Re: [FD] The Misfortune Cookie Vulnerability

We call it Misfortune Cookie over the affected vulnerable HTTP cookie parsing module, but MITRE insists on CVE-2014-9222 To be honest I'm getting rather annoyed by how Check Point is (mis)handling this vulnerability. I mean, there is already a cool marketing name, there is a website dedicated

Re: [FD] iBackup v10.0.0.45 - Privilege Escalation Vulnerability

Already disclosed http://www.exploit-db.com/exploits/35040/ # Exploit Title: iBackup = 10.0.0.32 Local Privilege Escalation # Date: 23/01/2014 # Author: Glafkos Charalambous glafkos.charalambous[at]unithreat.com # Version: 10.0.0.32 # Vendor: IBackup # Vendor URL: https://www.ibackup.com/ #

[FD] Graylog2-Web LDAP Injection - CVE-2014-9217

=[Alligator Security Team - Security Advisory] - Graylog2-Web LDAP Injection - CVE-2014-9217 - Author: José Tozo juniorbsd () gmail com =[Table of Contents]== 1. Background 2. Detailed description 3. Other contexts solutions 4. Timeline 5.

[FD] VP-2014-004 SysAid Server Arbitrary File Disclosure

Vantage Point Security Advisory 2014-004 Title: SysAid Server Arbitrary File Disclosure ID: VP-2014-004 Vendor: SysAid Affected Product: SysAid On-Premise Affected Versions: 14.4.2 Product Website: http://www.sysaid.com/product/sysaid Author: Bernhard

[FD] BBC about Ukrainian Cyber Forces

Hello participants of Mailing List. After the article about me and Ukrainian Cyber Forces on Global Voices (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2014-December/009065.html), here is the article on BBC. I gave interview for both of these journalists. Ukraine

Re: [FD] The Misfortune Cookie Vulnerability

The most technical it seems to get is the following: quote The Misfortune Cookie vulnerability is exploitable due to an error within the HTTP cookie management mechanism present in the affected software, allowing an attacker to determine the ‘fortune’ of a request by manipulating cookies.

Re: [FD] The Misfortune Cookie Vulnerability

Hi Sandro, As I commented before, we are bound by policy that is out of my personal reach at the moment. I can tell you, however, that when any independent researcher looks into the HTTP cookie parsing function in the RomPager 4.07 binary, his bounds will not be checked. Cheers, Shahar From:

[FD] Defense in depth -- the Microsoft way (part 24): applications built with SDKs may be vulnerable

Hi @ll, in their software development kits Microsoft typically ships Visual C++ (cross) compilers with headers and libraries, including the MSVCRT for both static and dynamic linking. The compiler(s) and the libraries are almost never updated (the only update I know is

Re: [FD] CVE-2014-9330: Libtiff integer overflow in bmp2tiff

Fuzzing bmp2tiff, using the afl-fuzzer, revealed an integer overflow issue related to the dimensions of the input BMP image. It's probably worth noting that although the bundled utilities are pretty buggy, there are also several bugs affecting the libtiff library itself that can be hit with afl

[FD] Vulnerabilities in Samsung SyncThru Web Service

Hello list! There are Information Leakage and Insufficient Authorization vulnerabilities in SyncThru Web Service. This is web application for Samsung printers, particularly I found it with Samsung ML-1865W and other printers. Earlier I informed Samsung about it. -