View RSS Feed

Recent Blogs Posts

  1. (CVE-2016-8856) Foxit Reader for Linux and Mac: Local Privilege Escalation Writeup

    Hi guys,

    Recently, I stumbled on a very simple bug in Foxit Reader for Mac and Linux (From here on, just Foxit Reader). The vulnerability was caused by improper file permissions granted on core Foxit Reader's files on Linux and Mac systems. An attacker with a low privilege access could've exploited this vulnerability to elevate their privileges, execute commands as a higher privileged user, or both.

    The version affected were:

    Foxit Reader for Mac 2.1.0.0804 ...
    Tags: -1' Add / Edit Tags
    Categories
    Uncategorized
  2. CVE-2015-2652 Unauthenticated File Upload in Oracle E-business Suite.

    Quote Originally Posted by [s] View Post
    During my regular job, I unravelled an interesting vulnerability of Unauthenticated File Upload in Oracle E-business Suite 0-day vulnerability. This particular Upload Bug can be easily used to upload files on the web-server and also an attacker can flood the hard-disk of the server,thus making it easier for an attacker to leverage the vulnerability remotely.

    Oracle released Critical Patch Update containing security fixes for the Oracle E-Business Suite. This vulnerability is remotely
    ...
    Tags: -1', zap Add / Edit Tags
    Categories
    Uncategorized
  3. Microsofts IIS.net Anti-CSRF Token Bypass

    [B]Microsoft's IIS.net CSRF Vulnerability[/B]

    I want to share my another finding on Microsoft IIS.net which I have reported to them in August 2013.


    While researching and working on bug bounties I have found that we can bypass Anti-CSRF token validation even when it is getting validated on the server-side and can execute CSRF. And after that using the CSRF we can compromise the victims account by change email id of any users account on that site to the attackers ...

    Updated 04-21-2014 at 11:12 AM by 41.w4r10r

    Tags: -1', zap Add / Edit Tags
    Categories
    Uncategorized