Feed aggregator

CVE-2014-3577: Apache HttpComponents client: Hostname verification susceptible to MITM attack

BugTraq Latest Security Advisories - August 18, 2014 - 7:38am

Posted by Dirk-Willem van Gulik on Aug 18

Security Advisory - Apache Software Foundation
Apache HttpComponents / hc.apache.org

Hostname verification susceptible to MITM attack

CVE-2014-3577 / CVSS 1.4

Apache HttpComponents (prior to revision 4.3.5/4.0.2) may be susceptible
to a 'Man in the Middle Attack' due to a flaw in the default hostname
verification during SSL/TLS when a specially crafted server side...
Categories:

Outlook.com for Android fails to validate server certificates

BugTraq Latest Security Advisories - August 18, 2014 - 7:28am

Posted by Securify B.V. on Aug 18

------------------------------------------------------------------------
Outlook.com for Android fails to validate server certificates
------------------------------------------------------------------------
Yorick Koster, April 2014

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
Outlook.com for Android's WebView contains an insecure...
Categories:

CVE-2014-5289 - Kolibri WebServer 2.0 Vulnerable to RCE via Overly Long POST Request

BugTraq Latest Security Advisories - August 18, 2014 - 7:17am

Posted by tekwizz123 on Aug 18

Exploit Details
------------------
Senkas Kolibri WebServer 2.0 (available at http://www.senkas.com/kolibri/download.php) is vulnerable to RCE via an
overly long POST request.

Sending the exploit will result in a SEH overwrite, which can then be use to redirect execution to a POP POP RET within
the application's binary itself, which once executed, will allow the attacker to execute his/her payload located in the
HOST field.

PoC...
Categories:

Beginners error: Apple's iCloudServices for Windows run rogue program C:\Program.exe (and some more)

BugTraq Latest Security Advisories - August 18, 2014 - 6:38am

Posted by Stefan Kanthak on Aug 18

Hi @ll,

"C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe",
part of Apple's iCloudServices (see <https://www.apple.com/icloud/>), is
configured to be started as (COM) server via SvcHost.Exe.

Unfortunately the developers of this (COM) server (and of course their QA
too) did a lousy job and let their installer create the following erroneous
registry entries with a command line that contains an unquoted...
Categories:

Beginners error: Windows Live Mail 2011 runs rogue C:\Program.exe when opening associated URLs

BugTraq Latest Security Advisories - August 18, 2014 - 6:28am

Posted by Stefan Kanthak on Aug 18

Hi @ll,

the following command lines associated with the URL protocols of
Windows Live Mail 2011 (15.4.3538.513)

WLMail.Url.Mailto=C:\Program Files (x86)\Windows Live\Mail\wlmail.exe /mailurl:"%1"
WLMail.Url.news=C:\Program Files (x86)\Windows Live\Mail\wlmail.exe /newsurl:"%1"
WLMail.Url.nntp=C:\Program Files (x86)\Windows Live\Mail\wlmail.exe /newsurl:"%1"
WLMail.Url.snews=C:\Program Files (x86)\Windows...
Categories:

Beginners error: Apple's Software Update runs rogue program C:\Program.exe (and some more)

BugTraq Latest Security Advisories - August 18, 2014 - 6:17am

Posted by Stefan Kanthak on Aug 18

Hi @ll,

"C:\Program Files\Apple Software Update\SoftwareUpdate.exe", part
of Apple's Software Update and installed together with iTunes,
QuickTime and other of Apple's crap for Windows, is periodically
called with the argument "-task".

This invokes the COM server {91A9E6A9-3935-4A37-AFBA-F0904B166364}
alias AppleSoftwareUpdate.ASUInstallhost, implemented in the DLL
C:\Program Files\Apple Software...
Categories: