__|_ \\_____>\_____ /\_____|\____\ #
# \/ \/ \/ &nbs
...
Read more »
Views:
1902
|
Added by:
b1zz4rd
|
Date:
03 March 2010
|
| |