[Full-disclosure] NEW VMSA-2013-0010 VMware Workstation host privilege escalation vulnerability

2013-08-22 Thread VMware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - --- VMware Security Advisory Advisory ID: VMSA-2013-0010 Synopsis:VMware Workstation host privilege escalation vulnerability Issue date: 2013-08-22 Updated o

Re: [Full-disclosure] [DAHAX-2013-001] Cloudflare XSS Vulnerability

2013-08-22 Thread andfarm
On 2013-08-22, at 12:02, Ryan Dewhurst wrote: > I presume you could use CSRF and then XMLHttpRequest to set the > X-Forwarded-For and > User-Agent header. XMLHttpRequest cannot set those headers for a cross-origin request. So you could only attack your own site that way.

Re: [Full-disclosure] [DAHAX-2013-001] Cloudflare XSS Vulnerability

2013-08-22 Thread Ryan Dewhurst
I presume you could use CSRF and then XMLHttpRequest to set the X-Forwarded-For and User-Agent header. The user would not need to modify anything, just visit a page that you control/ed. On Thu, Aug 22, 2013 at 8:43 PM, wrote: > ** > > That's a nice trick and all, but I don't see how it's valua

Re: [Full-disclosure] [DAHAX-2013-001] Cloudflare XSS Vulnerability

2013-08-22 Thread xnite
That's a nice trick and all, but I don't see how it's valuable. In order to trigger the XSS you need to modify your browser headers, therefore any victim who you are trying to get to a page to execute your XSS would need to also modify THEIR browser headers. I don't see how this is any thing

[Full-disclosure] CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework

2013-08-22 Thread Pivotal Security Team
Severity: Important Vendor: Spring by Pivotal Versions Affected: - 3.0.0 to 3.2.3 (Spring OXM & Spring MVC) - 4.0.0.M1 (Spring OXM) - 4.0.0.M1-4.0.0.M2 (Spring MVC) - Earlier unsupported versions may also be affected Description: The Spring OXM wrapper did not expose any property for disabling e

[Full-disclosure] [DAHAX-2013-001] Cloudflare XSS Vulnerability

2013-08-22 Thread Glenn Grant
Details below of an XSS vulnerability I discovered in Cloudflare (markdown format) - Glenn | /dev/alias * http://blog.devalias.net * http://devalias.net - **Reference Number:** DAHAX-2013-001 (/dev/alias/hacks 2013-001) **Notification Timeline:** * 10/07/2013, Request# 38713 ( https://supp

[Full-disclosure] CVE-2013-4099 - JOAL 2.0-rc11 - Multiple Remote Code Execution Vulnerabilities

2013-08-22 Thread FuzzMyApp Disclosure
0. Introduction Vendor description: The JOAL Project hosts a reference implementation of the Java bindings for OpenAL API, and is designed to provide hardware-supported 3D specialized audio for games written in Java. 1. Affected software JOAL 2.0-rc11 2. Vulnerability FuzzMy

[Full-disclosure] [ MDVSA-2013:215 ] cacti

2013-08-22 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:215 http://www.mandriva.com/en/support/security/ __

[Full-disclosure] ... my LKM stuff!

2013-08-22 Thread x90c
waz up! It's my LKM stuff in 2004 with on efnet I designed the LKM for a linux kernel protection It's just an project release unnecessary! see the manual firstly, Interesting! x90c syswatch_0.0.2.tgz Description: GNU Zip compressed data ___ Full-Discl