SSD Advisory – Serviio Media Server Multiple Vulnerabilities

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
The following advisory describes a five (5) vulnerabilities found in Serviio Media Server. Affected version: 1.8.0.0 PRO, 1.7.1, 1.7.0, 1.6.1.

Serviio is a free media server. It allows you to stream your media files (music, video or images) to renderer devices (e.g. a TV set, Bluray player, games console or mobile phone) on your connected home network.

Serviio works with many devices from your connected home (TV, Playstation 3, XBox 360, smart phones, tablets, etc.). It supports profiles for particular devices so that it can be tuned to maximise the device’s potential and/or minimize lack of media format playback support (via transcoding).

Serviio is based on Java technology and therefore runs on most platforms, including Windows, Mac and Linux (incl. embedded systems, e.g. NAS).

The vulnerabilities found in Serviio Media Server are:

  • Remote Code Execution
  • Local Privilege Escalation
  • Unauthenticated Password Modification
  • Information Disclosure
  • DOM-Based Cross-Site Scripting (XSS)

Credit
An independent security researcher Gjoko Krstic from Zero Science Lab has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Response
We have tried on numerous occasions over the past two months to contact the vendor, all emails sent to them went unanswered.

Continue reading SSD Advisory – Serviio Media Server Multiple Vulnerabilities

SSD Advisory – Kloxo Sensitive Information Disclosure

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Introduction
Kloxo (formerly known as Lxadmin) is a free, opensource web hosting control panel for the Red Hat and CentOS Linux distributions.

Vulnerability Details
Kloxo contains a vulnerability that could allow an authenticated remote attacker (client or auxiliary) to get almost any info from DB, for example passwords of other users (including administrators), credentials for DB connection, etc. After gathering credentials of user (reseller or admin) who has created current client it is possible to assign “admin” role to current client.

Authentication is required to exploit this vulnerability (any unprivileged client or auxiliary). So any unprivileged user will be able to login as administrator and manage system or execute any OS command or upload PHP file and execute desired PHP code (there are such ’legal’ features for administrator).

Continue reading SSD Advisory – Kloxo Sensitive Information Disclosure