Recognize-Security

Posted by Trancer on Oct 14 2008

Wrote a new Metaspoit exploit module for HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow vulnerability.

This module exploits a stack-based buffer overflow in SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 installed by TestDirector (TD) for Hewlett-Packard Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32. By setting an overly long value to ‘ProgColor’, an attacker can overrun a buffer and execute arbitrary code.

Download hpmqc_progcolor.rb.
Also on Metasploit.

References:
CVE-2007-1819
BID 23239
OSVDB 34317
iDefense Labs
HP Security Bulletin

Categories: Exploits • Metasploit

0 Comments | Comments RSS | TrackBack URL

---

Posted by Trancer on Oct 05 2008

Security Advisory for Caucho Resin Application Server version 3.2 and below.
Vulnerabilities found:

• UTF-7 Cross-Site Scripting

PDF version.
TXT version.

This actually mean that every web application hosted on a Caucho Resin application server is vulnerable to Cross-Site Scripting… If you have one, I seriously recommend you patch your server :-)

References:
Caucho Resin 3.2.1 Release Notes
Caucho bug ID 2965

Categories: Advisories

0 Comments | Comments RSS | TrackBack URL

---

Posted by Trancer on Oct 05 2008

Security Advisory for OpenNMS version 1.5.93-1 and below.
Vulnerabilities found:

• HTTP Response Splitting
• Cross-Site Scripting

PDF version.
TXT version.

Also on:
BID 31577
milw0rm 6676
exploit-database #6676

Categories: Advisories

0 Comments | Comments RSS | TrackBack URL

---