Full Disclosure

Syndicate content
A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.
Updated: 9 min 30 sec ago

APPLE-SA-2016-05-16-1 tvOS 9.2.1

17 May, 2016 - 08:26

Posted by Apple Product Security on May 17

APPLE-SA-2016-05-16-1 tvOS 9.2.1

tvOS 9.2.1 is now available and addresses the following:

CFNetwork Proxies
Available for: Apple TV (4th generation)
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An information leak existed in the handling of HTTP and
HTTPS requests. This issue was addressed through improved URL
handling.
CVE-ID
CVE-2016-1801 : Alex Chapman and Paul Stone of...

[ERPSCAN-16-009] SAP xMII - directory traversal vulnerability

17 May, 2016 - 08:25

Posted by ERPScan inc on May 17

Application: SAP xMII

Versions Affected: SAP MII 15.0

Vendor URL: http://SAP.com

Bugs: Directory traversal

Sent: 29.07.2015

Reported: 29.07.2015

Vendor response: 30.07.2015

Date of Public Advisory: 09.02.2016

Reference: SAP Security Note 2230978

Author: Dmitry Chastuhin (ERPScan)

Description

1. ADVISORY INFORMATION

Title: SAP xMII – directory traversal vulnerability

Advisory ID: [ERPSCAN-16-009]

Risk: high priority

Advisory URL:...

[ERPSCAN-16-008] SAP NetWeaver AS JAVA - XSS vulnerability in ProxyServer servlet

17 May, 2016 - 08:25

Posted by ERPScan inc on May 17

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.4

Vendor URL: http://SAP.com

Bugs: Cross Site Scripting (XSS)

Sent: 10.08.2015

Reported: 10.08.2015

Vendor response: 11.08.2015

Date of Public Advisory: 09.02.2016

Reference: SAP Security Note 2220571

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: SAP NetWeaver AS JAVA – XSS vulnerability in ProxyServer servlet

Advisory ID:...

runAV mod_security Remote Command Execution

13 May, 2016 - 10:33

Posted by Rio Sherri on May 13

# Title : runAV mod_security Remote Command Execution
# Date : 13/05/2016
# Author : R-73eN
# Tested on : mod_security with runAV Linux 4.2.0-30-generic #36-Ubuntu SMP
Fri Feb 26 00:57:19 UTC 2016 i686 i686 i686 GNU/Linux
# Software :
https://github.com/SpiderLabs/owasp-modsecurity-crs/tree/master/util/av-scanning/runAV
# Vendor : https://www.modsecurity.org/
# https://www.infogen.al/
# Title : runAV mod_security Remote Command Execution
# Date :...

Re: Skype Phishing Attack

13 May, 2016 - 10:33

Posted by Wim Remes on May 13

I think MSRC was on the money on this one.

Re: Skype Phishing Attack

13 May, 2016 - 10:33

Posted by Reindl Harald on May 13

oh no - please don't post each and every phishing attack on FD becasue
then we would see nothing else when mailadmins start to do the same

Am 11.05.2016 um 22:57 schrieb Danny Kopping:

Webshell for IIS

13 May, 2016 - 10:33

Posted by Savio Bot on May 13

Hi All,

I have written webshell which works on latest IIS. I didnt find any working
webshell for IIS 8 on public domain.

The code is very dirty but any feedback will be great.

https://gist.github.com/saveeoo/a8af827510df085f7f1c83208a898098

Regards,
savio

Huawei Mobile Broadband HL Service Local Privilege Escalation

12 May, 2016 - 16:49

Posted by Bogner Florian on May 12

Huawei Mobile Broadband HL Service Local Privilege Escalation

Metadata
===================================================
Release Date: 12-05-2016
Author: Florian Bogner @ Kapsch BusinessCom AG (https://www.kapsch.net/kbc)
Affected versions: up to the current 22.001.25.00.03 on x86 and x64
Tested on: Windows 7 32 bit and 64 bit
CVE : CVE-2016-2855
URL:...

CakePHP Framework <= 3.2.4 IP Spoofing Vulnerability

12 May, 2016 - 16:48

Posted by Dawid Golunski on May 12

http://legalhackers.com/advisories/CakePHP-IP-Spoofing-Vulnerability.txt

=============================================
- Release date: 12.05.2016
- Discovered by: Dawid Golunski
- Severity: Medium
=============================================

I. VULNERABILITY
-------------------------

CakePHP Framework <= 3.2.4 IP Spoofing Vulnerability
3.1.11
2.8.1
2.7.10
2.6.12

II. BACKGROUND
-------------------------

- CakePHP...

Skype Phishing Attack

12 May, 2016 - 16:37

Posted by Danny Kopping on May 12

First-time poster here. I've been told to submit this issue to FD since
Microsoft's Security Team rejected this out of hand because it doesn't meet
their arbitrary definition of a vulnerability.

"Thank you for contacting the Microsoft Security Response Center (MSRC).
Upon investigation we have determined that this is not a valid
vulnerability."

Below is the original message i sent to secure () microsoft com:...

