Hi,
During penetration-test contract, we came across CSRF in JSON-RPC based
web application.
Brief google search revealed some people saying that CSRF in JSON is hard
to exploit, and that these vulnerabilities can be ignored.
In fact, it's not that hard to exploit...
Here is how we exploited it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2556-1 secur...@debian.org
http://www.debian.org/security/Nico Golde
October 07, 2012
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2557-1 secur...@debian.org
http://www.debian.org/security/Nico Golde
October 08, 2012
PRE-CERT Security Advisory
==
* Advisory: PRE-SA-2012-07
* Released on: 8 October 2012
* Affected product: Hostapd 0.6 - 1.0
* Impact: denial of service
* Origin: specially crafted EAP-TLS messages
* CVSS Base Score: 7.8
Impact Subscore: 6.9
Exploitability Subscore:
On Tue, Oct 02, 2012 at 07:16:11AM +0100, Scott Herbert wrote:
> -
> Affected products:
> -
>
> Product : Zenphoto 1.4.3.2 (and maybe older) fixed in 1.4.3.3
> Affected function:printPublishIconLink
>
> --
> Details:
> --
Title:
==
Endpoint Protector v4.0.4.0 - Multiple Web Vulnerabilities
Date:
=
2012-10-01
References:
===
http://www.vulnerability-lab.com/get_content.php?id=571
VL-ID:
=
571
Common Vulnerability Scoring System:
5
Introduction:
==
Title:
==
Paypal BugBounty #5 - Persistent Web Vulnerability
Date:
=
2012-10-03
References:
===
http://www.vulnerability-lab.com/get_content.php?id=639
VL-ID:
=
639
Common Vulnerability Scoring System:
3.3
Introduction:
Title:
==
Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites
Date:
=
2012-10-02
References:
===
http://www.vulnerability-lab.com/get_content.php?id=710
VL-ID:
=
710
Common Vulnerability Scoring System:
8.3
Introduction:
Title:
==
GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities
Date:
=
2012-09-30
References:
===
http://www.vulnerability-lab.com/get_content.php?id=579
VL-ID:
=
579
Common Vulnerability Scoring System:
4
Introduction:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2558-1 secur...@debian.org
http://www.debian.org/security/ Raphael Geissert
October 08, 2012
Well chalk this one up to another learning experience for a novice bug
hunter, I took the vendors word that it was fixed and didn't check myself.
I've BCC'ed in my contact with zenphoto, so they are aware.
And to my knowledge this issue doesn't currently have a CVE.
Bugger!
> -Original Mess
11 matches
Mail list logo