lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 28 Jan 2014 15:07:29 -0800 From: Mark Litchfield <mark@...uratary.com> To: webappsec@...urityfocus.com, bugtraq@...urityfocus.com, vuln-dev@...urityfocus.com, pen-test@...urityfocus.com Subject: Vulnerabilities within Mura CMS / Sitecore MCS / SmarterMail These vulnerabilities allow for a complete take over giving full administrative access as well as remote shells on the servers that they are installed on. Each of these suffer from Insecure Direct Object Reference Vulnerabilities. Due to the details of the attack and screen shots, they can be found at http://www.securatary.com/vulnerabilities All the best Mark Litchfield
Powered by blists - more mailing lists