Digital Armaments October-November Hacking Challenge: 5,000$ Prize - Linux
Local Kernel Vulnerabilities and Exploit
Challenge pubblication is 10.10.2008
http://www.digitalarmaments.com/content/view/47/27/
I. Details
Digital Armaments officially announce the launch of October-November hacking
Challenge Publication is 09.15.2006
http://www.digitalarmaments.com/challange200609253923.html
I. Details
Digital Armaments officially announce the launch of September-October hacking
challenge.
The challenge starts on September 1. For the September-October Challenge,
Digital Armaments wi
Vulnerability class : Cross-Site Scripting
Discovery date : 13 September 2006
Remote : Yes
Credit : ILION Research Labs
Vulnerable : SAP ITS
Vulnerable version: Versions 6.1 and 6.2 have been found to be vulnerable.
Other versions might be too.
A XSS (Cross-Site-Scripting) vulnerability h
phplist, http://www.phplist.com is a popular open source newsletter application
written in PHP.
An XSS vulnerability has been found, in the public pages of the application.
This issue has been addressed in the latest release 2.10.3, available from
www.phplist.com
Versions affected: any version
Challenge pubblication is 11.02.2006
http://www.digitalarmaments.com/challenge200611849937.html
I. Details
Digital Armaments officially announce the launch of November-December hacking
challenge.
The challenge starts on November 1. For the November-December Challenge,
Digital Armaments will
Challenge pubblication is 11.02.2006
http://www.digitalarmaments.com/challenge200611849937.html
I. Details
Digital Armaments officially announce the launch of November-December hacking
challenge.
The challenge starts on November 1. For the November-December Challenge,
Digital Armaments will g
Digital Armaments advisory for Platinum Subcription is 06.20.2006
Digital Armaments public advisory is 12.07.2006
http://www.digitalarmaments.com/2006061285940301.html
I. Background
Yahoo! Inc. is an American computer services company with a mission to "be the
most essential global Internet ser
MkPortal Urlobox Cross Site Request Forgery
Discovered by: Demential
Web: http://www.burnhead.it
E-mail: [EMAIL PROTECTED]
Mkportal website: http://www.mkportal.it
posting [img]?ind=urlobox&op=delete&idurlo=X[/img] in MkPortal urlobox
where X is an ID of a message,
when administrator opens urlobo
Find below the details of a vulnerability in the HP Quality Center product
(formely Mercury Quality Center).
Introduction
--
Quality Center (QC) is a web-based QA testing and management tool. It is a
product from HP when they took over Mercury Interactive last year.
The front-e
http://$host$path\r\n";;
$message .= "Accept-Language: zh-cn\r\n";
$message .= "Content-Type: application/x-www-form-urlencoded\r\n";
$message .= "User-Agent: securitylab\r\n";
$message .= "X-Forwarded-For:1.1.1.1\r\n";
$message .= "Host: $host\r\n";
$message .= "Conte
# Securitylab.ir
# Application Info:
# Name: Namad
# Version: 2.0.0.0
# Website: http://imenafzar.com
#
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
# Contacts
# Securitylab.ir
# Application Info:
# Name: DMXReady Registration Manager
# Version: 1.1
# Website: http://www.dmxready.com
#
# Discoverd By: Securitylab.ir
# Website: http
# Securitylab.ir
# Application Info:
# Name: LxBlog
# Website: http://www.lxblog.net
#
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
# Contacts: admin[at
# Securitylab.ir
# Application Info:
# Name: ecshop
# Version: 2.6.2
# Website: http://www.ecshop.com
#
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
# Contacts: i
# Securitylab.ir
# Application Info:
# Name: Empire Cms
# Version: 5.1
# Download: http://www.phome.net/OpenSource/download/EmpireCMS_5.1os_SC_GBK.zip
#
# Discoverd By
# Securitylab.ir
# Application Info:
# Name: dedecms
# Version: v5.3
# Website: http://dedecms.com
#
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
# Contacts
# Securitylab.ir
# Application Info:
# Name: Admin News Tools
# Version: 2.5
# Website: http://www.adminnewstools.fr.nf
# Download: http://www.adminnewstools.fr.nf/zip/ANT-2.5.zip
Digital Armaments March-April Hacking Challenge: 5,000$ Prize - Client
Vulnerabilities and Exploit
Pubblication is 03.15.2008
http://digitalarmaments.com//content/view/46/27/
I. Details
Digital Armaments officially announce the launch of March-April hacking
challenge.
