Description:
Huawei MT880 is a device offered by the algerian telecom operator - FAWRI, to provide ADSL Internet connexion and it's already widely in use. Overview: Huawei MT880 firmware and its default configuration has flaws, which allows LAN users to gain unauthorized full access to device. Here are just limited PoCs. Possible XSRFs: Adding an administrator user: http://192.168.1.1/Action? Disabling firewall/anti-DoS... features: http://192.168.1.1/Action? |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________ Mandriva Linux Security Advisory MDVSA-2009:194 http://www.mandriva.com/ ______________________________ Package : wireshark Date : August 5, 2009 Affected: 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0 ______________________________ Problem Description: Vulnerabilities have been discovered in wireshark package, which could lead to application crash via radius, infiniband and afs dissectors (CVE-2009-2560, CV ... Read more » |
rPath Security Advisory: 2009-0113-1 Published: 2009-07-29 Products: rPath Appliance Platform Linux Service 1 rPath Appliance Platform Linux Service 2 rPath Linux 1 rPath Linux 2 Rating: Severe Exposure Level Classification: Remote Deterministic Denial of Service Updated Versions: bind=conary.rpath.com@rpl:1/9. bind=conary.rpath.com@rpl:2/9. bind-utils=conary.rpath.com@ bind-utils=conary.rpath.com@ rPath Issue Tracking System: ... Read more » |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01717795 Version: 1 HPSBUX02421 SSRT090047 rev.1 - HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2009-07-29 Last Updated: 2009-07-29 Potential Security Impact: Remote Denial of Service (DoS) and execution of arbitrary code Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified on HP-UX running Kerberos. These vulnerabilities could be exploited by remote unauthenticated users to create a Denial of Service (DoS) or to execute arbitrary code. References: CVE-2009-0846, CVE-2009-0847 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP- ... Read more » |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________ Mandriva Linux Security Advisory MDVSA-2009:178 http://www.mandriva.com/ ______________________________ Package : squid Date : July 29, 2009 Affected: Enterprise Server 5.0 ______________________________ Problem Description: Multiple vulnerabilities has been found and corrected in squid: Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing sp ... Read more » |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________ Mandriva Linux Security Advisory MDVSA-2009:173 http://www.mandriva.com/ ______________________________ Package : pidgin Date : July 29, 2009 Affected: Enterprise Server 5.0 ______________________________ Problem Description: Security vulnerabilities has been identified and fixed in pidgin: Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated u ... Read more » |
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/ WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures 1. *Advisory Information* Title: WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures Advisory ID: CORE-2009-0515 Advisory URL: http://corelabs.coresecurity.com/index.php?action=view&type=advisory&name=WordPress_Privileges_Unchecked Date published: 2009-07-08 Date of last update: 2009-07-08 Vendors contacted: WordPress Release mode: Coordinated release 2. *Vulnerability Information* Class: Local file include, Privileges unchecked, Cross site scripting (XSS), Information disclosure Remotely Exploitable: Yes Locally Exploitable: No Bugtraq ID: 35581, 35584 CVE Name: CVE-2009-2334, CVE-2009-2335, CVE-2009-2336 3. *Vulnerability Description* WordPress is a web application written i ... Read more » |
SEC Consult Security Advisory < 20090707-0 > ============================== title: Symbian S60 / Nokia firmware media codecs multiple memory corruption vulnerabilities vulnerable version: All Nokia smartphones with multimedia capabilities are likely vulnerable (tested on E61, E71, N96) impact: Critical homepage: http://www.nokia.com/ found: May 2009 by: Bernhard Mueller / SEC Consult Vulnerability Lab ============================== |
Originaly posting by Bernhard Mueller to Bugtraq
I'll just leave this here ;) https://www.sec-consult.com/ Abstract: 1. Perform static analysis of XIP ROM images (dumping, restoring import and export tables, searching for unsafe function calls) 2. Enable run mode debugging of system binaries running from ROM, by cracking the AppTRK debug agent 3. (Ab-)use the AppTRK debug agent as a foundation for dynamic vulnerability analysis 3. Build an exemplary file fuzzer for the video- and audio codecs shipped with current Nokia smartphones 4. List and briefly analyze the identified bugs 5. ... Read more » |
I want to warn you about Cross-Site Scripting vulnerabilities in Mozilla,
Internet Explorer, Opera and Chrome. I wrote about it at my site this Monday (29.06.2009) and also informed corresponding browsers developers about this vulnerability. At 21.04.2009 there was fixed vulnerability in Firefox 3.0.9 (http://www.mozilla.org/ allowed to conduct XSS attacks via Refresh header. And as I checked, this attack is also working in Mozilla, IE6, Opera and Chrome. XSS: With request to script at web site: http://site/script.php?param= Which returns in answer the refresh header: refresh: 0; URL=javascript:alert(doc ... Read more » |