SSD Advisory – Synology DiskStation Manager Multiple Stored Cross-Site Scripting

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
The following advisory describe two (2) stored Cross-Site Scripting (XSS) found in Synology DiskStation Manager (DSM).

  1. Cross-site scripting stored in SWF file
  2. Cross-site scripting stored in Video Station application

Synology DiskStation Manager (DSM), a Linux based software package that is the operating system for the DiskStation and RackStation products. The Synology DSM is the foundation of the DiskStation, which integrates the basic functions of file sharing, centralized backup, RAID storage, multimedia streaming, virtual storage, and using the DiskStation as a network video recorder.

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
Repeated emails (support@cynology.com) sent to the vendor, since March, were answered with unclear answers:
“Sorry for the misunderstanding. You reported it to us and what I meant was that our developers have verified your report and it’s been logged as a known issue now.
So, your report to us is highly appreciated and we thank you very much for your help!”

We therefore don’t know at this time whether this vulnerabilities were or not resolved.

Continue reading SSD Advisory – Synology DiskStation Manager Multiple Stored Cross-Site Scripting

SSD Advisory – Bitdefender Code Signing organizationName Buffer Overflow

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary
The following advisory describes a Buffer Overflow vulnerability found in Bitdefender Engine PE.

Bitdefender provides the Bitdefender “antimalware” engine for integration with other security vendors products. The engine is used in Bitdefender’s own products, for example in Bitdefender Internet Security 2017 and below. The antimalware engine is the core of the product, among other features providing the means to scan potentially malicious portable executables (PEs).

Credit
An independent security researcher, Pagefault, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Response
Bitdefender has released patched to address this vulnerability in version 7.71417.

Continue reading SSD Advisory – Bitdefender Code Signing organizationName Buffer Overflow

Know your community – Simone Margaritelli (@evilsocket)

The guy that published a first hand account of how an allegedly government-sponsored firm, Dark Matter, tried to hire him to help them spy on civilian in the UAE.

A former BlackHat that switch sides

Bug Bounty hunter

The author of the most known offensive open source software – BetterCAP, dSploit, AndroSwat and more!

Please meet Simone Margaritelli AKA @evilsocket

Continue reading Know your community – Simone Margaritelli (@evilsocket)

SSD Advisory – AContent Multiple Vulnerabilities

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
The following advisory describes two (2) vulnerabilities types found in AContent version 1.3.

AContent is an open source learning content management system (LCMS) used to create interoperable, accessible, adaptive Web-based learning content. It can be used along with learning management systems to develop, share, and archive learning materials. For those familiar with ATutor, AContent contains the content authoring, test authoring, and content interoperability features of ATutor, producing a standalone tool that can be used with any system that supports IMS content interoperability standards.

The vulnerability found are:

  • Directory Traversal
  • Directory Traversal that lead to Remote Code Execution – question_import.php
  • Directory Traversal that lead to Remote Code Execution – ims_import.php
  • Directory Traversal that lead to Remote Code Execution – import_test.php

Credit
An independent security researcher, Steven Seeley, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Response
AContent has fixed the vulnerabilities in their GitHub master branch.
For more details:

Continue reading SSD Advisory – AContent Multiple Vulnerabilities