HTB23085: Piwigo multiple vulnerabilities (Directory Path Traversal, XSS)

Piwigo version 2.3.3 suffers from a Directory Path Traversal and cross-site scripting (XSS) vulnerabilities:
1. Directory Path Traversal: Input passed via the "language" GET parameter to "upgrade.php" is vulnerable to directory path traversal.
2. Cross-site scripting (XSS): Input passed via the "section", "installstatus", "theme" GET-parameters to "admin.php" are not properly sanitised before being returned to the user.

Vulnerability ID: HTB23085
Vendor Notification / Patch / Public Disclosure Dates: 4 April / 8 April / 25 April
Vulnerabilities Type: Directory Path Traversal, Cross-Site Scripting (XSS)
Risk level: Medium
Solution Status: Fixed by Vendor, Upgrade to Piwigo 2.3.4

The Importance of Ethical Hacking: Emerging Threats Emphasise Need for Holistic Assessments, Says Frost & Sullivan

Frost & Sullivan's White Paper Recognises Complex Threat Landscape and Analyses Role of Ethical Hacking in Enterprise Security Architecture

LONDON, April 19, 2012 /PRNewswire/ -- The need for more effective information security practices is increasingly evident with each security breach reported in the media. When adopting new technologies like cloud computing, virtualisation, or IT outsourcing, enterprises are facing imminent security threats and must adjust their security processes, policies, and architectures accordingly. Among the many options available to help customers to achieve this goal, organisations should consider the value of ethical hacking services, which are rapidly gaining attention as an essential security practice that should be performed on a regular basis.

The recently published white paper entitled "The Importance of Ethical Hacking: Emerging Threats Emphasise the Need for Holistic Assessments" by Frost & Sullivan, discusses benefits from independent ethical hacking assessments, the role of ethical hacking in an enterprise security architecture, as well as top technical concerns and solutions. "The increased sophistication and success rate for recent cyber attacks is directly related to the shift in attacker profile, indicating that nation-states and large criminal organisations are funding well organised, highly motivated, and well trained teams of programmers," points out Frost & Sullivan Industry Analyst, Chris Rodriguez. "The elevated threat landscape therefore, urgently dictates the need for a comprehensive, real-world assessment of an organisation's security posture. This assessment is a first vital step to enact effective security policies, procedures, and infrastructure that will prevent or mitigate the effects of a data breach."

The major challenge for businesses is the complexity of security requirements due to changing hacking tactics, myriad security vulnerabilities, evolving business practices, new business technologies, and emerging security technologies. Those numerous organisation-specific security challenges are best solved by professionals with extensive expertise.

Ethical hacking offers an objective analysis of an organisation's information security posture for organisations of any level of security expertise. The ethical hacking organisation has no knowledge of the company's systems other than what they can gather. Hackers must scan for weaknesses, test entry points, prioritise targets, and develop a strategy that best leverages their resources. The objectiveness of this kind of security assessment has a direct impact on the value of the whole evaluation.

"The result of such an assessment is an actionable report with valuable remediation advice tailored to the customer's unique IT environment, capabilities, and security objectives," says Chris Rodriguez. "This helps businesses to prioritise their security efforts, fine-tune security tools such as firewalls and Intrusion Prevention Systems (IPS) devices, adjust policies, and identify any necessary training."

As organisations of all sizes and sophistication levels can benefit from objective, expert, third-party analysis, ethical hacking has become a more mainstream service in the past decade. "However, businesses still remain sceptical about the risk inherent with inviting a third-party to attempt to access sensitive systems and resources. To reduce this fear, businesses should hire only ethical hacking companies that implement practices to ensure privacy and confidentiality. They should also be accredited by international trade organisations such as the EC-Council and International Information Systems Security Certification Consortium (ISC)," advices Rodriguez.

Ensuring effectiveness of the enterprise security architecture should be verified on a regular basis. This represents a great challenge for increasingly sophisticated organisations due to complex IT environments which include security solutions, end-user awareness, policies, and new technologies. These systems not only change continually but also interoperate with each other and therefore must be tested as part of holistic assessment to best emulate a real-world attack scenario. "Ethical hacking services are the best way to attain valuable assessments and recommendations necessary to properly tune these complex security architectures," summarises Chris Rodriguez.

