[FD] Barracuda Networks Web Security Flex Appliance Application v4.x - Filter Bypass Persistent Vulnerabilities (BNSEC 707)

2014-08-25 Thread Vulnerability Lab
Document Title: === Barracuda Networks Web Security Flex Appliance Application v4.x - Filter Bypass Persistent Vulnerabilities (BNSEC 707) References (Source): http://www.vulnerability-lab.com/get_content.php?id=749 Barracuda Networks Security ID (BNSEC): 707

[FD] Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699)

2014-08-25 Thread Vulnerability Lab
Document Title: === Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699) References (Source): http://www.vulnerability-lab.com/get_content.php?id=750 BARRACUDA NETWORK SECURITY ID: BNSEC-699 Release Date: = 2014-08-22

[FD] CVE-2014-2081 - VTLS Virtua InfoStation.cgi SQLi.

2014-08-25 Thread J. Tozo
=[Alligator Security Team - Security Advisory] - VTLS Virtua InfoStation.cgi SQLi - CVE-2014-2081 - Author: José Tozo juniorbsd () gmail com =[Table of Contents]== 1. Background 2. Detailed

[FD] ntopng 1.2.0 XSS injection using monitored network traffic

2014-08-25 Thread Steffen Bauch
ntopng 1.2.0 XSS injection using monitored network traffic ntopng is the next generation version of the original ntop, a network traffic probe and monitor that shows the network usage, similar to what the popular top Unix command does. The web-based frontend of the software is vulnerable to

Re: [FD] Hilariously Bad SQRL Implementation

2014-08-25 Thread Scott Arciszewski
Why would any sane rational human being implement something from Gibson? On that note, I did come across the attrition charlatan page after I started this project. But as far as I'm concerned, I'm only implementing an Ed25519 signature. That the specific client application is one of Steven

[FD] MyBB 1.6 - MyAwards CSRF

2014-08-25 Thread surivaton surivaton
# Google Dork: allinurl:myawards.php # Date: 08/17/2014 # Exploit Author: Vagineer https://vagineering.me # Version: ALL VERSIONS # Tested on: MyBB 1.6.15 PoC(set this as your signature or iframe it) Add awards [img]

[FD] RCE in dragonfly gem

2014-08-25 Thread leex
RCE in the Dragonfly gem for image uploading processing in rails/sinatra, in version 1.0.5. (https://github.com/markevans/dragonfly) The underlaying vulnerability is that you can pass arbitrary commands to imagemagicks convert, thus granting arbitrary read/write for the filesystem. Additionally

[FD] CVE-2014-5119 glibc __gconv_translit_find() exploit

2014-08-25 Thread Tavis Ormandy
List, back in July, I described CVE-2014-5119, a fiendish single-fixed-byte heap metadata overflow in the glibc internal routine __gconv_translit_find(). This is caused by the file extension being incorrectly appended to the transliteration module filename. The result is one too few bytes are