.24876@mm virus.
By the way, I scanned it (a copy of the self-replacating virus was sent to
our mail server) with a 2 week old NAV signature, so you might want to
actually update yours.
Patrick Webster, IT Security Engineer
SafeComs.com
...the Safety in your .com
the Peace of Mind in your Business
of the 'boot.ini' file.
Note that 'c:\boot.ini' is also valid. It may be possible
(but untested) to traverse other volumes.
References:
aushack.com advisory
http://www.aushack.com/advisories/200704-webmethods.txt
Credit:
Patrick Webster ( [EMAIL PROTECTED] )
Disclosure timeline:
20-Mar-2007
, 80, false, true, true, 420)
/script
/html
Additionally, a Metasploit Framework Module has been written to
demonstrate the vulnerability.
References:
aushack.com advisory
http://www.aushack.com/200708-tumbleweed.txt
Credit:
Patrick Webster ( [EMAIL PROTECTED] )
Disclosure timeline:
13-Aug
:
By specifying an overly long Globally Uniquie Identifier (GUID),
it is possible to overwrite the stack and SE Handler.
Example:
msiexec.exe /x {a few thousand A's}
References:
aushack.com advisory
http://www.aushack.com/200806-msiexec.txt
Credit:
Patrick Webster ( [EMAIL PROTECTED
http://www.aushack.com/advisories/200608-computerassociates.txt
Credit:
Patrick Webster ( [EMAIL PROTECTED] )
Thanks to the CA Security team for their quick response.
Disclosure timeline:
21-Jan-2006 - Vulnerabilities discovered.
04-Aug-2006 - Sent to Computer Associates Security Advisor.
04-Aug
-contentkeeper.txt
Credit:
Patrick Webster ([EMAIL PROTECTED])
Disclosure timeline:
15-Mar-2006 - Discovered during quick audit - common design flaw.
08-Jun-2006 - Sent to ContentKeeper support.
12-Jun-2006 - Vendor response, update expected July 2006.
22-Sep-2006 - Public disclosure.
EOF
. Future releases may be proxied via:
http://www.mysource-example.com.au/$page?
sq_content_src=aHR0cDovL3d3dy5nb29nbGUuY29tLmF1
References:
aushack.com advisory
http://www.aushack.com/advisories/200607-mysourcematrix.txt
Credit:
Patrick Webster ( [EMAIL PROTECTED] )
Disclosure timeline:
27-Apr
. Fuzz anyone?
References:
aushack.com advisory
http://www.aushack.com/advisories/200609-googlemini.txt
Credit:
Patrick Webster ( [EMAIL PROTECTED] )
Disclosure timeline:
22-Sep-2006 - Disclosure.
EOF
':
Example:
http://[victim]/webadmin/login.asp?url=;scriptalert(document.cookie)/script
References:
aushack.com advisory
http://www.aushack.com/200904-asbru.txt
Credit:
Patrick Webster ( patr...@aushack.com )
Disclosure timeline:
28-Oct-2008 - Discovered during audit.
27-Nov-2008
application firewall etc.
References:
aushack.com advisory
http://www.aushack.com/200904-q2solutions.txt
Credit:
Patrick Webster ( patr...@aushack.com )
Disclosure timeline:
30-Oct-2008 - Discovered during audit.
05-Nov-2008 - Notified vendor. Vendor declined to comment.
01-Dec-2008 - Submitted full
Credit:
Patrick Webster (patr...@aushack.com)
Disclosure timeline:
10-Apr-2008 - Discovered during audit.
18-Jul-2008 - Vendor notified.
18-Jul-2008 - Vendor response.
25-Feb-2009 - Vendor confirmed patched version.
03-Apr-2009 - Public disclosure.
EOF
. Please try again later.
References:
aushack.com advisory
http://www.aushack.com/200905-sonicwall.txt
Credit:
Patrick Webster ( patr...@aushack.com )
Disclosure timeline:
12-Jan-2009 - Discovered during audit.