Frost & Sullivan has conducted extensive research in the ethical hacking market to identify latest trends in the European industry and published the white paper entitled "The Importance of Ethical Hacking: Emerging Threats Emphasise the Need for Holistic Assessments". This research has recognised High-Tech Bridge, a Swiss based company, as one of the market leaders and best service providers in the ethical hacking industry. If you would like to obtain a free copy of the white paper, please contact Joanna Lewandowska, Corporate Communications, at Joanna.lewandowska (at) frost.com. Please include your full contact details in the query.

About Frost & Sullivan

Frost & Sullivan, the Growth Partnership Company, enables clients to accelerate growth and achieve best-in-class positions in growth, innovation and leadership. The company's Growth Partnership Service provides the CEO and the CEO's Growth Team with disciplined research and best-practice models to drive the generation, evaluation, and implementation of powerful growth strategies. Frost & Sullivan leverages 50 years of experience in partnering with Global 1000 companies, emerging businesses and the investment community from more than 40 offices on six continents. To join our Growth Partnership, please visit http://www.frost.com.

About High-Tech Bridge

High-Tech Bridge SA provides companies, governmental agencies and international organizations with cutting-edge information security services. For more information please visit: https://www.htbridge.com.

Contact:

Joanna Lewandowska
Corporate Communications – Europe, Frost & Sullivan
Tel: +48 22 481 62 20
E-mail: joanna.lewandowska (at) frost.com

Source: Yahoo! Finance
Related Links:
The Importance of Ethical Hacking: Emerging Threats Emphasise Need for Holistic Assessments, Says Frost & Sullivan
Frost & Sullivan recognizes High-Tech Bridge as a market leader

HTB23084: Newscoop multiple vulnerabilities (RFI, SQL Injection, XSS)

Newscoop version 3.5.3 and probably prior, partially 4.0 RC3 suffers from remote file inclusion (RFI), cross site scripting (XSS), SQL injection vulnerabilities:
1. Remote File Inclusion (RFI): Input passed via the "GLOBALS[g_campsiteDir]" GET parameter to "include/phorum_load.php", "GLOBALS[g_campsiteDir]" GET parameter to "conf/install_conf.php", "GLOBALS[g_campsiteDir]" GET parameter to "conf/liveuser_configuration.php" scripts are not properly verified before being used in require_once() function and can be exploited to include arbitrary remote files.
Successful exploitation of these vulnerabilities requires that "register_globals" is enabled.
2. SQL Injection: Input passed via the "f_country_code" GET parameter to "admin/country/edit.php" is not properly sanitised before being used in SQL query (requires attacker to be registered and logged-in and to have permission to manage countries; "magic_quotes_gpc" should be disabled).
3. Cross-Site Scripting (XSS): Input passed via the "Back" GET parameter to "admin/ad.php", "f_user_name" GET parameter to "admin/login.php", "token" and "f_email" GET parameters to "admin/password_check_token.php" scripts are not properly sanitised before being returned to the user.

Vulnerability ID: HTB23084
Vendor Notification / Patch / Public Disclosure Dates: 28 March / 5 April / 18 April
Vulnerabilities Type: Remote file inclusion (RFI), Cross-site scripting (XSS), SQL injection
Risk level: High
Solution Status: Fixed by Vendor
Solution: Upgrade to Newscoop 3.5.5, make sure that "register_globals" is set to off (fix for RFI).

Read full information and details about this advisory: High-Tech Bridge Advisory HTB23084: Multiple vulnerabilities in Newscoop.

HTB23062: XOOPS multiple XSS vulnerabilities

XOOPS version 2.5.4 and probably prior suffers from multiple cross-site scripting (XSS) vulnerabilities:
Input passed via the "to_userid" POST parameter to "modules/pm/pmlite.php", "current_file" POST parameter to "class/xoopseditor/tinymce/tinymce/jscripts/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php", "imgcat_id" POST parameter to "class/xoopseditor/tinymce/tinymce/jscripts/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php", "target" POST parameter to "class/xoopseditor/tinymce/tinymce/jscripts/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php" scripts are not properly sanitised before being returned to the user.

