[Full-disclosure] JSON-RPC Cross-Site Request Forgery little exploitation trick

Hi, During penetration-test contract, we came across CSRF in JSON-RPC based web application. Brief google search revealed some people saying that CSRF in JSON is hard to exploit, and that these vulnerabilities can be ignored. In fact, it's not that hard to exploit... Here is how we exploited it

[Full-disclosure] [SECURITY] [DSA 2556-1] icedove security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2556-1 secur...@debian.org http://www.debian.org/security/Nico Golde October 07, 2012

[Full-disclosure] [SECURITY] [DSA 2557-1] hostapd security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2557-1 secur...@debian.org http://www.debian.org/security/Nico Golde October 08, 2012

[Full-disclosure] [PRE-SA-2012-07] hostapd: Missing EAP-TLS message length validation

PRE-CERT Security Advisory == * Advisory: PRE-SA-2012-07 * Released on: 8 October 2012 * Affected product: Hostapd 0.6 - 1.0 * Impact: denial of service * Origin: specially crafted EAP-TLS messages * CVSS Base Score: 7.8 Impact Subscore: 6.9 Exploitability Subscore:

Re: [Full-disclosure] Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2

On Tue, Oct 02, 2012 at 07:16:11AM +0100, Scott Herbert wrote: > - > Affected products: > - > > Product : Zenphoto 1.4.3.2 (and maybe older) fixed in 1.4.3.3 > Affected function:printPublishIconLink > > -- > Details: > --

[Full-disclosure] Endpoint Protector v4.0.4.0 - Multiple Web Vulnerabilities

Title: == Endpoint Protector v4.0.4.0 - Multiple Web Vulnerabilities Date: = 2012-10-01 References: === http://www.vulnerability-lab.com/get_content.php?id=571 VL-ID: = 571 Common Vulnerability Scoring System: 5 Introduction: ==

[Full-disclosure] Paypal BugBounty #5 - Persistent Web Vulnerability

Title: == Paypal BugBounty #5 - Persistent Web Vulnerability Date: = 2012-10-03 References: === http://www.vulnerability-lab.com/get_content.php?id=639 VL-ID: = 639 Common Vulnerability Scoring System: 3.3 Introduction:

[Full-disclosure] Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites

Title: == Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites Date: = 2012-10-02 References: === http://www.vulnerability-lab.com/get_content.php?id=710 VL-ID: = 710 Common Vulnerability Scoring System: 8.3 Introduction:

[Full-disclosure] GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities

Title: == GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities Date: = 2012-09-30 References: === http://www.vulnerability-lab.com/get_content.php?id=579 VL-ID: = 579 Common Vulnerability Scoring System: 4 Introduction:

[Full-disclosure] [SECURITY] [DSA 2558-1] bacula security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2558-1 secur...@debian.org http://www.debian.org/security/ Raphael Geissert October 08, 2012

Re: [Full-disclosure] Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2

Well chalk this one up to another learning experience for a novice bug hunter, I took the vendors word that it was fixed and didn't check myself. I've BCC'ed in my contact with zenphoto, so they are aware. And to my knowledge this issue doesn't currently have a CVE. Bugger! > -Original Mess