BulletProof Security 53.3 - Security Advisory - Multiple XSS Vulnerabilities

10 May, 2016 - 21:22

Posted by Onur Yilmaz on May 10

Information
--------------------
Advisory by Netsparker
Name: Multiple XSS Vulnerabilities in BulletProof Security
Affected Software : BulletProof Security
Affected Versions: v53.3 and possibly below
Vendor Homepage : https://wordpress.org/plugins/bulletproof-security/
Vulnerability Type : Cross-site Scripting
Severity : Important
Status : Fixed
Netsparker Advisory Reference : NS-16-004

Technical Details
--------------------
Proof of Concept...

CFP: Passwords 2016, Ruhr-University Bochum, Germany, Dec 5-7

10 May, 2016 - 17:20

Posted by Per Thorsheim on May 10

====================================================================
Call for Papers
The 11th International Conference on Passwords
PASSWORDS 2016

5-7 December 2016
Ruhr-University Bochum, Germany

https://passwords2016.rub.de/
====================================================================

The Passwords conference was launched in 2010 as a response to
the lack of robustness and usability of current personal
authentication practices and...

Intuit QuickBooks 2007 - 2016 Arbitrary Code Execution

10 May, 2016 - 17:19

Posted by Thegrideon Software on May 10

+ Credits: Maxim Tomashevich from Thegrideon Software
+ Website: https://www.thegrideon.com/
+ Details: https://www.thegrideon.com/qb-internals-sql.html

Vendor:
---------------------
www.intuit.com, www.intuit.ca, www.intuit.co.uk

Product:
---------------------
QuickBooks Desktop versions: 2007 - 2016

Vulnerability Type:
---------------------
Arbitrary SQL / Code Execution

Vulnerability Details:
---------------------
QuickBooks company files...

Nfdump Nfcapd 1.6.14 Multiple Vulnerabilities

10 May, 2016 - 08:37

Posted by Denis Andzakovic on May 10

( , ) (,
. '.' ) ('. ',
). , ('. ( ) (
(_,) .'), ) _ _,
/ _____/ / _ \ ____ ____ _____
\____ \==/ /_\ \ _/ ___\/ _ \ / \
/ \/ | \\ \__( <_> ) Y Y \
/______ /\___|__ / \___ >____/|__|_| /
\/ \/.-. \/ \/:wq
(x.0)
'=.|w|.='
_=''"''=....

Stanford University - Multiple SQL Injection Vulnerabilities

10 May, 2016 - 04:20

Posted by Vulnerability Lab on May 10

Document Title:
===============
Stanford University - Multiple SQL Injection Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1829

Release Date:
=============
2016-05-09

Vulnerability Laboratory ID (VL-ID):
====================================
1829

Common Vulnerability Scoring System:
====================================
7.8

Product & Service Introduction:...

Trend Micro Direct Pass - Filter Bypass & Cross Site Scripting Vulnerability

10 May, 2016 - 04:18

Posted by Vulnerability Lab on May 10

Document Title:
===============
Trend Micro Direct Pass - Filter Bypass & Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1716

Trend Micro Security ID: 1-1-1039900197

Release Date:
=============
2016-05-01

Vulnerability Laboratory ID (VL-ID):
====================================
1716

Common Vulnerability Scoring System:
====================================...

Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability

10 May, 2016 - 04:15

Posted by Vulnerability Lab on May 10

Document Title:
===============
Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1839

Release Date:
=============
2016-04-29

Vulnerability Laboratory ID (VL-ID):
====================================
1839

Common Vulnerability Scoring System:
====================================
3.3

Product & Service Introduction:...

Notes v4.5 iOS - Arbitrary File Upload Vulnerability

10 May, 2016 - 04:13

Posted by Vulnerability Lab on May 10

Document Title:
===============
Notes v4.5 iOS - Arbitrary File Upload Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1832

Release Date:
=============
2016-04-25

Vulnerability Laboratory ID (VL-ID):
====================================
1832

Common Vulnerability Scoring System:
====================================
6.4

Product & Service Introduction:...

Skype Manager - (Email Change) Filter Bypass Vulnerability

10 May, 2016 - 04:11

Posted by Vulnerability Lab on May 10

Document Title:
===============
Skype Manager - (Email Change) Filter Bypass Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1672

MSRC Case 32353 TRK:0001002845

Release Date:
=============
2016-05-09

Vulnerability Laboratory ID (VL-ID):
====================================
1672

Common Vulnerability Scoring System:
====================================
5.2

Product & Service...

t2'16: Call For Papers 2016 (Helsinki, Finland)

9 May, 2016 - 07:48

Posted by Tomi Tuominen on May 09

#
# t2'16 - Call For Papers (Helsinki, Finland) - October 27 - 28, 2016
#

If you are tired of any of the following:
1) conferences where coffee service equals one coupon (= cup) per day,
2) conferences with crazy-ass lines making world's busiest transit hubs seem
like a pleasurable life experience,
3) conferences showcasing talks indistinguishable from sponsored content, or
4) conferences which overcharge and underdeliver, please...