New User, Welcome!     Login

25 January

HTB22819: XSS vulnerability in WebAsyst Shop-Script

Vulnerability ID: HTB22819
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_webasyst_shop_script_1.html
Product: WebAsyst Shop-Script
Vendor: WebAsyst, LLC ( http://www.shop-script.ru/ ) 
Vulnerable Version: Current version 2011.01.23 (shop-script.ru/demo/)
Vendor Notification: 25 January 2011 
Vulnerability Type: XSS (Cross Site Scripting)
Risk level: Medium 
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/) 

Vulnerability Details:

HTB22813: XSS vulnerability in UMI.CMS

Vulnerability ID: HTB22813
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_umi_cms_1.html
Product: UMI.CMS
Vendor: umisoft ( http://www.umi-cms.ru/ ) 
Vulnerable Version: 2.8.1.2
Vendor Notification: 25 January 2011 
Vulnerability Type: Stored XSS (Cross Site Scripting)
Risk level: Medium 
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/) 

Vulnerability Details:

HTB22814: XSS vulnerability in ViArt Shop

Vulnerability ID: HTB22814
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_viart_shop.html
Product: ViArt Shop
Vendor: Viart Software ( http://www.viart.com/ ) 
Vulnerable Version: Enterprise v.4.0.5
Vendor Notification: 25 January 2011 
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed
Risk level: Medium 
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)

HTB22815: XSS vulnerability in ViArt Shop

Vulnerability ID: HTB22815
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_viart_shop_1.html
Product: ViArt Shop
Vendor: Viart Software ( http://www.viart.com/ ) 
Vulnerable Version: Enterprise v.4.0.5
Vendor Notification: 25 January 2011 
Vulnerability Type: Stored XSS (Cross Site Scripting)
Status: Not Fixed
Risk level: Medium 
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)

[security bulletin] HPSBUX02737 SSRT100747 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS)

action: Install revision A.00.09.08t.003 or subsequent

END AFFECTED VERSIONS

HISTORY
Version:1 (rev.1) 25 January 2012 Initial release
Version:2 (rev.2) 22 February 2012 New location for upgrade

Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel.  For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.

Multiple vulnerabilities in LEPTON

Advisory ID: HTB23072
Product: LEPTON
Vendor: LEPTON Project
Vulnerable Version(s): 1.1.3 and probably prior
Tested Version: 1.1.3
Vendor Notification: 25 January 2012 
Vendor Patch: 4 February 2012 
Public Disclosure: 15 February 2012 
Vulnerability Type: Local File Inclusion, SQL Injection, Cross Site Scripting (XSS)
Solution Status: Fixed by Vendor
Risk Level: High

Multiple vulnerabilities in 11in1

Advisory ID: HTB23071
Product: 11in1
Vendor: 11in1
Vulnerable Version(s): 1.2.1 stable 12-31-2011 and probably prior
Tested Version: 1.2.1 stable 12-31-2011
Vendor Notification: 25 January 2012 
Public Disclosure: 15 February 2012 
Vulnerability Type: Local File Inclusion, Сross-Site Request Forgery (CSRF)
Risk Level: High 
Credit: High-Tech Bridge SA Security Research Lab ( https://www.htbridge.ch/advisory/ )

[security bulletin] HPSBUX02737 SSRT100747 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS)

action: Install revision A.00.09.08t.003 or subsequent

END AFFECTED VERSIONS

HISTORY
Version:1 (rev.1) 25 January 2012 Initial release

Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel.  For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.

NGS00117 Patch Notification: Symantec PCAnywhere Local Privilege Escalation

High Risk Vulnerability in Symantec PCAnywhere 

25 January 2012

Edward Torkington of NGS Secure has discovered a high risk vulnerability in Symantec PCAnywhere 

Impact: Local Privilege Escalation

Versions affected:

NGS00118 Patch Notification: Symantec PCAnywhere Remote Code Execution as SYSTEM

Critical Vulnerability in Symantec PCAnywhere 

25 January 2012

Edward Torkington of NGS Secure has discovered a critical vulnerability in Symantec PCAnywhere 

