OVERVIEW
==
Current versions of WordPress are vulnerable to a stored XSS. An
unauthenticated attacker can inject JavaScript in WordPress comments.
The script is triggered when the comment is viewed.
If triggered by a logged-in administrator, under default settings the
attacker can
OVERVIEW
==
Google Analytics by Yoast is one of the most popular WordPress
plug-ins with over 7 million downloads and 1+ million active
installs. Last month Yoast patched a stored XSS we reported in the
plug-in. Shortly after this we identified another bug of a similar
severity. The
the device to use a HTTP proxy located in the internal
network. This should prevent access to all FTP URLs.
CREDITS
The vulnerability was found and researched by Jouko Pynnönen of Klikki
Oy, Finland.
--
Jouko Pynnonen jo...@iki.fi
Klikki Oy - http://klikki.fi - @klikkioy
OVERVIEW
==
Google Analytics by Yoast is a WordPress plug-in for monitoring
website traffic. With approximately seven million downloads it’s one
of the most popular WordPress plug-ins.
A security vulnerability in the plug-in allows an unauthenticated
attacker to store arbitrary HTML,
compromise via the plugin and theme editors.
CREDITS
The vulnerabilities were found by Jouko Pynnonen of Klikki Oy while
researching WordPress plugins falling in the scope of the Facebook bug
bounty program.
The vendor was notified on March 02, 2015 and the patch was released
on March
===
WordPress was notified on September 26 and has released patches
correcting the problem. The WordPress security advisory is available
at
https://wordpress.org/news/2014/11/wordpress-4-0-1/
CREDITS
===
The vulnerability was discovered and researched by Jouko Pynnonen,
Klikki Oy, Finland
===
The vulnerability was discovered and researched by Jouko Pynnönen,
Klikki Oy, Finland.
--
Jouko Pynnonen [EMAIL PROTECTED]
Klikki Oy
http://iki.fi/jouko
for noticing this, David. Without the slash nothing
special happens. My apologies,
--
Jouko Pynnonen http://iki.fi/jouko/
[EMAIL PROTECTED]
and has released a fix
for the flaw. A complete list of vulnerable Solaris versions and the
fix can be found here:
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55680
CREDITS
===
The vulnerability was discovered by Jouko Pynnönen, Finland.
--
Jouko Pynnonen http
,
Solar Designer, DJ28.
--
Jouko Pynnonen http://iki.fi/jouko/
[EMAIL PROTECTED]
these points? Does there
exist a working exploit which does something else than crash IE? Thanks,
--
Jouko Pynnonen Online Solutions Ltd Secure your Linux -
[EMAIL PROTECTED]http://www.secmod.com
IMP is a popular webmail package written in PHP. It ships with some UNIX
systems and is also used on Windows servers. The version 2 of the program
contains some SQL injection flaws which allow any remote user to access
the webmail system's database. Valid user authentication is not required
The Java implementation of Netscape 4 contains a buffer overflow
vulnerability. Arbitrary code may be run on a Netscape user's system
when a web page containing a malicious applet is viewed.
The buffer overflow happens in the method canConvert() of the class
vulnerability, but the patch corrects this by restricting the
access to the package com.ms.jdbc.odbc, ie. changing the restrictions to
what they are in Sun's implementation. This bug was reported to Microsoft
on 29 Aug 2002.
--
Jouko Pynnonen Online Solutions Ltd Secure your Linux
.
--
Jouko Pynnonen Online Solutions Ltd Secure your Linux -
[EMAIL PROTECTED] http://www.solutions.fihttp://www.secmod.com
for Solaris 8 presently.
CREDITS ACKNOWLEDGEMENTS
Vulnerability discovered by: Jouko Pynnönen [EMAIL PROTECTED]
Thanks greets to: Esa Etelävuori, cc-opers@IRCNet
--
Jouko Pynnonen Online Solutions Ltd Secure your Linux -
[EMAIL PROTECTED]http
16 matches
Mail list logo
