Summary=======The operating system used by Pexip Infinity does not create unique SSHhost keys on deployment of new Management and Conferencing Nodes, usingfixed host keys instead. Host keys are used to verify the identity ofthe remote host when connecting to it over SSH. These keys are containedin the publicly available software image.An attacker with privileged network access may make use of these keys tospoof the identity of a Pexip Infinity installation or conductman-in-the-middle attacks on administrative SSH sessions. This maypermit the attacker access to credentials used to authenticate sessionsover SSH and provide shell access to the affected systems.This issue is resolved in Pexip Infinity version 8.References=========CVE-2014-8779http://pexip.com/security-bulletins
Information------------Advisory by NetsparkerName: XSS Vulnerability in Blubrry PowerPressAffected Software : Blubrry PowerPressAffected Versions: 6.0 and possibly belowVendor Homepage : https://wordpress.org/plugins/powerpress/Vulnerability Type : Cross-site ScriptingSeverity : ImportantCVE-ID: CVE-2015-1385Netsparker Advisory Reference : NS-15-001Description-----------By exploiting a Cross-site scripting vulnerability the attacker canhijack a logged in user?s session. This means that the malicioushacker can change the logged in user?s password and invalidate thesession of the victim while the hacker maintains access. As seen fromthe XSS example in this article, if a web application is vulnerable tocross-site scripting and the administrator?s session is hijacked, themalicious hacker exploiting the vulnerability will have full adminprivileges on that web application.Netsparker finds and reports security issues and vulnerabilities suchas SQL Injection and Cross-site Scripting (XSS) in all websites andweb applications regardless of the platform and the technology theyare built on. Netsparker's unique detection and exploitationtechniques allows it to be dead accurate in reporting hence it's thefirst and the only False Positive Free web application securityscanner.--------------------Proof of Concept URLs for XSS in Blubrry PowerPress WordPress plugin:/wp-admin/admin.php?page=powerpress/powerpressadmin_
categoryfeeds.php&action=powerpress-editcategoryfeed&cat=1';"--></style></scRipt><scRipt>alert(0x014068)</scRipt>
For more information on cross-site scripting vulnerabilities read the
following article on Cross-site Scripting (XSS) -
https://www.netsparker.com/web-vulnerability-scanner/vulnerability-security-checks-index/crosssite-scripting-xss/
Advisory Timeline
--------------------
22/01/2015 - First Contact
26/01/2015 - Vulnerability fixed
29/01/2015 - Advisory released
Solution
--------------------
Download version 6.0.1 which includes fix for this vulnerability.
Credits & Authors
--------------------
These issues have been discovered by Omar Kurt while testing
Netsparker Web Application Security Scanner -
https://www.netsparker.com/web-vulnerability-scanner/
About Netsparker
--------------------
Netsparker finds and reports security issues and vulnerabilities such
as SQL Injection and Cross-site Scripting (XSS) in all websites and
web applications regardless of the platform and the technology they
are built on. Netsparker's unique detection and exploitation
techniques allows it to be dead accurate in reporting hence it's the
first and the only False Positive Free web application security
scanner. For more information visit our website on
https://www.netsparker.com
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
EMC Identifier: ESA-2015-002