Impact: Remote Code Execution (pre-auth) as SYSTEM

Versions affected:
Symantec pcAnywhere 12.5.x

HTB22818: Stored XSS vulnerability in WebAsyst Shop-Script

Vulnerability ID: HTB22818
Reference: http://www.htbridge.ch/advisory/stored_xss_vulnerability_in_webasyst_shop_script.html
Product: WebAsyst Shop-Script
Vendor: WebAsyst, LLC ( http://www.shop-script.ru/ ) 
Vulnerable Version: Current version 2011.01.23 (shop-script.ru/demo/)
Vendor Notification: 25 January 2011 
Vulnerability Type: Stored XSS (Cross Site Scripting)
Risk level: Medium 
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/) 

Vulnerability Details:

HTB22812: XSRF (CSRF) in UMI.CMS

Vulnerability ID: HTB22812
Reference: http://www.htbridge.ch/advisory/xsrf_csrf_in_umi_cms.html
Product: UMI.CMS
Vendor: umisoft ( http://www.umi-cms.ru/ ) 
Vulnerable Version: 2.8.1.2
Vendor Notification: 25 January 2011 
Vulnerability Type: CSRF (Cross-Site Request Forgery)
Risk level: Low 
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/) 

Vulnerability Details:

HTB22817: XSS vulnerability in WebAsyst Shop-Script

Vulnerability ID: HTB22817
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_webasyst_shop_script.html
Product: WebAsyst Shop-Script
Vendor: WebAsyst, LLC ( http://www.shop-script.ru/ ) 
Vulnerable Version: Current version 2011.01.23 (shop-script.ru/demo/)
Vendor Notification: 25 January 2011 
Vulnerability Type: XSS (Cross Site Scripting)
Risk level: Medium 
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/) 

Vulnerability Details:

HTB22816: XSS vulnerability in ViArt Shop

Vulnerability ID: HTB22816
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_viart_shop_2.html
Product: ViArt Shop
Vendor: Viart Software ( http://www.viart.com/ ) 
Vulnerable Version: Enterprise v.4.0.5
Vendor Notification: 25 January 2011 
Vulnerability Type: Stored XSS (Cross Site Scripting)
Status: Not Fixed
Risk level: Medium 
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)

HTB22811: XSS vulnerability in UMI.CMS

Vulnerability ID: HTB22811
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_umi_cms.html
Product: UMI.CMS
Vendor: umisoft ( http://www.umi-cms.ru/ ) 
Vulnerable Version: 2.8.1.2
Vendor Notification: 25 January 2011 
Vulnerability Type: Stored XSS (Cross Site Scripting)
Risk level: Low 
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/) 

Vulnerability Details:

Apache web server 2.2: htpasswd predictable salt weakness

man page documentation.

History:

Vulnerability reported via vendor's bug tracking database, and source
code patch made available, on 25 January 2008.

Vendor security contact notified via email on 4 February 2008.

Vendor response:

Publique! CMS SQL Injection Vulnerabilities

=====[ Overview ]======================================


 * System affected: Publique! version 2.3 (Other versions may be vulnerable)
 * Release date: 25 January 2010
 * Impact: Successful exploitation of this vulnerability may lead to remote
           server compromise due the ability to recover administrative
           credentials of Publique! management interface.

Apple Airport Wireless Products: Promiscuous FTP PORT Allowed in FTP Proxy Provides Security Bypass

Apple contacted me on 7 January 2010 to ask who to give credit to.  Personal attribution.

On 18 Jan I contacted Apple, advising that they'd passed the six weeks milestone.

On 25 January I contacted Apple, advising that they'd passed the 7 weeks milestone.  They volunteered confidential information.

On 4 Feb, I urged Apple to tell me when a fix was to be issued, approximately.  They'd had their two months, and release cycles happen, but I wanted news within a fortnight.  Didn't they understand that their customers were at easy risk, and that keeping it quiet didn't change that?  By today - that is, by about 3 months - they would certainly be beyond reconciliation.  They volunteered confidential information.

On 4 March, I got bored of waiting, and made this announcement.  The fix is not out; apply workarounds, or trust to the fates and the security of your network.


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!