09-Feb-2009 - 1st email sent to secur...@sonicwall.com. No response.
27-Feb-2009
I agree. Discovering the local path may be considered a risk, but in
most cases the risk is nil.
Consider compiled binaries. They also leak paths of the developer's
compile environment (mainly PDB -
http://support.microsoft.com/kb/121366). E.g. My firefox.exe is:
-prtg.txt
Credit:
Patrick Webster ( patr...@aushack.com )
Disclosure timeline:
05-Jan-2009 - Discovered during audit.
06-Jan-2009 - Notified vendor.
08-Jan-2009 - Vendor releases update 6.2.1.963/964.
08-Jun-2010 - Disclosure.
EOF
unsubscribe the user 1 from mailing list 1.
References:
aushack.com advisory
http://www.aushack.com/201006-ignitionsuite.txt
Credit:
Patrick Webster ( patr...@aushack.com )
Disclosure timeline:
16-Jan-2009 - Discovered during audit.
18-Jan-2009 - Notified vendor.
08-Jun-2010 - No response. Disclosure
:
Disable JavaScript, use a WAF / IDS etc.
Credit:
This vulnerability was discovered by Patrick Webster.
Disclosure timeline:
18-Sep-2010 - Discovered during audit.
23-Sep-2010 - Notified vendor. Received automated support ticket.
30-Apr-2011 - Disclosure.
About OSI Security:
OSI Security
/ IDS etc.
Credit:
This vulnerability was discovered by Patrick Webster.
Disclosure timeline:
09-Oct-2009 - Discovered during audit.
12-Oct-2009 - Notified vendor. No response.
04-May-2011 - Disclosure.
About OSI Security:
OSI Security is an independent network and computer security auditing
, colour_picker.php and tag_suggestion.php.
Recommendation:
Upgrade to version 4.0.7 or 4.2.3.
Workaround:
N/A.
Credit:
This vulnerability was discovered by Patrick Webster.
Disclosure timeline:
01-Jun-2011 - Discovered during audit.
02-Jun-2011 - Notified vendor. Vendor response.
03-Jun-2011 - Vendor patched
this:
DisplayChart.java line 116:
// Check the file exists
File file = new File(System.getProperty(java.io.tmpdir), filename);
if (!file.exists()) {
throw new ServletException(File ' + file.getAbsolutePath()
+ ' does not exist);
}
Credit:
This vulnerability was discovered by Patrick Webster
]/corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp?srcip=scriptalert(document.cookie)/script
Recommendation:
Upgrade to version 10.01.0 Build 0739 or later.
Workaround:
N/A.
Credit:
This vulnerability was discovered by Patrick Webster.
Disclosure timeline:
08-Jun-2011 - Discovered
.
Workaround:
N/A.
Credit:
This vulnerability was disclosed by Patrick Webster.
Exploit:
A metasploit module is available here:
http://www.metasploit.com/modules/auxiliary/gather/checkpoint_hostname
Disclosure timeline:
14-Dec-2011 - Discovered during audit.
21-Dec-2011 - Added auxiliary
requires authentication to access protected areas but
once you are authenticated, you can HTTP GET internal device
configuration files and other resources that an authenticated user
shouldn't be able to read.
Credit:
This vulnerability was discovered by Patrick Webster.
Disclosure timeline:
28-May
nID=;>alert(document.cookie)
Credit:
Discovered by Patrick Webster
Disclosure timeline:
27-Nov-2008 - Discovered during audit. Reported to vendor.
28-Nov-2008 - Vendor response. Unknown if fixed.
04-Apr-2017 - Public disclosure.
About OSI Security:
OSI Security is an independent n
://www.exploit-db.com/exploits/35588/
Credit:
Discovered by Patrick Webster
Disclosure timeline:
09-Nov-2012 - Exploit released.
04-Apr-2017 - Public advisory.
