lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 31 Aug 2010 09:48:31 -0400 From: GulfTech Security Research <security@...ftech.org> To: full-disclosure@...ts.grok.org.uk Subject: Vulnerabilities in NING networks There are several security issues within the popular NING platform that can be combined to silently take control of user accounts, write self replicating malicious applications (malware), and more. Attempts to contact NING in order to resolve these issues were unsuccessful. Additional Details: http://0x6a616d6573.blogspot.com/2010/08/ninga-please.html Proof of Concept: https://docs.google.com/leaf?id=0B5oxcQ53hliTZmEyYjg5NjEtMDRiOS00MTg1LWE0NjEtOGViOGZhMTYyMGZi&hl=en _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/