Today IBM X-Force has published my Advisory related to a security flaw which I’ve discovered in Cisco Linksys WAG54GS router which allow an attacker to change administrator password.
For more informations:
http://xforce.iss.net/xforce/xfdb/73345
Today Kaspersky Lab (http://www.securelist.com/) published my ForkCMS 3.2.6 vulnerability.
For more details:
http://www.securelist.com/en/advisories/48067
IBM X-Force (http://xforce.iss.net/) published my new “0day” vulnerability regarding Multiple Vulnerabilities discovered in ForkCMS 3.2.6 and lower:
http://xforce.iss.net/xforce/xfdb/73394
OSVDB (http://osvdb.org) – vulnerability DB sponsored by Nessus (http://www.tenable.com) – published my ForkCMS 3.2.6 (and lower) vulnerability.
Here you can read more details:
http://osvdb.org/show/osvdb/79444
Secunia has published an advisory related to a “0day” vulnerabilty (http://ivanobinetti.blogspot.com/2012/02/forkcms-325-csrf-and-xss-0day.html which I’ve discovered in the past days and regarding a CSRF (Cross Site Request Forgery) which affects ForkCMS 3.2.5 and lower.
Secunia tested this vulnerability also in 3.2.6 version, latest release which ForkCMS team published few days ago.
As I already said in my advisory I think that ForkCMS in a very nice CMS which, with some security improvements, can become a great cms. May be that I will use it in the future.
Following you can read more details about Secunia Advisory:
https://secunia.com/advisories/48067
Also PacketStorm has published this Advisory:
http://packetstormsecurity.org/files/110069/sa48067.txt
SecurityFocus (http://www.securityfocus.com/) has assigned me three BID (Bugtraq ID) related to “0day” Dlink and Cisco Linksys vulnerabilities regarding design flaws and exploitable using CSRF:
Following you can read more details about them:
http://www.securityfocus.com/bid/52096
http://www.securityfocus.com/bid/52129
http://www.securityfocus.com/bid/52105
Today also PacketStorm published the new “0day” vulnerability that affects DFLabs PTK 1.0.5 and lower versions.
http://packetstormsecurity.org/files/110102/DFLabs-PTK-1.0.5-Cross-Site-Request-Forgery.html
To view my Original Advisory:
DFLabs PTK 1.0.5 Multiple Vulnerabilities (Steal Authentication Credentials)
Other related publications:
http://osvdb.org/show/osvdb/80765
http://xforce.iss.net/xforce/xfdb/73404
http://www.exploit-db.com/exploits/18513/
http://packetstormsecurity.org/files/110102/DFLabs-PTK-1.0.5-Cross-Site-Request-Forgery.html
http://1337day.com/exploits/17564
This router allows an attacker to bypass authentication and to login with administrator (“admin”) credentials. In fact when the administrator is logged in and an internal attacker will connect to web management interface (default is http://192.168.1.1:80) he will be able to see the MAC Address of logged admin. Symply changing his MAC Address the attacker can bypass authentication and login as administrator.
Fore more details
http://www.exploit-db.com/exploits/18511/
http://packetstormsecurity.org/files/110117/D-Link-DSL-2640B-Authentication-Bypass.html
http://www.securityfocus.com/bid/52129
http://xforce.iss.net/xforce/xfdb/73379
http://osvdb.org/79617
http://1337day.com/exploit/17562
Today I’ve discovered multiple vulnerability into Fork CMS 3.2.5. I think there are also this vulnerabilities in version 3.2.6.
Other pubblication related to these vulnerabilities:
http://packetstormsecurity.org/files/110048/ForkCMS-3.2.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
http://www.exploit-db.com/exploits/18505/
http://secunia.com/advisories/48067
http://osvdb.org/show/osvdb/79444
http://xforce.iss.net/xforce/xfdb/73394
http://www.securelist.com/en/advisories/48067
www.1337day.com/exploits/17557