This whitepaper documents shortcomings in various popular web application firewalls (WAFS) and how to trigger cross site scripting attacks regardless of the protections in place. Covered are F5 Big IP, Imperva Incapsula, AQTRONIX WebKnight, PHP-IDS, Mod-Security, Sucuri, QuickDefense, and Barracuda WAF.
c38f62eb042bf845f286dc56c557e0a4422de464a3d9658b8fd2d013a1a708c2
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
68ed6b386ba78425b05a60e8ee22785ff0fef190bdc6f1c612f19a58819d4ac9
RSA Identity Management and Governance contains fixes for cross site scripting vulnerabilities that may potentially be exploited by malicious users to compromise the affected system. All versions are RSA IMG are affected by CVE-2015-4539. Versions prior to 6.9.1 P6 and 6.8.1 P18 are affected by CVE-2015-4540.
e959e55976a5e496a92a7eff60c3c1ef4c1ef7300a1ecca9ac7aadbae5851084
Ubuntu Security Notice 2738-1 - It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.
a930e4570ab20c53e70b727a93dd7fc250e1e1c0a5a1d3d6c835b09cbb64ef42
Ubuntu Security Notice 2737-1 - It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.
2c28d01d683933b1074e5a7999689400ed326d3219d1b6100a0ba98626b9669d
HP Security Bulletin HPSBOV03506 1 - A potential security vulnerability has been identified with TCP/IP Services for OpenVMS running BIND. The vulnerability could be remotely exploited to cause a Denial of Service (DoS). Revision 1 of this advisory.
697a636a6d3aecc307d2f528b38ae8b2c5eb11f5f8497127186beae05657ab43
Debian Linux Security Advisory 3354-1 - Frediano Ziglio of Red Hat discovered a race condition flaw in spice's worker_update_monitors_config() function, leading to a heap-based memory corruption. A malicious user in a guest can take advantage of this flaw to cause a denial of service (QEMU process crash) or, potentially execute arbitrary code on the host with the privileges of the hosting QEMU process.
caab0b2f4da7f8568fd006270bd9ea0fc01b713fc7834cb9e91257c591db3739
75 bytes small Linux/x86 execve("/bin/cat", ["/bin/cat", "/etc/passwd"], NULL) shellcode.
4aa30e89272e73130897778817a9290a8072019bacbd12fcbfd2381ff9a1d45b
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.
aa324e789a7f9b0cddf53ed241f9d964507965bd45adcf6a5159123718a138d2
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.
b6d8f3a9632ab99bae4097084df74efd2321c22182aff3a119dd1e69ecc69a63
Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
d8b99673a5024630f6bae820c4f8c3ca9029f1167f9e5729c914c66e1fc7c8f6
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.
b5eb66232d133c58a780ad5b2044ce17c8987ba87aceed63cc492aa1f1620dd7
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
ae57c8a21c2d227c1da015994adc64253f0e248b89f387015b92bfbd5c8afc05
The Qlikview platform is vulnerable to XML External Entity (XXE) vulnerabilities. More specifically, the platform is susceptible to DTD parameter injections, which are also "blind" as the server feeds back no visual response. These vulnerabilities can be exploited to force Server Side Request Forgeries (SSRF)in multiple protocols, as well as reading and extracting arbitrary files on the server directly. Version 11.20 SR4 is vulnerable.
a5ff2a5356848862e8dae59e2e7566e7cec347863f2849477e43814c9500de31
Autoexchanger version 5.1.0 suffers from a cross site request forgery vulnerability.
eae47dcd23bed6bb9002f1b6fd5dec820fbf7300e7e4d7160308d169fee161be
The Windows Kernel is subject to a kernel-mode type-confusion vulnerability inside win32k!NtUserSetInformationThread due to referencing a user-mode handle via ObReferenceObjectByHandle with a "NULL" type specified (it should instead be using *LpcPortObjectType to protect against this vulnerability). This vulnerability can be triggered from inside CSRSS via the syscall win32k!NtUserSetInformationThread with ThreadInformationClass set to "UserThreadCsrApiPort" and the parameter of the syscall set to a HANDLE that is not an LPC object.
f08ca467d2241babc70e51da65057abb65b9ecf85249b35405cfc513910c45d6
DirectAdmin web control panel version 1.483 suffers from cross site request forgery and cross site scripting vulnerabilities.
bb8b0abf6ab6880c873e46a45a1b98526ad3e04189950fc9b7cc901bfa9b7367