A vulnerability in the way invoices are handled by eBay allows users that sell items on eBay to view other’s reseller’s invoices. Though access to the invoice is somewhat arbitrary, there is no easy way to find a specific invoice of a specific seller, it is possible to harvest a large amount of invoice and gather sensitive information from them. This information includes (though not in all invoices):
Continue reading SSD Advisory – eBay Arbitrary Invoice Disclosure
MediaWiki is a free software open source wiki package written in PHP, originally for use on Wikipedia. It is now also used by several other projects of the non-profit Wikimedia Foundation and by many other wikis, including this website, the home of MediaWiki.
Media Wiki version 1.24.1
The vulnerability has been addressed in Media Wiki version 1.24.2.
Continue reading SSD Advisory – Media Wiki SVG XSS
iLO is an embedded operating system available within HP Proliant and Integrity servers. IP is a feature within iLO that provides local and remote access for provisioning purposes. It was discovered that hidden requests were being made to server during a normal client session. Exploring this obfuscated functionality revealed the ability to execute arbitrary commands as root on the system.
Continue reading SSD Advisory – Remote Command Execution in Proliant iLO Intelligent Provisioning
Dynamic Web TWAIN is a TWAIN-based scanning SDK software specifically designed for web applications. With just a few lines of code, you can develop robust applications to scan documents from TWAIN-compatible scanners, edit the scanned images and save them to a file system.
Two security vulnerabilities have been found in Dynamic Web TAWIN:
- DynamicWebTwainCtrl.DynamicWebTwain.1 ActiveXObject SaveAllAsPDF/SaveAsPDF Methods lstrcpyA() Call Stack Buffer Overflow Vulnerability
- WebTWAINService.exe Service SaveAllAsPDF/SaveAsPDF Methods lstrcpyA() Call Stack Buffer Overflow Vulnerability
Continue reading SSD Advisory – Dynamic Web TWAIN SDK Vulnerabilities