Home page logo
/
fulldisclosure logo
Full Disclosure Mailing List

A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.

List Archives

JanFebMarAprMayJunJulAugSepOctNovDec
201782
201610012897937579891398510316288
201513410116511513311212686121115111129
201419427343432521317416789115135103138
2013282162290263227259277303187294222224
2012611477390382323428394393210277236280
2011584687439561572565367393370995466511
2010637502564453408631417445414523342696
2009979380465318282291550455421339386502
2008615496600821681403591559639531739634
2007593629573744555661662530709935582641
200699274018658657891058770771578678545493
2005939676950666678437766107889067710651531
200413581534149911531451103113701314109111741424731
200350540529650042189212511942176318061123782
2002314835685381456313

Latest Posts

BSidesHannover 2017! Daniel Busch (Jan 30)
________________________________

Hi Folks,

We will have a Security BSides in Hannover again this year, date march 19th.

CFP is open and runs until march 10th ->

Please the website bsideshannover.de for more details !

Kindly note our new Twitter account: @BSides_HN_2017

On behalf of the BSides Hannover Team,

Daniel

New BlackArch Linux ISOs (2017.01.28) released! Black Arch (Jan 30)
Dear list,

We've released the new BlackArch Linux ISOs along with many
improvements. They include more than 1620 tools now. The armv6h,
armv7h and aarch64 repositories are filled with about 1550 tools.

A short ChangeLog of the Live-ISOs:

- add 20 new tools
- update blackarch installer to 0.3.2 (bugfixes)
- fix shadow permissions (thx to ldionmarcil)
- fix f*cking ruby tools (wpscan, metasploit, etc.)
- include linux kernel...

SEC Consult SA-20170130-0 :: XSS & CSRF in multiple Ubiquiti Networks products SEC Consult Vulnerability Lab (Jan 30)
SEC Consult Vulnerability Lab Security Advisory < 20170130-0 >
=======================================================================
title: XSS & CSRF vulnerabilities
product: Multiple Ubiquiti Networks products, e.g.
TS-16-CARRIER, TS-5-POE, TS-8-PRO, AG-HP-2G16,
AG-HP-2G20, AG-HP-5G23, AG-HP-5G27, AirGrid M,
AirGrid M2, AirGrid M5, AR, AR-HP,...

Persistent Cross-Site Scripting vulnerability in User Access Manager WordPress Plugin Summer of Pwnage (Jan 28)
------------------------------------------------------------------------
Persistent Cross-Site Scripting vulnerability in User Access Manager
WordPress Plugin
------------------------------------------------------------------------
Burak Kelebek, July 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A persistent Cross-Site Scripting...

Multiple blind SQL injection vulnerabilities in FormBuilder WordPress Plugin Summer of Pwnage (Jan 28)
------------------------------------------------------------------------
Multiple blind SQL injection vulnerabilities in FormBuilder WordPress
Plugin
------------------------------------------------------------------------
Burak Kelebek, July 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
Multiple blind SQL injection vulnerabilities...

Cross-Site Request Forgery vulnerability in FormBuilder WordPress Plugin allows plugin permissions modification Summer of Pwnage (Jan 28)
------------------------------------------------------------------------
Cross-Site Request Forgery vulnerability in FormBuilder WordPress Plugin
allows plugin permissions modification
------------------------------------------------------------------------
Burak Kelebek, July 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A...

Privilege Escalation in VirtualBox (CVE-2017-3316) Wolfgang (Jan 27)
Privilege Escalation in VirtualBox (CVE-2017-3316)

== [ Overview ] ===

System affected: VirtualBox
Software-Version: prior to 5.0.32, prior to 5.1.14
User-Interaction: Required
Impact: A Man-In-The-Middle could infiltrate an
Extension-Pack-Update to gain a root-shell

=== [ Detailed description ] ===

In my research about update mechanism of open-source software I found
vulnerabilities in Oracle's VirtualBox. It's...

Digital Ocean ssh key authentication security risk -- password authentication is re-enabled Daniel Elebash (Jan 27)
Regarding digitalocean.com cloud computing.

PasswordAuthentication is reset to yes in /etc/ssh/sshd_config when using ssh key authentication given the following
scenario:

When creating a new droplet from a snapshot where ssh key authentication "PasswordAuthentication" in
/etc/ssh/sshd_config was previosly set to no, "PasswordAuthentication" is reset to yes.

I am not sure how common this scenario is but for me I often...

Call for Papers: DigitalSec2017 in Kuala Lumpur, Malaysia on July 11-13, 2017 Sandra Evans (Jan 26)
------------------------------------------
CALL FOR PAPERS DigitalSec2017 - Malaysia
------------------------------------------

You are invited to participate in The Fourth International Conference on
Digital Security and Forensics (DigitalSec2017) that will be held in Kuala
Lumpur, Malaysia, on July 11-13, 2017. The event will be held over three
days, with presentations delivered by researchers from the international
community, including...

InfiniteWP Client WordPress Plugin unauthenticated PHP Object injection vulnerability Summer of Pwnage (Jan 25)
------------------------------------------------------------------------
InfiniteWP Client WordPress Plugin unauthenticated PHP Object injection
vulnerability
------------------------------------------------------------------------
Yorick Koster, June 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A PHP Object injection vulnerability...

CMS Commander Client WordPress Plugin unauthenticated PHP Object injection vulnerability Summer of Pwnage (Jan 25)
------------------------------------------------------------------------
CMS Commander Client WordPress Plugin unauthenticated PHP Object
injection vulnerability
------------------------------------------------------------------------
Yorick Koster, June 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A PHP Object injection...

Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability Summer of Pwnage (Jan 25)
------------------------------------------------------------------------
Google Forms WordPress Plugin unauthenticated PHP Object injection
vulnerability
------------------------------------------------------------------------
Yorick Koster, June 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A PHP Object injection vulnerability was...

Re: Executable installers are vulnerable^WEVIL (case 46): Pelles C allows arbitrary code execution Stefan Kanthak (Jan 24)
"Ding Dong" <dingdongloop () gmail com> wrote:

Please stop top posting and full quotes!

Run "NTSD.exe setup.exe" and see which DLLs Windows loads, and how
they are loaded.
Rename setup.exe to something.exe, run "NTSD.exe something.exe" and
compare the results.

JFTR: NTSD.exe was shipped with Windows NT5.x; in newer versions you
have to install the debugging tools.

If you want to run without debugger:...

APPLE-SA-2017-01-23-7 iTunes for Windows 12.5.5 Apple Product Security (Jan 24)
APPLE-SA-2017-01-23-7 iTunes for Windows 12.5.5

iTunes for Windows 12.5.5 is now available and addresses the
following:

WebKit
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved memory handling.
CVE-2017-2354: Neymar of Tencent's Xuanwu Lab (tencent.com) working
with Trend Micro's Zero Day Initiative

WebKit
Impact:...

WD My Cloud Mirror 2.11.153 RCE and Authentication Bypass Kacper Szurek (Jan 24)
# Exploit Title: WD My Cloud Mirror 2.11.153 RCE and Authentication Bypass
# Date: 24.01.2017
# Software Link: https://www.wdc.com
# Exploit Author: Kacper Szurek
# Contact: https://twitter.com/KacperSzurek
# Website: https://security.szurek.pl/
# Category: local

1. Description

It’s possible to execute arbitrary commands using login form because
`exec()` function is used without `escapeshellarg()`.

It's possible to bypass login form...

More Lists

Dozens of other network security lists are archived at SecLists.Org.


[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]