PHP LiteSpeed SAPI secret key improper disposal

2016-01-25 Thread Imre RAD
In suEXEC_Daemon mode of the LiteSpeed web server spawns one PHP master process during startup. It is running as root and accepts LSAPI requests, which in turn specify what user under the script should run. The LSAPI request is authenticated with a MAC, which is based on preshared random key betwee

PHP-FPM fpm_log.c memory leak and buffer overflow

2016-01-25 Thread Imre RAD
The FastCGI Process Manager (FPM) SAPI of PHP was vulnerable to memory leak and buffer overflow in the access logging feature. PHP-FPM offers customization of the access log lines based on format string variables which can be specified with the access.format option of the FPM configuration file. T

Remote shutdown vulnerability in Buffalo NAS (Linkstation 420)

2016-01-25 Thread zemnmez
The Buffalo NAS device includes a web interface located at its IP address. A shutdown of the device can be initiated without confirmation by loading the endpoint /shutdown.html on this address. This shutdown powers off the device, requiring physical access to restart. The shutdown webpage has n

ZyXel WAP3205 v1 Multiple XSS

2016-01-25 Thread graphx
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 #Vendor: ZyXel WAP3205 - version 1 (Product is EOL and no patch forthcoming) #Firmware version: V1.00(BFR.6) - V1.00(BFR.8)C0 #Exploit Author: Nicholas Lehman @GraphX #Vulnerability: Multiple persistent and reflected XSS vulnerabilities Descriptio

HP ToComMsg DLL side loading vulnerability

2016-01-25 Thread Securify B.V.
HP ToComMsg DLL side loading vulnerability Yorick Koster, September 2015 Abstr

LEADTOOLS ActiveX control multiple DLL side loading vulnerabilities

2016-01-25 Thread Securify B.V.
LEADTOOLS ActiveX control multiple DLL side loading vulnerabilities Yorick Koster, September 2015 -

HP LaserJet Fax Preview DLL side loading vulnerability

2016-01-25 Thread Securify B.V.
HP LaserJet Fax Preview DLL side loading vulnerability Yorick Koster, September 2015 --

XMB - eXtreme Message Board v1.9.11.13 Weak Crypto

2016-01-25 Thread hyp3rlinx
[+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/XMB-WEAK-CRYPTO.txt Vendor: == xmbforum2.com Product: == XMB - eXtreme Message Board v1.9.11.13 XMB forum software is open sour

imageone Cms Multiple vulnerabilities

2016-01-25 Thread iedb . team
Sql and Xss vulnerability in imageone Cms All Version # # # @@@@@@@ @@@@@ @@@ # @@@@@@@@@ @@ @@@ @@@@@ # @@@@@@@@@@@

[SECURITY] [DSA 3452-1] claws-mail security update

2016-01-25 Thread Ben Hutchings
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3452-1 secur...@debian.org https://www.debian.org/security/Ben Hutchings January 23, 2016

imageone Cms Multiple vulnerabilities

2016-01-25 Thread iedb . team
Sql and Xss vulnerability in imageone Cms All Version # # # @@@@@@@ @@@@@ @@@ # @@@@@@@@@ @@ @@@ @@@@@ # @@@@@@@@@@@