CVE Identifier: CVE-2013-1899, CVE-2013-1900, CVE-2013-1901, CVE-2013-1902, CVE-2012-5885, CVE-2011-3389, CVE-2013-1767, CVE-2012-2137, CVE-2012-6548, CVE-2013-1797, CVE-2013-0231, CVE-2013-1774, CVE-2013-1848, CVE-2013-0311, CVE-2013-2634, CVE-2013-0268, CVE-2013-0913,CVE-2013-1772, CVE-2013-0216, CVE-2013-1792, CVE-2012-6549, CVE-2013-2635, CVE-2013-0914, CVE-2013-1796, CVE-2013-0160, CVE-2013-1860, CVE-2013-0349, CVE-2013-1798, CVE-2013-4242, CVE-2014-0138, CVE-2014-0139, CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139, CVE-2012-6085, CVE-2014-2403, CVE-2014-0446, CVE-2014-0457, CVE-2014-0453, CVE-2014-2412, CVE-2014-2398, CVE-2014-0458, CVE-2014-2397, CVE-2014-0460, CVE-2014-0429, CVE-2014-2428, CVE-2014-2423, CVE-2014-2420, CVE-2014-0448, CVE-2014-0459, CVE-2014-2427, CVE-2014-2414, CVE-2014-0461, CVE-2014-0454, CVE-2014-2422, CVE-2014-0464, CVE-2014-2401, CVE-2014-0456, CVE-2014-0455, CVE-2014-0451, CVE-2014-0449, CVE-2014-0432, CVE-2014-0463, CVE-2014-2410 , CVE-2014-2413, CVE-2014-2421, CVE-2014-2409, CVE-2014-2402, CVE-2014-0452, CVE-2010-5107, CVE-2014-1545, CVE-2014-1541, CVE-2014-1534, CVE-2014-1533, CVE-2014-1536, CVE-2014-1537, CVE-2014-1538, CVE-2013-2005, CVE-2013-2002, CVE-2014-0092, CVE-2014-0015, CVE-2014-4220, CVE-2014-2490, CVE-2014-4266, CVE-2014-4219, CVE-2014-2483, CVE-2014-4263, CVE-2014-4264, CVE-2014-4268, CVE-2014-4252, CVE-2014-4223, CVE-2014-4247, CVE-2014-4218, CVE-2014-4221, CVE-2014-4262, CVE-2014-4227, CVE-2014-4208, CVE-2014-4209, CVE-2014-4265, CVE-2014-4244,
CVE-2014-4216, CVE-2011-0020, CVE-2011-0064, CVE-2014-3638, CVE-2014-3639, CVE-2014-3513, CVE-2014-3567, CVE-2014-3568, CVE-2014-3566, CVE-2014-4330, CVE-2014-3613, CVE-2014-3620, CVE-2015-0512
Severity Rating: View details below for CVSSv2 scores
Affected products:
Unisphere Central versions prior to 4.0
Summary:
Unisphere Central requires an update to address various security vulnerabilities that could potentially be exploited by malicious users to compromise the affected system.
Details:
Unisphere Central requires an update to address various security vulnerabilities:
#####################################
Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router
Author: Kaustubh G. Padwad
Product: ASUS Router RT-N10 Plus
Firmware: 2.1.1.1.70
Severity: Medium
Auth: Requierd
# Description:
Vulnerable Parameter: flag=
# Vulnerability Class:
Cross Site Scripting (https://www.owasp.org/index.php/Top_10_2013-A3-Cross-Site_Scripting_(XSS))
# About Vulnerability: Asus Router RT-N10 Plus with firmware 2.1.1.70 is vulnarable for crosss site scripting attack,this may cause a huge network compemise.
#Technical Details: The value of the flag request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload initial78846%27%3balert("
Hacked_BY_S3curity_B3ast")%2f%2f372137b5d was submitted in the flag parameter. This input was echoed unmodified in the application's response.
#Steps to Reproduce: (POC):
After setting up router
Enter this URL
1.http://ip-of-router/result_of_get_changed_status.asp?current_page=&sid_list=LANGUAGE%3B&action_mode=+App
ly+&preferred_lang=&flag=initial78846%27%3balert(1337)%2f%2f372137b5d
2. this will ask for creadintial once creatintial enterd it will be successfull XSS
# Disclosure:
8-jan-2015 Repoerted to ASUS
9-jan-2015 Asus confirm that they reported to concern department
15-jan-2015 Ask for update from asus asus says reported to HQ
28-jan-2015 Ask asus about reporting security foucus No reply from ASUS
29-jan-2015 security focus bugtraq
#credits:
Kaustubh Padwad
Information Security Researcher
kingkaustubh@me.com
https://twitter.com/s3curityb3ast
http://breakthesec.com
https://www.linkedin.com/in/kaustubhpadwad