About OSI Security:
OSI Security is an independent network and computer security auditing
and consulting company based in Sydney, Australia. We
Filter(XFrameFilter.java:38)
Credit:
Discovered by Patrick Webster
Disclosure timeline:
11-Oct-2014 - Discovered during audit.
14-Oct-2014 - Reported to vendor.
18-Feb-2015 - Vendor released patch.
04-Apr-2017 - Public disclosure.
About OSI Security:
OSI Security is an independent network and computer se
gth: 18991
http://java.sun.com/xml/ns/javaee;
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance;
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd;
version="3.0">
Layer7 Secure Span Gateway
[snip]
Credit:
Discover
es:
https://[target]/access/accessRoot.asp?page=http://www.osisecurity.com.au/
https://[target]/access/accessRoot.asp?page=javascript:alert(document.cookie);/
References:
http://help.kaseya.com/webhelp/EN/RN/index.asp#30773.htm
Credit:
Vulnerability discovered by Patrick Webster
Disclosure timelin
by Patrick Webster
OSI Security is an independent network and computer security auditing
and consulting company based in Sydney, Australia. We provide internal
and external penetration testing, vulnerability auditing and wireless
site audits, vendor product assessments, secure network design
directory.
Other normal (or syntax invalid LDAP) requests are answered within
seconds.
Credit:
Discovered by Patrick Webster
Disclosure timeline:
20-Aug-2013 - Discovered during audit.
23-Aug-2013 - Reported to vendor.
26-Aug-2013 - Vendor acknowledged report.
09-Sep-2013 - Vendor confirmed.
15-Oct-2013
https://www.silverstripe.org/download/security-releases/ss-2015-001/
Credit:
Discovered by Patrick Webster
Disclosure timeline:
07-Nov-2015 - Discovered during audit and reported to developer.
Developer response.
05-Feb-2016 - Follow up. Patch released
https://github.com/silverstripe/silverstripe
-2016-10045-vulnerabilities
Credit:
Discovered by Patrick Webster
Disclosure timeline:
01-Feb-2017 - Discovered during audit. Reported to vendor. Vendor
reports working on patch.
04-Apr-2017 - Public disclosure.
About OSI Security:
OSI Security is an independent network and computer security
by Patrick Webster
Disclosure timeline:
14-Jul-2015 - Discovered during audit.
01-Sep-2015 - Reported to vendor.
04-Apr-2017 - Public disclosure.
About OSI Security:
OSI Security is an independent network and computer security auditing
and consulting company based in Sydney, Australia. We provide
aid an
attacker.
Credit:
Discovered by Patrick Webster
Disclosure timeline:
05-Jan-2016 - Discovered and reported to vendor.
08-May-2016 - Vendor response. Queued to be fixed.
04-Apr-2017 - Public disclosure.
About OSI Security:
OSI Security is an independent network and computer security
]/ioneview/admin/main.pl?_username=;>alert(document.cookie)
http://[target]/ioneview/admin/main.pl?_password=;>alert(document.cookie)
http://[target]/scdata/ioneview/cgi/restricted/ioneview.pl?mid=alert(document.cookie)
Credit:
Discovered by Patrick Webster
Disclosure timeline:
17-Sep-2009 - Disc
and interacting with the HTML content.
2) There is a SQL injection in the user edit form e.g
https://[target]/admin/users/edit.php?id=1
(which is accessible as an "administrator" - exploit unauthenticated
as per above).
Credit:
Discovered by Patrick Webster
Disclosure timeline:
03-Mar-2015 -
er to
view or change other cloud user's rules via Direct Object Reference.
E.g.
https://us.emailsec.trendmicro.com/editRule.imss?ruleid=44281
https://us.emailsec.trendmicro.com/editRule.imss?ruleid=44282
https://us.emailsec.trendmicro.com/editRule.imss?ruleid=44283 etc
Credit:
Discovered by Patri
36 matches
Mail list logo