The challenge starts
#
##Easy-Clanpage v2.2 ###
# SQL İnjection VuLnerabiLity ##
##
Vulnerability class : Arbitrary file overwrite
Discovery date : 21 April 2008
Remote : Yes
Credits : J. Bachmann & B. Mariani from ilion Research Labs
Vulnerable : Zune software: EncProfile2 Class
An arbitrary file overwrite as been discovered in an ActiveX control installed
with the Zune so
sent via the
http://www.hack.lu/ website.
Submissions should also include the following:
1. Presenter, and geographical location (country of origin/passport)and
contact info.
2. Employer and/or affiliations.
3. Brief biography, list of publications or papers.
4. Any significant presentation
this won't work, unless register globals is on, and on almost every webhost
with PHP5, does not have register_globals on.
So what a stupid exploit.
The issue is not yet secure at http://www.web-app.org
1.) Guests can edit files on the server by:
http://victim-domain/cgi-bin/index.cgi?action=menu
- There are approximately 35 webapporg sites of version 0.9.9.7 defaced with
the issue. So it couldn't possibly be fixed for 0.9.9.7 as claimed abo
InterWorx 3.0.3 has been released that addresses this problem.
http://interworx.com/forums/showthread.php?t=2501
Digital Armaments September-October Hacking Challenge: Symbian
Challenge pubblication 09.04.2007
http://www.digitalarmaments.com/challenge200709362386.html
I. Details
Digital Armaments officially announce the launch of September-October hacking
challenge.
The challenge starts on September 1.
Dear Information Security Freaks,
This is to announce that the line-up of the speakers and their subjects
is finally up in a draft version on hack.lu 2007 (http://www.hack.lu/).
Have a look and register as space is limited and prices go up progressively.
We managed again to have speakers from al
New Advisory:
Snewscms Rus
http://www.medconsultation.ru
Summary
Software: SnewsCMS Rus v. 2.1
Sowtware's Web Site: http://www.snewscms.net.ru
Versions: 2.1
Critical Level: Moderate
Type: XSS
Class: Remote
Status: Unpatched
PoC/Exploit: Not
#
# Securitylab.ir
#
# Application Info:
# Name: Smart Douran CMS
# Vendor: http://smartdouran.ir
Not working , Tested on : XpSp2 , IE6
#
# Securitylab.ir
#
# Application Info:
# Name: Nginx
# Tested on nginx 0.8.35
# Nginx 0.8.36 and higher is not vulnerable
Vul in stable versions now isn't work.
Original Advisory:
http://blog.pouya.info/userfiles/vul/NginX.rar
#
# Securitylab.ir
#
# Application Info:
# Name: Cherokee Web Server
# Version: 0.5.3
# Download:
http://mirror.aarnet.edu.au/pub/cherokee/windows/Cherokee
Published by Securitylab.ir
Founder: unknown
/*
===
Flash player 9.exe DLL Hijacking Exploit (schannel.dll)
===
Founded By: Securitylab.ir (Kamran Safaei Tabrizi)
===
include "stdafx.h"
=
Founded By: Kamran Safaei Tabrizi(k4mr4n_st(at)yahoo(dot)com)
Securitylab Security Research Team
Website: http://www.securitylab.ir
Special Thanks: Mazo shinozuki, BangoDragon
=
[STANKOINFORMZASCHITA-10-01] Netbiter® webSCADA  multiple vulnerabilities
Authors: Eugene Salov (eug...@itdefence.ru), Andrej Komarov
(koma...@itdefence.ru)
Product: Netbiter® webSCADA
CVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:R/C:C/I:C/A:C)
Impact Subscore: 10.0
Exploitability Subscore: 8.0
A
stems.
Contact: info (at) itdefence (dot) ru
Russia, Moscow, Bolshaya Bochtovaya st., 26, Business Center
Tel.: +7 (495) 790-16-60
http://itdefence.ru
PoC:
By: Pouya Daneshmand
Advisory:
http://securitylab.ir/Advisories/Firefox%203.6.12%20Denial%20of%20Service%20Vulnerability.txt
#
# Securitylab.ir
#
# Application Info:
# Name: Sigma Portal
# Vendor: http://www.sigma.ir
#
# Securitylab.ir
#
# Application Info:
# Name: Asan Portal
# Vendor: http://iptech.ir/default.aspx?id=130
# Microsoft IIS 6 parsing directory Vulnerability
#Discovered by:
Pouya daneshmand
whh_iran[AT]yahoo[DOT]com
http://securitylab.ir/blog
#Introduction:
Using this vuln
Dokeos 1.8.6.2 fixes these 2 security holes. Dokeos 1.8.6.2 has been released
one day after we got informed about this security release.
