[FD] [RT-SA-2014-006] Directory Traversal in DevExpress ASP.NET File Manager

2014-06-05 Thread RedTeam Pentesting GmbH
Advisory: Directory Traversal in DevExpress ASP.NET File Manager During a penetration test RedTeam Pentesting discovered a directory traversal vulnerability in DevExpress' ASP.NET File Manager and File Upload. Attackers are able to read arbitrary files by specifying a relative path. Details

[FD] Scrumworks Pro authenticated arbitrary password reset

2014-06-05 Thread Brandon Perry
The latest available version of Scrumworks Pro does not perform proper authorization checks when users attempt to change passwords via the Java Web Start client. If you capture the request the web start client makes when changing the 'administrator' user's password, and substitute the JSESSIONID

[FD] PHPBTTracker+ 2.2 SQL Injection

2014-06-05 Thread Enrico Cinquini
Advisory: PHPBTTracker+ 2.2 SQL Injection Disclosure by: BackBox Team i...@backbox.org Severity: High I. INTRODUCTION SQL Injection through User-Agent. User agent is an HTTP header section provided by appliaction used by

Re: [FD] [oss-security] Bug in bash = 4.3 [security feature bypassed]

2014-06-05 Thread lists
Jose Carlos Luna Duran writes: In my opinion the drop of privs in bash was mostly a help measure for poorly written setuid programs executing system() calls. I don't think is the role of bash to do this ... True, but it is a slight help and I'm in favour of keeping it. Correct me if I'm

[FD] Computer hackers face life in prison under new Government crackdown on cyber terrorism | Mail Online

2014-06-05 Thread Ivan .Heca
http://www.dailymail.co.uk/news/article-2649452/Computer-hackers-face-life-prison-new-Government-crackdown-cyber-terrorism.html?ITO=1490ns_mchannel=rssns_campaign=1490 ___ Sent through the Full Disclosure mailing list

Re: [FD] [oss-security] Bug in bash = 4.3 [security feature bypassed]

2014-06-05 Thread Jeffrey Walton
2014-06-03 16:16 GMT+02:00 Hector Marco hecma...@upv.es: Hi everyone, Recently we discovered a bug in bash. After some time after reporting it to bash developers, it has not been fixed. We think that this is a security issue because in some circumstances the bash security feature could be