Advisory:
|
KnFTPd 1.0.0 ‘FEAT’ DoS vulnerability
|
Advisory ID: |
SSCHADV2012-011 |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on KnFTPd 1.0.0 |
Vendor URL: |
|
Vendor Status: |
informed
|
EDB-ID:
|
18671
|
======================
Vulnerability Description
======================
The KnFTPd 1.0.0 ‘FEAT’ command is prone to DoS vulnerability
Continue reading "SSCHADV2012-011 - KnFTPd 1.0.0 'FEAT' DoS vulnerability"
Advisory:
|
WordPress plugin ‘WordPress Integrator 1.32’ XSS vulnerability
|
Advisory ID: |
SSCHADV2012-010 |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on WordPress Integrator 1.32 |
Vendor URL: |
|
Vendor Status: |
informed
|
OSVDB ID:
|
80628
|
======================
Vulnerability Description
======================
The WordPress plugin ‘WordPress Integrator 1.32’ is prone to Cross-Site scripting vulnerability
Continue reading "SSCHADV2012-010 - WordPress plugin 'WordPress Integrator 1.32' XSS vulnerability"
Advisory:
|
Star Wars Old Republic – SWTOR Char DB 1.8b Multiple security vulnerabilities
|
Advisory ID: |
SSCHADV2012-009 |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on Star Wars Old Republic – SWTOR Char DB 1.8b |
Vendor URL: |
|
Vendor Status: |
fixed
|
OSVDB ID:
|
80841, 80842
|
======================
Vulnerability Description
======================
SWTOR Char DB 1.8b is prone to multiple security vulnerabilities
Continue reading "SSCHADV2012-009 - Star Wars Old Republic - SWTOR Char DB 1.8b Multiple security vulnerabilities"
Advisory:
|
CMSimple_XH 1.5.2 Cross-site Scripting vulnerability
|
Advisory ID: |
SSCHADV2012-008 |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on CMSimple_XH 1.5.2 |
Vendor URL: |
|
Vendor Status: |
fixed
|
CVE-ID: |
CVE-2012-1914
|
======================
Vulnerability Description
======================
CMSimple_XH 1.5.2 is prone to a Cross-site Scripting vulnerability
Continue reading "SSCHADV2012-008 - CMSimple_XH 1.5.2 Cross-site Scripting vulnerability"
Advisory:
|
PHP Address Book 6.2.12 Multiple security vulnerabilities
|
Advisory ID: |
SSCHADV2012-007 |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on PHP Address Book 6.2.12 |
Vendor URL: |
|
Vendor Status: |
informed
|
EDB-ID: |
18578 |
CVE-ID:
|
CVE-2012-1911, CVE-2012-1912
|
======================
Vulnerability Description
======================
PHP Address Book 6.2.12 is prone to multiple XSS and SQL-Injection vulnerabilities
Continue reading "SSCHADV2012-007 - PHP Address Book 6.2.12 Multiple security vulnerabilities"
In this short video I will show you, how you can build a backdoor in OpenSSH 5.9
Steps
1. Define the backdoor password in auth.h
2. Edit the auth-passwd.c file and set the backdoor into it
3. Set integer ‘backdoorActive’ in log.h
4. Disable logging for the backdoor login in log.c
5. Compile
6. Test the backdoor :-) |
Continue reading "[Video] - Build a backdoor in OpenSSH 5.9"