Download @sourceforge http://bit.ly/dYOvDc
# Securitylab.ir
# Application Info:
# Name: DBHCMS Web Content Management System
# Version: 1.1.4
# Download: :(
#
# Discoverd By: Securitylab.ir
# Website: http
#
# Securitylab.ir
#
# Application Info:
# Name: httpdx webserver
# Version: 1.5
###
# QvodPlayer ColorFilter Codec ActiveX Remote Exec
# Download : http://www.qvod.com
###
# Vulnerability:
#
###
#
# Securitylab.ir
#
# Application Info:
# Name: eWebeditor
# Version: all version
#
# Vulnerability Info
#
# Securitylab.ir
#
# Application Info:
# Name: Microsoft IE
# Version: 6 & 7
# Tested on : XP(SP1/SP2
#
# Securitylab.ir
#
# Application Info:
# Name: Tavanmand Portal
# version: 1.1
# Vendor: http://www.tavanmand.ir
#
# Securitylab.ir
#
# Application Info:
# Name: eWebeditor
# Version: ASP
#
Vulnerability
#
# Securitylab.ir
#
# Application Info:
# Name: RaakCms
# Vendor: http://raakcms.com
#
Vulnerability
#
# Securitylab.ir
#
# Application Info:
# Name: mongoose
# Version: 2.8
# Download: http://code.google.com/p/mongoose/downloads/list
#
# Securitylab.ir
#
# Application Info:
# Name: Joomla (jw_allvideos Plugin)
# Version: 1.0
#
# Securitylab.ir
#
# Application Info:
# Name: Internet Explorer
# Version: 8.0
#
Vulnerability: IE
#
# Securitylab.ir
#
# Application Info:
# Name: Pixel Portal
# Vendor: http://www.pixelidea.ir
You right.
it's working at version 1.0 only ;)
# Application Info:
# Name: Joomla (jw_allvideos Plugin)
# >>>>> Version: 1.0 <<<<<
#
# Securitylab.ir
#
# Application Info:
# Name: Official Portal 2007
#
# Vulnerability Info
#
Vulnerability:
http://site.com/phpinfo.php?+alert(011100110110010101100011011101010111001001101001011101000001);+
#
# Discoverd By: Pouya Daneshmand
# Website: http://securitylab.ir
# Contacts: info[at]securitylab.ir & whh_i...@yahoo.com
###
###
# Securitylab.ir
###
Vul:
function crash() {
var buff = '';
for(i=0;i<=5000;i++) {buff+="AA";}
obje
#
# Securitylab.ir
#
# Application Info:
# Name: Joomla Component com_weblinks
#
# Vulnerability Info
#
# Securitylab.ir
#
# Application Info:
# Name: Easy Page
# Vendor: http://easypage.org
#
# Securitylab.ir
#
# Application Info:
# Name: Joomla Component com_xmap
#
# Vulnerability Info:
# Type
/cfp/
Submissions should also include the following:
1. Presenter, and geographical location (country of origin/passport)
and contact info.
2. Employer and/or affiliations.
3. Brief biography, list of publications or papers.
4. Any significant presentation and/or educational
experience
#
# Securitylab.ir
#
# Application Info:
# Name: Vana CMS
# Vendor: http://www.vanasoft.com
#
# Securitylab.ir
#
# Application Info:
# Name: Ziggurat CMS
# Vendor: http://www.farsi-cms.com
VigileCMS 1.4 Multiple Remote Vulnerabilities
---
---
Author : DevilAuron (http://devilsnight.altervista.org)
Vendor : V
Digital Armaments November-December Hacking Challenge: Diffuse Client
Application
Challenge Pubblication 11.29.2007
http://www.digitalarmaments.com/challenge200711849505.html
I. Details
Digital Armaments officially announce the launch of November-December hacking
challenge.
