Next Page >>
Vulnerability Disclosure
WHID 2007-46: School Web site breached? Personal info of Pembroke
workers, volunteers accessible for months
Reported: 11 October 2007
Occured: 02 October 2007
Incident Type: Vulnerability Disclosure
WASC Threat Classification: Insufficient Authorization
Personal information on anyone who worked or volunteered for the
Pembroke schools in the last four years was accessible via the Internet
because of a weakness in the district's computer system. The
Remediation guidelines: The vendor has not provided any remediation guidelines to address this issue. Solutionary recommends upgrading the application if patches are provided to address the issue identified.
Keywords: security, vulnerability, ManageEngine, syslog, xss, event, log, cross-site scripting
Solutionary, Inc. Vulnerability Disclosure Policy
http://www.solutionary.com/index/SERT/Vulnerability-Disclosure-Policy.html
Infiltrated Networks Vulnerability Disclosure
TCP/IP is broken
Overview TCP/IP
Transmission Control Protocol/Internet Protocol is the basic
communication language or protocol of the Internet. It can also be used
as a communications protocol in a private network (either an intranet or
an extranet). When you are set up with direct access to the Internet,
your computer is provided with a copy of the TCP/IP program just as
directions in security that may seem strange or confusing to many
security professionals.
I have written up my explanation for the changes and it touches on
many sticky topics in security: Risk, penetration testing,
vulnerability disclosure, Compliance, trust, certification, and
defense. One thing that I left out is why we moved away from defense
in depth as well. However, that requires a lot more words and the
article ended up being perhaps too long as it is. So maybe in a future
article.
+Trusted computing
Topics for Bring It On! may include, but are not limited to, open
DISCUSSION of the following:
+Privacy and anonymity
+Exploit and vulnerability disclosure / databases
+DRM (Digital Rights Management), fair use, copyright infringement
+Terrorism, counter-terrorism, and eavesdropping
+Open source software world domination strategies
+Controversial views on existing trends or technology
Date: 2012-January-26
Security risk: High
Vulnerability: Umbraco bundles a script behaving like an open-proxy
Researcher: Florent Daigniere
Vendor Status: Notified
Vulnerability Disclosure Policy:
https://www.trustmatta.com/advisories/matta-disclosure-policy-01.txt
Permanent URL:
https://www.trustmatta.com/advisories/MATTA-2012-001.txt
=====================================================================
2009-04-02: Disclosed to Public (XSS is so 1999)
--
BugsNotHugs
Shared Vulnerability Disclosure Account
| http://www.corelan.be:8800 |
| security@corelan.be |
| |
|-------------------------------------------------[ EIP Hunters ]--|
| |
| Vulnerability Disclosure Report |
| |
|------------------------------------------------------------------|
Advisory : CORELAN-10-006
Disclosure date : 20 January 2010
> disclosure approach for informing admins and web developers about
> vulnerabilities. But in this time I used responsible full disclosure. I
> wrote in details about all disclosure policies (including these ones)
> in my
> article "Hacking of web sites, security researches, disclosure and
> legislation" in part 4 "Vulnerability disclosure"
> (http://websecurity.com.ua/articles/security_researches_and_legislation/eng/).
>
>
> It's because earlier I already disclosed details (at my site and to
> security
2009-03-26: Disclosed to Public (no more playing nice)
--
BugsNotHugs
Shared Vulnerability Disclosure Account
option. However, a firmware update is required in order to resolve this issue.
====================================================
7) Time Table
08/12/2008 - Vendor notified via "3Com Vulnerability Disclosure Form"
??/??/???? - Vendor response.
??/??/???? - Vendor patch release.
09/02/2009 - Public disclosure.
====================================================
for pushing the patch
2008.06.02 Sent a warning of the coming independent
advisory, and asked the vendor to join us
2008.06.02 Vendor asked for an additional 48 hours for
coordinated public disclosure
2008.06.04 Coordinated vulnerability disclosure
--EOF--
2009-04-02: Disclosed to Public (XSS is so 1999)
--
BugsNotHugs
Shared Vulnerability Disclosure Account
• RFID
Topics for Bring It On! may include, but are not limited to, open
DISCUSSION of the following:
• Privacy and anonymity
• Exploit and vulnerability disclosure / databases
• Team Fortress 2
• DRM (Digital Rights Management), fair use, copyright infringement
• Terrorism, counter-terrorism, and eavesdropping
• Open source software world domination strategies
• Controversial views on existing trends or technology
Vendor provided fix: 12/5/2008
Workarounds: None required, update to 1.0.6
[--Disclosure Policy--]
PrinceofNigeria.org Vulnerability Disclosure Policy
http://www.princeofnigeria.org/blogs/index.php/vulndev/vulnreleasepolicy/?blog=1
[--Disclosure History--]
Public disclosure date: January 15, 2009
Vendor provided fix: None
Workarounds: None available at this time, design flaw. Discontinue use of this product until a stable patch is released.
