Bkis
[Bkis-01-2010] Multiple Vulnerabilities in BigAce
1. General Information
BigAce is a free content management software (CMS) written in PHP, and is available at http://www.bigace.de. In April 2010, Bkis Security discovered an XSS and CSRF vulnerability in BigAce 2.7.1. Taking advantage of this vulnerability, hacker is able to insert pieces of code into the path’s link to execute in users’ browser, leading to the loss of cookies and session. Hacker can also trick users into manipulating some of the system’s functions without users’ awareness.
Bkis has informed the software developer team, and they have patched the vulnerability in the latest software version - BigAce 2.7.2.
Details: http://security.bkis.com/multiple-vulnerabilities-in-bigace-5/
SVRT Advisory: Bkis-01-2010
On Thu, May 12, 2011 at 09:59:16AM +0700, Bkis wrote:
> 1. General Information
>
> sNews is a free content management system (CMS) written in PHP and MySQL. It is available at http://snewscms.com/. In April 2011, Bkis Security discovered an XSS (Cross-site Scripting) vulnerability in sNews CMS version 1.7.1. Taking advantage of this vulnerability, hacker might execute malicious code or get cookie of CMS’s administrator.
>
> Details: http://security.bkis.com/snews-1-7-1-xss-vulnerability/
> SVRT Advisory: Bkis 01-2011
> Initial vendor notification: 01/05/2011
> Release Date: 12/05/2011
> Update Date: 12/05/2011
[Bkis-04-2010] Multiple Vulnerabilities in OpenBlog
1. General Information
OpenBlog is a free software for developing blogging platform. OpenBlog is
written on PHP language and available at http://www.open-blog.info. In
August 2010, Bkis Security discovered some XSS, CSRF vulnerabilities on this
software; especially, there is a vulnerability which might allow privilege
elevation on OpenBlog 1.2.1. Taking advantage of this vulnerability, hacker
might execute malicious code on user's browser or even get control of Blog.
XSS vulnerability in 'Monitor_Bandwidth' - PRTG Traffic Grapher
<http://blog.bkis.com/?p=704>
1. General information
PRTG Traffic Grapher is a network monitoring solution, which helps
manage and classify bandwidth usage of a network by providing accurate
results about network traffic and usage trends in graphs and tables. The
software also supports SNMP (Simple Network Management Protocol). PRTG
Traffic Grapher is available at http://www.paessler.com.
1. General Information
sNews is a free content management system (CMS) written in PHP and MySQL. It is available at http://snewscms.com/. In April 2011, Bkis Security discovered an XSS (Cross-site Scripting) vulnerability in sNews CMS version 1.7.1. Taking advantage of this vulnerability, hacker might execute malicious code or get cookie of CMS’s administrator.
Details: http://security.bkis.com/snews-1-7-1-xss-vulnerability/
SVRT Advisory: Bkis 01-2011
Initial vendor notification: 01/05/2011
Release Date: 12/05/2011
Update Date: 12/05/2011
Discovered by: Cao Xuan Sang - Bkis
[Bkis-11-2009] ProShow Gold Buffer Overflow Vulnerabilities
1. General Information
ProShow Gold is a software allowing you easily create photo and video
slide shows on DVD, PC and Web. Recently, Bkis has just detected
vulnerabilities in the software related to the processing of ProShow
Slideshow’s project files (“.psh”). This vulnerability permits hackers
to execute malicious code on users’ systems.
[Bkis-02-2010] Multiple Vulnerabilities in CMS Made Simple
1. General information
CMS Made Simple is a free content management system (CMS) written in PHP,
available at www.cmsmadesimple.org. In March, 2010, Bkis Security discovered
some XSS and CSRF vulnerabilities in CMS Made Simple 1.7.1. Taking advantage
of these vulnerabilities, hacker is able to insert pieces of code into the
path's link to execute in user's browser, causing the loss of cookies and
session. Hacker is also able to trick users into manipulating some of the
Multiple Vulnerabilities in BigAce
1. General Information
BigAce is a free content management software (CMS) written in PHP, and is
available at http://www.bigace.de. In April 2010, Bkis Security discovered
an XSS and CSRF vulnerability in BigAce 2.7.1. Taking advantage of this
vulnerability, hacker is able to insert pieces of code into the path's
link to execute in users' browser, leading to the loss of cookies and
session. Hacker can also trick users into manipulating some of the
system's functions without users' awareness.