The challenge
Digital Armaments January-February Hacking Challenge: Special 20.000$ Prize -
Windows Vulnerabilities and Exploit
Challenge pubblication is 01.04.2008
http://www.digitalarmaments.com/challenge200801566321.html
I. Details
Digital Armaments officially announce the launch of January-February
This issue has been resolved since version 1.1.0:
http://livecart.com/news/Major-update-LiveCart-1-1-0.8
## Securitylab.ir
# Application Info:
# Name: DVBBS (php)
# Version: 2.0
# Vendor: http://p.dvbbs.net
#
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
R08-08: Several XSS on Orion Application server 2.0 to 2.0.8
Vulnerability found: May 2008 Revalidated 23 July 2009
Vendor informed: 27th July 09
Vulnerability fixed:
Severity: Medium
Description:
Various Orion application application server example pages are vulnerable to
XSS.
# Securitylab.ir
# Application Info:
# Name: DEDECMS
# Version: 5.1
#
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
# Contacts: admin[at]securitylab.ir &am
## Securitylab.ir
# Application Info:
# Name: phpcms 2008
# Version: All
#
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
# Contacts: admin[at]securitylab.ir &am
## Securitylab.ir
# Application Info:
# Name: PHP168
# Version: 6.0
#
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
# Contacts: admin[at]securitylab.ir &am
## Securitylab.ir
# Application Info:
# Name: PSArt
# Version: 1.2
#
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
# Contacts: admin[at]securitylab.ir &am
About QuahogCon
QuahogCon is a new regional conference for the hacker culture in all forms.
Hardware, Software, Security, Social, Eco Hacking, Zero Impact Living. Like
most hacker cons, it will run Friday to Sunday. We'll have two tracks: one for
InfoSec topics and the other track will be a mi
Russia
Vendor (Adobe has been notifed about this vulnerability at July 23,
2002, but have hot replied.
TECHNICAL INFO
===
Description of the vulnerability.
-
Adobe
/*
* Telnetd AYT overflow scanner, by Security Point(R)
* Bug found by scut of TESO Security
*
* Date: 25/07/01
* Author: Security Point(R)
* WWW: http://www.secpoint.com
* Email: [EMAIL PROTECTED]
*
* This program checks for the AYT overflow realted to the
* newly discov
Security Point
(R)
[EMAIL PROTECTED]
http://www.secpoint.com/
Advisory #003
Title: Vulnerability in Windows 2000 TELNET service.
Date: 25-07-01
Copyright (c) 2001 SECURITY POINT
(R)
Contents:
=
I Disclaimer
II Introduction
been reported to vendor (Adobe Systems Inc) on
02/24/2003; vendor has not replied.
Technical info
===
Adobe Document Server for Reader Extensions
In-Reply-To: <[EMAIL PROTECTED]>
THUNDERSTONE RESPONSE TO SECURITY ALERT
Thunderstone Software is aware of a report about a "vulnerability" in one of our
products, published on Bugtraq. Thunderstone takes such concerns seriously. We offer
the following details for concerned customers and users
I have spent the last year rewriting the server and it should now Dos free. I
have tested against all known vulnerabilities and cant crash the software.
Please download from www.platinumftp.com and let me know if you find any more.
MkPortal "All Guests are Admin" Exploit
Vulnerability discovered and exploited by: Demential
Web: http://headburn.altervista.org
E-mail: info[at]burnhead[dot]it
Mkportal website: http://www.mkportal.it
Start Macromedia Flash and create an swf file with this code:
var idg:Number =
MkPortal Admin XSS
Discovered by: Demential
Web: http://headburn.altervista.org
E-mail: info[at]burnhead[dot]it
Mkportal website: http://www.mkportal.it
Go to: /mkportal/admin.php?ind=ad_contents&op=contents_new
In both fields write:
">alert(document.cookie)
and press save.
Alert
MkPortal Full Path Disclosure
Vulnerability discovered by: Demential
Web: http://headburn.altervista.org
E-mail: info[at]burnhead[dot]it
Mkportal website: http://www.mkportal.it
Tested on MKPortal M1.1 RC1 with PhpBB
other versions may also be affected.
http://www.victim.com/mkportal/admin.php
phpBB (privmsg.php) XSS Exploit
By: Demential
Web: http://headburn.altervista.org
E-mail: [EMAIL PROTECTED]
PhpBB website: http://phpbb.com
Exploit tested on phpBB 2.0.21
Secunia.com said:
Input passed to the form field "Message body" in privmsg.php
is not properly sanitised before it is return
Digital Armaments pre-advisory is 01.10.2007
http://www.digitalarmaments.com/pre2007-00018659.html
Digital Armaments realease pre-advisory of vulnerabilties and exploit avaiable
only to Platinum Subscriptors.
