1. Cloud SSO is vuln to unauthed XSS in the authentication audit form:
2.
1. https://twitter.com/BrandonPrry/status/445969380656943104
2.
1.
2. McAfee Asset Manager v6.6 multiple vulnerabilities
3.
4. http://www.mcafee.com/us/products/asset-manager.aspx
5.
6.
If you were evil, you could upload huge blobs and just take up space on the
google servers. Who knows what will happen if you upload a couple hundred gigs
of files. They dont disappear, they are just unretrievable afaict. It is a
security risk in the sense that untrusted data is being persisted
if you consider the data amount, but
without all the unrestricted shouts and academic vulnerabilities.
2014-03-13 18:33 GMT+01:00 Brandon Perry bperry.volat...@gmail.com:
If you were evil, you could upload huge blobs and just take up space on the
google servers. Who knows what will happen
1 POST /modx/connectors/lang.js.php HTTP/1.1
2 Host: 192.168.1.70
3 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:26.0)
Gecko/20100101 Firefox/26.0
4 Accept: */*
5 Accept-Language: en-US,en;q=0.5
6 Accept-Encoding: gzip, deflate
7 Referer:
The author of the email to the oss-sec says he isn't sure if the linked
commit fixes the issue and it should.
You can exploit this possibly using a blind time or boolean sqli. This is
me just playing around after doing some code analysis. Possibly other
connectors are affected? No idea about
Sorry, oss-sec link:
http://seclists.org/oss-sec/2014/q1/532
On Sat, Mar 8, 2014 at 11:24 AM, Brandon Perry bperry.volat...@gmail.comwrote:
The author of the email to the oss-sec says he isn't sure if the linked
commit fixes the issue and it should.
You can exploit this possibly using
IN
({$this-defaultRootId})) 0,
On Sat, Mar 8, 2014 at 11:24 AM, Brandon Perry bperry.volat...@gmail.comwrote:
Sorry, oss-sec link:
http://seclists.org/oss-sec/2014/q1/532
On Sat, Mar 8, 2014 at 11:24 AM, Brandon Perry
bperry.volat...@gmail.comwrote:
The author of the email to the oss-sec
1. The people losing their bitcoins from hacks were amateurs at software
engineering.
2. One of bitcoins greatest purported strengths (anonymity) is becoming a
severe weakness because you cant easily track down who stole the bits.
3. I dont think any of this is a result of bugs in bitcoin.
Currently, passing \0, \r, or \n into a URL that is passed to redirect_to
has Rails gsub'ing them out of the URL before completing the redirect.
A programmer that doesn't realise this is happening could easily write a
regex and logic that says if url starts with https:// or http:// fail or
else
in to location headers. In my view it should raise
an exception if not a valid URI.
Sent from Samsung Mobile
Original message
From: Brandon Perry bperry.volat...@gmail.com
Date:
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] Rails and redirections
FWIW this particular line has been present since early 2012.
f52ad6cf actionpack/lib/action_controller/metal/redirecting.rb (Aaron
Patterson 2012-03-15 14:56:50 -0700 106)
end.gsub(/[\0\r\n]/, '')
On Thu, Mar 6, 2014 at 7:11 PM, Brandon Perry bperry.volat...@gmail.comwrote:
I
Hi,
Here is an aux mod that exploits CVE-2014-2238 and reads a file off the FS.
Requires admin creds afaict.
https://gist.github.com/brandonprry/9330240
--
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
I, for one, believe lumberjack skills are a must have for anyone entering the
workforce today. The ability to hack trees down swiftly and efficiently is
something i am not willing to train my employees to do. I fully expect our
school systems to cover this in enough detail that, as an employer,
On version 11.01 of Sonicwall scrutinizer (downloaded at www.mysonicwall.com),
it seems that the problem was not actually fixed? The open upload handler
still exists, but it fails on the move_uploaded_file line because the
directory that it attempts to move the file to (on linux at least) does not
liek hey guyz
I found this and don't know what to do with it, so here you go. Needs
admin creds.
An admin can run commands on Barracuda Load Balancers by using a
specially crafted NTP server. These are run in the context of the root user.
https://gist.github.com/brandonprry/8947140
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1610
It states that authentication is required to exploit this and this is not
true.
What does require authentication usually is uploading the file. If there is
already a djvu file that has been uploaded by another user, you do not need
I think the only way to solve this debate is a Celebrity Deathmatch-style
stand off.
I will get the petition ready on https://wwws.whitehouse.gov/petitions.
Stay tuned.
On Fri, Jan 24, 2014 at 9:05 AM, David Kennedy da...@derbycon.com wrote:
Y, whats up. This dude is crazy and probably
:03 PM, David Kennedy da...@derbycon.com wrote:
As long as it involves the death star creation we may have a chance..
On Jan 26, 2014 9:57 PM, Brandon Perry bperry.volat...@gmail.com
wrote:
I think the only way to solve this debate is a Celebrity Deathmatch-style
stand off.
I will get
That is the obvious way to reduce DB calls when authenticating.
Duh.
On 12/26/2013 03:55 AM, PsychoBilly wrote:
[[ Henri Salo ]] @ [[ 24/12/2013 18:33
]]--
On Tue, Dec 24, 2013 at 11:26:15AM +0100, joernchen wrote:
A rather informal
McAfee Email Gateway 7.6 multiple vulnerabilities
http
http://www.mcafee.com/us/products/email-gateway.aspx://http://www.mcafee.com/us/products/email-gateway.aspx
www
http://www.mcafee.com/us/products/email-gateway.aspx.http://www.mcafee.com/us/products/email-gateway.aspx
mcafee
So, playing around with my new handy-dandy iPhone 5s, enabled a strong
passcode 20 characters long.
I notice however, if I use TouchID to login while on the passcode screen
(slide over to it after unlocking, then log in with TouchID), ~10
characters are entered into the passcode text box before
21 matches
Mail list logo