Full Disclosure

Syndicate content
A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.
Updated: 15 min 44 sec ago

[FOXMOLE SA 2016-05-02] e107 Content Management System (CMS) - Multiple Issues

1 December, 2016 - 13:09

Posted by FOXMOLE Advisories on Dec 01

=== FOXMOLE - Security Advisory 2016-05-02 ===

e107 Content Management System (CMS) - Multiple Issues
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Affected Versions
=================
e107 2.1.2 Bootstrap CMS

Issue Overview
==============
Vulnerability Type: Multiple Vulnerabilities
Technical Risk: medium
Likelihood of Exploitation: medium
Vendor: e107
Vendor URL: http://www.e107.org
Credits: FOXMOLE employee Tim Herres
Advisory URL:...

Opera foreignObject textNode::removeChild use-after-free details

1 December, 2016 - 13:09

Posted by Berend-Jan Wever on Dec 01

Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
twenty-second entry in that series. Unfortunately I won't be able to
publish everything within one month at the current rate, so I may
continue to publish these through December and January.

Due to the recent Firefox 0-day, I've selected a very old and not so
interesting bug for today, so you can...

Google Chrome Accessibility blink::Node corruption details

1 December, 2016 - 13:09

Posted by Berend-Jan Wever on Dec 01

Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
twenty-first entry in that series. Unfortunately I won't be able to
publish everything within one month at the current rate, so I may
continue to publish these through December and January.

The below information is available in more detail on my blog at
http://blog.skylined.nl/20161129001.html. There you...

Apple iOS v10.1 & 10.1.1 - iCloud & Device Lock Bypass on Activate via local Buffer Overflow Vulnerability (Wifi Network)

1 December, 2016 - 09:32

Posted by Vulnerability Lab on Dec 01

Title: Apple iOS v10.1 & 10.1.1 - iCloud & Device Lock Bypass on
Activate via local Buffer Overflow Vulnerability (Wifi Network)

URL: https://www.youtube.com/watch?v=yygvBJBFy4s

Ref: https://www.vulnerability-lab.com/get_content.php?id=2018

Note: Using the rotate function and night shift to merge the mask,
allows as well to bypass the protection for iOS v10.1.1 like in the
video demonstrated.

Cross-Site Request Forgery in Insert Html Snippet WordPress Plugin

29 November, 2016 - 03:08

Posted by Summer of Pwnage on Nov 29

------------------------------------------------------------------------
Cross-Site Request Forgery in Insert Html Snippet WordPress Plugin
------------------------------------------------------------------------
Yorick Koster, July 2016

------------------------------------------------------------------------
OVE ID
------------------------------------------------------------------------
OVE-20160724-0027...

Re: Tenda, Dlink & Tplink TD-W8961ND - DHCP XSS Vulnerability

28 November, 2016 - 15:35

Posted by Simon Waters (Surevine) on Nov 28

XSS in DHCP name has been reported on the Full Disclosure mailing list for other models of TP-Link Router before.

Seems to be generic to many TP-Link models.

My model has a regular line wrap to the DHCP hostname field, so you need to insert a comment into HTML or JS every N
characters into any exploit code, but it is fully exploitable, and you can write arbitrary JS in that space with a
little effort.

The attacker would have to inject...

CFP - BloomCON 0x02 - March 24-25, 2017 Bloomsburg, PA

28 November, 2016 - 15:34

Posted by Philip Polstra on Nov 28

The second BloomCON Forensics and Security conference will be held March
24-25, 2017 in Bloomsburg, PA (USA).

We are now officially accepting presentation and workshop submissions. We
will hosting multiple speaking and workshop tracks.

We are looking for talks of 25 or 50 minutes in length and 2-hr or 4-hr
workshops.

If you have something you would like to share please send the following to:
drphil () bloomcon com

* your name or...

[ndhXV] Call For Paper - 15th anniversary - 24-25 June 2017

28 November, 2016 - 15:27

Posted by Freeman on Nov 28

If you have some l33t skillz, just follow the link :
https://submit.hackerzvoice.net

For the lazy ones, just keep scrolling

CALL FOR PAPERS - #ndhXV - 15th anniversary - 24-25 June 2017

IN A NUTSHELL

Conference format : 45min, including 5 to 10min of Q&A
Submission : https://submit.hackerzvoice.net
Deadline : April 5th, 2017
Announcement : April 20th, 2017
Beer,...

CVE-2016-0063: MSIE 8-11 MSHTML DOMImplementation type confusion details

28 November, 2016 - 15:26

Posted by Berend-Jan Wever on Nov 28

Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
twentieth entry in that series. Unfortunately I won't be able to
publish everything within one month at the current rate, so I may
continue to publish these through December and January.

The below information is available in more detail on my blog at
http://blog.skylined.nl/20161128001.html. There you...

SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic

28 November, 2016 - 07:24

Posted by SEC Consult Vulnerability Lab on Nov 28

SEC Consult Vulnerability Lab Security Advisory < 20161128-0 >
=======================================================================
title: Denial of service & heap-based buffer overflow
product: Guidance Software EnCase Forensic Imager & EnCase Forensic
vulnerable version: EnCase Forensic Imager<= 7.10
EnCase Forensic (tested with version 7.08.00.137)
fixed version: -...

Apple iOS 10.1 - Multiple Access Permission Vulnerabilities

28 November, 2016 - 06:17

Posted by Vulnerability Lab on Nov 28

Document Title:
===============
Apple iOS 10.1 - Multiple Access Permission Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2012

Apple Security ID: 648680301

Video1: https://www.youtube.com/watch?v=fY2Obtxk_Dg
Video2: https://www.youtube.com/watch?v=46CHjQxkKxk

Release Date:
=============
2016-11-17

Vulnerability Laboratory ID (VL-ID):
====================================
2012...

Tenda, Dlink & Tplink TD-W8961ND - DHCP XSS Vulnerability

28 November, 2016 - 06:14

Posted by Vulnerability Lab on Nov 28

Document Title:
===============
Tenda, Dlink & Tplink TD-W8961ND - DHCP XSS Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1990

Release Date:
=============
2016-11-28

Vulnerability Laboratory ID (VL-ID):
====================================
1990

Common Vulnerability Scoring System:
====================================
3.5

Abstract Advisory Information:...

Burden TMA v2.1.1 - (Task) Persistent Web Vulnerability

28 November, 2016 - 06:13

Posted by Vulnerability Lab on Nov 28

Document Title:
===============
Burden TMA v2.1.1 - (Task) Persistent Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1998

Release Date:
=============
2016-11-26

Vulnerability Laboratory ID (VL-ID):
====================================
1998

Common Vulnerability Scoring System:
====================================
3

Product & Service Introduction:...

Schoolhos CMS v2.29 - userberita SQL injection Vulnerability

28 November, 2016 - 06:11

Posted by Vulnerability Lab on Nov 28

Document Title:
===============
Schoolhos CMS v2.29 - userberita SQL injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1932

Release Date:
=============
2016-11-22

Vulnerability Laboratory ID (VL-ID):
====================================
1932

Common Vulnerability Scoring System:
====================================
6.8

Product & Service Introduction:...