Face-recognition is introduced by these vendors as a remarkable feature
which helps prevent unauthorized people breaking into laptops and ensure
information security for their owners.
Details : http://security.bkis.vn/?p=292
SVRT Advisory : SVRT-07-08
Initial vendor notification : 20-11-2008
Release Date : 08-12-2008
Update Date : 08-12-2008
Discovered by : SVRT-Bkis
eoCMS SQL injection vulnerability
1. General information
eoCMS is an open source code software which is used to develop Internet
forum (http://eocms.com/). On October 15, 2009, Bkis Security detected a
SQL injection vulnerability in some functions of eoCMS.
This is a critical vulnerability which allows hacker to access the data
in the database and execute unauthorized tasks. Bkis has informed the
software developer team, and they have patched the vulnerability in the
Rapidleech is a Web based application supporting file upload and download on
the Internet, especially files from popular sites such as rapidshare.com,
megaupload.com, depositfiles.com.
On March 03, 2009, Bkis has detected several vulnerabilities in the upload
function of Rapidleech. These are highly critical vulnerabilities, allowing
hackers to collect a lot of sensitive information, and even execute
malicious code to take control of the server. We have submitted to Developer
Team (www.rapidleech.com).
MPLAB IDE is a famous Integrated Development Environment (IDE) of
Microchip (www.microchip.com) that provides a single integrated
environment to develop applications for Microchip microcontrollers and
digital signal controllers.
In March 2009, Bkis has just detected a vulnerability in this software.
This vulnerability arises from the way MPLAB IDE processes IDE Project
files with extension of .mcp. It could lead to a critical buffer
overflow error that allows hackers to execute malicious code on users’
systems. We have submitted to vendor.
010 Editor is a text editor and hex editor, with a lot of functions as
view and edit binary files, analyze and edit binary data, import and
export binary data in many different formats.
Bkis has just found many vulnerabilities in the software, related to the
processing of 010 Editor Binary Template files (“.bt”) and 010 Editor
Script Files (“.1sc”). These vulnerabilities are very dangerous due to
the fact that they allow hackers to execute malicious code on users’
systems.
[Bkis-06-2009] GOM Player Subtitle Buffer Overflow Vulnerability
1. General Information
GOM Player is a popular multimedia player supporting multiple media
formats (avi, mpeg,…). In March 2009, Bkis has detected a vulnerability
in this software. With this vulnerability, users might lose sensible
information, have viruses installed or have their system taken control
after playing a media file. We have submitted the report to vendor.
1. General Information
PowerCHM is a tool that can create CHM files from Html Files, Text
Files, Microsoft Word Documents and Adobe Acrobat Document.
In March 2009, Bkis has just detected a vulnerability in the software,
related to the processing of PowerCHM project files with extension
“.HHP”. Hackers can exploit this flaw to execute any program, install
viruses, steal private information, and even take control of users’
systems. We sent the report to the vendor.
We (SVRT-Bkis) have just discovered vulnerability in Google Chrome
0.2.149.27. This is a Critical Buffer Overflow Vulnerability permiting
hacker to perform a remote attack and take complete control of the affected
system.
We have submitted this Vulnerability to Google. They confirmed and assign a
verifier for build 0.2.149.28.
[Bkis-03-2010] Vulnerability in Flash Slideshow Maker Vulnerability
1. General Information
Flash Slideshow Maker is a Flash album creator to make animated photo slide
show with SWF file as the output format. Bkis has just detected a
vulnerability in the software related to the processing of Flash Slideshow
Maker project files (".fss"). This vulnerability permits hackers to execute
malicious code on users' systems. Bkis has informed the vendor.
Details: http://security.bkis.com/vulnerability-in-flash-slideshow-maker/
GOM Encoder is a video transcoder that can work with a lot of video formats.
One of its functions is embedding subtitles to the video, which means you
can see subtitles on the resulting video even if your device doesn't support
subtitle.
Bkis has just found a vulnerability in the software, related to the
processing of subtitle files in "srt" format. Taking advantage of the flaw,
hackers can perform denial of service attack or, if successfully exploit,
remote code execution. We have sent the report to the vendor.
Details : http://security.bkis.vn/?p=352
Title : Photo DVD Maker Professional Buffer Overflow Vulnerability
1. General Information
Photo DVD Maker Professional is a tool allows you to create entertaining
photo slideshows with many file formats supported. Bkis has just
detected a vulnerability in the software related to the processing of
Photo DVD Maker Professional project files (“.pdm”). This vulnerability
permits hackers to execute malicious code on users’ systems.