The full-advisory will might be released to the public after 6 months.
I. Background
Digital Armaments advisory is 01.20.2007
http://www.digitalarmaments.com/2007200184936274.html
I. Background
grsecurity is an innovative approach to security utilizing a multi-layered
detection, prevention, and containment model. It is licensed under the GPL.
For further information or detail a
variable $content_php is set in php code and should overwrite any user made
inserts in url. i think this is not a vulnerability, is it?
Submissions should also include the following:
1. Presenter, and geographical location (country of origin/passport)and
contact info.
2. Employer and/or affiliations.
3. Brief biography, list of publications or papers.
4. Any significant presentation and/or educational experience/background.
5
vendor : turnkeywebtools.com
by : s3rv3r_hack3r ( [EMAIL PROTECTED] )
bugz:
include/payment/payflow_pro.php >
include $abs_path."/include/payment/payflow_pro/pfpro.class.php";
global.php
require_once $abs_path."/libsecure.php";
libsecu
demo: blog23.com
by : hackerz.ir userz !
ADMIN/index.php include($category."/".$folder."_".$page.".php");
ADMIN/index.php include($category."/".$action.".php");
ADMIN/login.php include($lngTexts);
ADMIN/login.php include($lngConfig);
BO/index.phpinclude($category."/".$folder."_".$page.".php");
FCKEditor fixed in version 4.54. User needed to be logged in as an ADMIN user
to be able to use this vulnerability.
3.0.16 will be released later today. Simple str_replace to fix in
includes/session.inc.php and treatGet function on $_GET['ccUser'].
## remove possible CRLF injection
$sessId = str_replace(array('%0d', '%0a'), '', $sessId);
Please report any potential security issues directly to us in the futur
Digital Armaments May-June Hacking Challenge: VMware
Challenge Publication is 09.05.2007
http://www.digitalarmaments.com/challanges_open.html
I. Details
Digital Armaments officially announce the launch of May-June hacking challenge.
The challenge starts on May 1. For the May-June Challenge, Di
Vulnerability Type: (XSS) Cross-Site Scripting
- Original release date: November 11th, 2013
- Last revised: November 11th, 2013
- Discovered by: Andrea Bodei - A2SECURE
- Severity: 4.3/10 (CVSSv2 Base Scored)
Products and affected versions:
JUNOS up to 11.4 (probably 12.1 and 12.3 vulnerable)
Vu
how/76_kerio_control_8_3_1_boolean_based_blind_sql_injection
Researcher's Websites: http://fereidani.com http://fereidani.ir
http://und3rfl0w.com http://ircrash.com
Researcher's Email: info [ a t ] fereidani [ d o t ] com
Technical Details:
===
Kerio Control suffers from a SQL Injection Vulnerabil
myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique
Software: myBloggie 2.1.6
Severity: High
Author: Robin Verton
Date: Jun. 12 2011
Vendor: http://mybloggie.mywebland.com/
Software Description:
"myBloggie is considered one of the most simple, user-friendliest yet packed
wi
==
Cross-Site Scripting (XSS) in Microsoft ReportViewer Controls
Adam Bixby - Gotham Digital Science (l...@gdssecurity.com)
Public Release Date: 8/9/2011
Confirmed Affected Software: Microsoft Report Viewer Redistributable 2005 SP1
and Microsoft V
Thanks for the feedback! All of SysAid's web vulnerabilities are fixed. SysAid
has already come out with a new release 8.5.08 that addresses all of these
security issuesmaking SysAid 8.5.08 highly secure. We are sorry for the
inconvenience, and encourage all our users to upgrade to the most re
The Reverse Engineering challenge is now available. The rules are included in
the associated zip file. All submissions should be sent to kyre...@athcon.org
and the deadline is 30/04/2013.
Download Rev. Challenge 2013:http://www.athcon.org/AthCon_2013_RE_Challenge.zip
Challenge Creator: Kyriako
1 - 100 of 151 matches
Mail list logo