[FD] [RT-SA-2013-002] Endeca Latitude Cross-Site Request Forgery

2014-06-25 Thread RedTeam Pentesting GmbH
Advisory: Endeca Latitude Cross-Site Request Forgery RedTeam Pentesting discovered a Cross-Site Request Forgery (CSRF) vulnerability in Endeca Latitude. Using this vulnerability, an attacker might be able to change several different settings of the Endeca Latitude instance or disable it entirely.

[FD] [RT-SA-2013-003] Endeca Latitude Cross-Site Scripting

2014-06-25 Thread RedTeam Pentesting GmbH
Advisory: Endeca Latitude Cross-Site Scripting RedTeam Pentesting discovered a Cross-Site Scripting (XSS) vulnerability in Endeca Latitude. By exploiting this vulnerability an attacker is able to execute arbitrary JavaScript code in the context of other Endeca Latitude users. Details ===

[FD] CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014

2014-06-25 Thread Portcullis Advisories
Vulnerability title: Arbitrary Code Execution in G Data TotalProtection 2014 CVE: CVE-2014-3752 Vendor: G Data Product: TotalProtection 2014 Affected version: v24.0.2.1 Fixed version: N/A Reported by: Kyriakos Economou Details: G Data TotalProtection 2014 v24.0.2.1 and possibly earlier versions

[FD] CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux)

2014-06-25 Thread Portcullis Advisories
Vulnerability title: Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux) CVE: CVE-2014-2385 Vendor: Sophos Product: Antivirus Affected version: 9.5.1 Fixed version: 9.6.1 Reported by: Pablo Catalina Details: The Configuration Console of Sophos Antivirus 9.5.1 (Linux)

[FD] Defense in depth -- the Microsoft way (part 17): even a one-line script is vulnerable

2014-06-25 Thread Stefan Kanthak
Hi @ll, the batch script WINRM.CMD, which contains just the single line @cscript //nologo %~dpn0.vbs %* allows a binary planting or squatting attack: WINRM.CMD executes a rogue CSCRIPT.COM, CSCRIPT.EXE, CSCRIPT.BAT, CSCRIPT.CMD etc. (see environment variable PATHEXT) from the current working

Re: [FD] Boolean algebra and CSS history theft

2014-06-25 Thread Diego Rodriguez
After reading your history theft with CSS article, it got me wondering if that's what the Passpack service is doing. I've been using passpack.com for a while and after logging in to my account it always asks to 'click on the black square to continue'. The page shows 8 white squares with one black

Re: [FD] keybase.io

2014-06-25 Thread Tony Arcieri
On Monday, June 23, 2014, Jonathan Care j...@tardis.org wrote: Projects like keybase.io, mailvelope, and so on You namedrop these projects as if they're the same thing, but they're not. - Keybase.io is a web page, and last I looked, they weren't using CSP, which would help prevent XSS -

Re: [FD] keybase.io

2014-06-25 Thread Sam Stewart
Also thanks to Rikairchy, I got an invite. I opted not to upload my private key, and it's still a pretty useful service without that. Github, twitter bitcoin address, signed by my priv key offline. The tracking feature is probably the easiest implementation of web-of-trust I've seen. On 22

[FD] XSS and CSRF vulnerabilities in Zyxel P660RT2 EE

2014-06-25 Thread MustLive
Hello list! These are Cross-Site Scripting and Cross-Site Request Forgery vulnerabilities in Zyxel P660RT2 EE ADSL Router. - Affected products: - Vulnerable is the next model: Zyxel P660RT2 EE. ZyNOS Firmware Version: V3.40 (AXN.1). This model