[--Disclosure Policy--]
PrinceofNigeria.org Vulnerability Disclosure Policy
http://www.princeofnigeria.org/blogs/index.php/vulndev/vulnreleasepolicy/?blog=1
[--Disclosure History--]
Public disclosure date: May 16, 2009
| http://www.corelan.be:8800 |
| security@corelan.be |
| |
|-------------------------------------------------[ EIP Hunters ]--|
| |
| Vulnerability Disclosure Report |
| |
|------------------------------------------------------------------|
Advisory : CORELAN-10-008
Disclosure date : February 4th, 2010
| http://www.corelan.be:8800 |
| security@corelan.be |
| |
|-------------------------------------------------[ EIP Hunters ]--|
| |
| Vulnerability Disclosure Report |
| |
|------------------------------------------------------------------|
Advisory : CORELAN-10-015
Disclosure date : March 20, 2010
2009-03-26: Disclosed to Public (no more playing nice)
--
BugsNotHugs
Shared Vulnerability Disclosure Account
Yes, and there is a reason for it. In 99% I use advanced responsible
disclosure approach for informing admins and web developers about
vulnerabilities. But in this time I used responsible full disclosure. I
wrote in details about all disclosure policies (including these ones) in my
article "Hacking of web sites, security researches, disclosure and
legislation" in part 4 "Vulnerability disclosure"
(http://websecurity.com.ua/articles/security_researches_and_legislation/eng/).
It's because earlier I already disclosed details (at my site and to security
lists) of vulnerabilities in CaptchaSecurityImages (a captcha script which
is used in this CMS, as in many other CMS and web applications). So there
Credit
--------
These vulnerabilities were discovered and exploited by Eyal Udassin from C4
Security (http://www.c4-security.com).
We would like to thank Rockwell Automation and CERT for their professional
handling of the vulnerability disclosure process.
C4 Security is a leader in SCADA security reviews, auditing and penetration
testing.
| http://www.corelan.be:8800 |
| security@corelan.be |
| |
|-------------------------------------------------[ EIP Hunters ]--|
| |
| Vulnerability Disclosure Report |
| |
|------------------------------------------------------------------|
Advisory : CORELAN-10-004
Disclosure date : Jan 12, 2010
Description, Color, Miles
***
BugsNotHugs
Shared Vulnerability Disclosure Account
Date: 2011-October-20
Security risk: Critical
Vulnerability: Remote root command execution
Researcher: Tavaris Desamito
Vendor Status: Notified, Patch available
Vulnerability Disclosure Policy:
https://www.trustmatta.com/advisories/matta-disclosure-policy-01.txt
Permanent URL:
https://www.trustmatta.com/advisories/MATTA-2011-003.txt
=====================================================================
chinese apt can make symlink point to any system file during race and win race!
--
BugsNotHugs
Shared Vulnerability Disclosure Account
I am operations manager for ZERT, and for me, this is indeed at the very
heart of the matter. How you define this silliness is directly linked to
how you do two of the most essential parts of security:
1. Vulnerability disclosure - for researchers.
2. Incident response - for.. responders.
If a vulnerabiliy is fully disclosed, unpatched, being actively exploited,
etc. caused real confusion, and non of us, or any of the written material,
2009-01-14 - Due to lack of appropriate, timely response, additional insight
contained above and general concern for users of these devices
unknowingly being exposed in this way, this information has been
publicly disclosed. Hopefully as WowWee forays into more
networked-enabled consumer devices they will provide proper
channels and handling for vulnerability disclosure.
Vendor provided fix: None
Workarounds: None available at this time, design flaw. Discontinue use of this product until a stable patch is released.
[--Disclosure Policy--]
PrinceofNigeria.org Vulnerability Disclosure Policy
http://www.princeofnigeria.org/blogs/index.php/vulndev/vulnreleasepolicy/?blog=1
[--Disclosure History--]
Public disclosure date: January 14, 2009
| http://www.corelan.be:8800 |
| security@corelan.be |
| |
|-------------------------------------------------[ EIP Hunters ]--|
| |
| Vulnerability Disclosure Report |
| |
|------------------------------------------------------------------|
Advisory : CORELAN-10-010
Disclosure date : February 8th, 2010
Apache.
It was decided to continue to report this as a Tomcat vulnerability until such
time as the JVM vendors had released fixed versions.
Unfortunately, the release of fixed JVMs and associated vulnerability disclosure
has not been co-ordinated. There has been some confusion within the user
community as to the nature and root cause of CVE-2008-2938. Therefore, the
Apache Tomcat Security Team is issuing this update to clarify the situation.
Mitigation:
Next Page>>
|
