Re: [FD] Safari Address Spoofing (How We Got It)

Well... http://lcamtuf.blogspot.com/2010/06/yeah-about-that-address-bar-thing.html On Thu, May 28, 2015 at 10:47 PM, David Leo wrote: > Proof of concept: > http://www.deusen.co.uk/items/iwhere.9500182225526788/ > It works on fully patched versions of iOS and OS X. > How it works: > Just keep try

[FD] XML Injection vulnerability in multiple Hikvision IP cameras and DVR

Hello list! There is XML Injection vulnerability in multiple Hikvision IP cameras and DVR. Earlier I wrote about Abuse of Functionality and Brute Force vulnerabilities in multiple Hikvision IP cameras and DVR (http://seclists.org/fulldisclosure/2015/Mar/161). - Affect

[FD] XSS vulnerability in IBM Domino

Hello list! I want to warn you about Cross-Site Scripting vulnerability in IBM Domino. This is one from many vulnerabilities in Domino, which I've found at 03.05.2012. In previous years I wrote about multiple vulnerabilities in Lotus Domino (http://securityvulns.ru/docs29277.html) and Lotus No

[FD] Broken, Abandoned, and Forgotten Code, Part 6

Part 6 is live! We continue reversing the undocumented Netgear firmware header by debugging the embedded HTTP server. We identify two more fields, including an unknown checksum. A disassembly-to-python reimplementation of the checksum algorithm is provided in this week's update to the example code.

[FD] Logical Flaw in Google's OAuth

Hi List, Greetings from Vishnu(@dH4Wk) This is a responsible disclosure. Google brushed of this finding, as in their point of view everything works as intended :-P.. *Summary* Google's OAuth is used by many third party vendors to authenticate their users. Condition for the bug to be exploited:

[FD] More than 60 undisclosed vulnerabilities affect 22 SOHO routers

Dear Full Disclosure community, we are a group of security researchers doing our IT Security Master's Thesis at Universidad Europea de Madrid. As a part of the dissertation, we have discovered multiple vulnerability issues on the following SOHO routers: 1. Observa Telecom AW4062 2. Comtrend WA

[FD] CVE-2015-3935 HTML Injection in Dolibarr

# Title: HTML Injection in dolibarr # Author: Sergio Galán - @NaxoneZ # Date: May 20,2015 # Vendor Homepage: *http://www.dolibarr.es/ * # Vulnerable version: 3.5 / 3.6 # CVE: CVE-2015-3935 Dolibarr no properly escape untrusted data to prevent injection [*] Page affected

[FD] [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices

Overwiew SEARCH-LAB performed an independent security assessment on four different D-Link devices. The assessment has identified altogether 53 unique vulnerabilities in the latest firmware (dated 30-07-2014). Several vulnerabilities can be abused by a remote attacker to execute arbitrary c

[FD] The Empire Strikes Back Apple – how your Mac firmware security is completely broken

Hi, Most Mac models suffer from a critical vulnerability in the S3 suspend/resume cycle. When they resume from a suspend cycle the BIOS flash protections are removed and unlocked. This means the BIOS can be overwritten from userland at that moment. The Dark Jedi vulnerability achieved this by modi

[FD] Safari Address Spoofing (How We Got It)

Proof of concept: http://www.deusen.co.uk/items/iwhere.9500182225526788/ It works on fully patched versions of iOS and OS X. How it works: Just keep trying to load the web page of target domain. How We Got It: Safari changes address bar to new URL, BEFORE new content is loaded. BestSec http://ww