Details : http://blog.bkis.com/?p=713
1. General Information
FeedDemon is known as the most popular Windows RSS Reader which allows users
to view and manage easily RSS feeds from their desktop. In January 2009,
SVRT-BKIS detected a buffer overflow vulnerability in this software. Taking
advantage of this flaw, hackers can perform remote attacks, install viruses,
steal private information, and even take control of users' systems. We have
sent the alert to the manufacturer.
Details : http://security.bkis.vn/?p=329
Besides, K-lite Codec Pack that contains the fixed version of ffdshow have
been released today (11-26-2008).
Thanks,
SVRT-Bkis
----------------------------------------------------------------
Bach Khoa Internetwork Security Center (BKIS)
Hanoi University of Technology (Vietnam)
[Bkis-13-2009] e107 Multiple Vulnerabilities
1. General Information
e107 is a free content management system (CMS) written in PHP language
and is available at http://e107.org/news.php . In October 2009, Bkis
Security discovered a number of XSS and Blind SQL Injection
vulnerabilities on this system. Taking advantage of these holes, hackers
can insert arbitrary malicious codes onto users' browsers, then steal
private information or carry out requests to the website to gain
complete control of the website's database.
1. General Information
mvnForum is software used for creating forums on the Internet
(http://www.mvnforum.com). This is an open source software making use of
Java J2EE (ISP/Servlet) technology.
On September 6 2008, SVRT-Bkis found several CSRF and XSS vulnerabilities in
some functions of mvnForum 1.2 GA. These are highly serious vulnerabilities
allowing hackers to perform privilege escalation attack on the Forum.
We have contacted the development team and they have patched all those
vulnerabilities in the latest version of mvnForum 1.2.1 GA.
Bkis <svrt@bkav.com.vn> wrote:
> Bkis has just found many vulnerabilities in the software, related to the
> processing of 010 Editor Binary Template files (“.bt”) and 010 Editor
> Script Files (“.1sc”). These vulnerabilities are very dangerous due to the
> fact that they allow hackers to execute malicious code on users’ systems.
>
I think you're confused, these scripts can execute programs, create and
modify files, modify running processes, and so on. Perhaps you're confusing
the concept of "modelines" with editor automation (modelines are hints to
> formats, such as DivX, Xvid and H.264. It is the most popular audio and
> video decoder on Windows. Besides a stand-alone setup package, ffdshow is
> often included in almost all codec pack software such as K-lite Codec Pack,
> XP Codec Pack, Vista Codec Package, Codec Pack All in one,.
>
> In Oct 2008, SVRT-Bkis has detected a serious buffer overflow vulnerability
> in ffdshow which affects all available internet browsers. Taking advantage
> of the flaw, hackers can perform remote attack, inject viruses, steal
> sensitive information and even take control of the victim's system.
>
> Since ffdshow is an open source software (can be found at
Vulnerability in WireShark 1.0.4 for DoS Attack
1. General Information
On Nov 2008, Security Vulnerability Research Team of Bkis (SVRT-Bkis) has
detected a vulnerability underlying WireShark 1.0.4 (lastest version).
The flaw is in the function processing SMTP protocol and enables hacker to
perform a DoS attack by sending a SMTP request with large content to port
25. The application then enter a large loop and cannot do anything else.
formats, such as DivX, Xvid and H.264. It is the most popular audio and
video decoder on Windows. Besides a stand-alone setup package, ffdshow is
often included in almost all codec pack software such as K-lite Codec Pack,
XP Codec Pack, Vista Codec Package, Codec Pack All in one,.
In Oct 2008, SVRT-Bkis has detected a serious buffer overflow vulnerability
in ffdshow which affects all available internet browsers. Taking advantage
of the flaw, hackers can perform remote attack, inject viruses, steal
sensitive information and even take control of the victim's system.
Since ffdshow is an open source software (can be found at
* Mike Davies reported a use-after-free vulnerability in the
dissect_q931_cause_ie() function in packet-q931.c in the Q.931
dissector via certain packets that trigger an exception
(CVE-2008-4685).
* The Security Vulnerability Research Team of Bkis reported that the
SMTP dissector could consume excessive amounts of CPU and memory
(CVE-2008-5285).
* The vendor reported that the WLCCP dissector could go into an
infinite loop (CVE-2008-6472).
|