Vulnerability ID: HTB23062
Vendor Notification / Patch / Public Disclosure Dates: 7 December 2011 / 22 February 2012 / 18 April 2012
Vulnerabilities Type: Cross-Site Scripting (XSS)
Risk level: Medium
Solution: Fixed by Vendor, Upgrade to 2.5.5 version
Credit: High-Tech Bridge SA Security Research Lab

About XOOPS
XOOPS is a web application platform written in PHP for the MySQL database. Its object orientation makes it an ideal tool for developing small or large community websites, intra company and corporate portals, weblogs and much more.

About High-Tech Bridge SA Security Research Lab
High-Tech Bridge SA Security Research Lab is a unit of High-Tech Bridge's Research & Development Department. Security Advisories are provided on a non-profit base in accordance to Corporate Social Responsibility, with the aim of helping various software vendors to improve security of their products.

HTB23083: CMS Tree Page View Plugin for WordPress XSS vulnerability

CMS Tree Page View (WordPress plugin) version 0.8.8 suffers from cross-site scripting (XSS) vulnerabilities:
Input passed via the "cms_tpv_view" GET parameter to "wp-admin/options-general.php" script is not properly sanitised before being returned to the user.

Vulnerability ID: HTB23083
Vendor Notification / Patch / Public Disclosure Dates: 21 March / 26 March / 11 April
Vulnerabilities Type: Cross-Site Scripting (XSS)
Solution Status: Fixed by Vendor
Risk level: Medium
Solution: Upgrade to 0.8.9 or later version

HTB23082: All-in-One Event Calendar Plugin for WordPress multiple XSS vulnerabilities

All-In-One Event Calendar (WordPress plugin) version 1.4 suffers from multiple cross-site scripting (XSS) vulnerabilities:
Input passed via the "title" GET parameter to "wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget-form.php", "args", "title", "before_title", "after_title" GET parameters to "wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php", "button_value" GET parameter to "wp-content/plugins/all-in-one-event-calendar/app/view/box_publish_button.php", "msg" GET parameter to "wp-content/plugins/all-in-one-event-calendar/app/view/save_successful.php" scripts are not properly sanitised before being returned to the user.

Vulnerability ID: HTB23082
Public Disclosure: April 11, 2012
Vulnerabilities Type: Cross-Site Scripting (XSS)
Risk level: Medium

"ThinkSwiss: Genève Meets New York": Breaking Through Internet Censorship (Video)

Video from Breaking Through Internet Censorship event, held in New York City as part of the week-long festival "ThinkSwiss: Genève Meets New York" on March 12, 2012. Panelists: Stéphane Koch, Vice-President for High-Tech Bridge SA / Founder of intelligentzia.net, E.Mubarak, T.Obrecht, A.Qtiesh.

Panel held in New York City as part of the week-long festival "ThinkSwiss: Genève Meets New York" on March 12, 2012.

HTB23081: osCMax multiple vulnerabilities

osCMax version 2.5.0 suffers from a cross-site scripting (XSS) and SQL injection vulnerabilities:
1. Cross-site scripting (XSS): Input passed via the "username" POST parameter to "admin/login.php", "pageTitle" GET parameter to "admin/new_attributes_include.php", "sb_id", "sb_key", "gc_id", "gc_key" and "path" POST parameters to "admin/htaccess.php", "title" GET parameter to "admin/information_form.php", "search" GET parameter to "admin/xsell.php", "gross" and "max" GET parameters to "admin/stats_products_purchased.php", "status" GET parameter to "admin/stats_monthly_sales.php", "sorted" GET parameter to "admin/stats_customers.php", "information_id" GET parameter to "admin/information_manager.php", "zID" GET parameter to "admin/geo_zones.php", "current_product_id" and "cPath" GET parameters to "admin/new_attributes_include.php" scripts are not properly sanitised before being returned to the user.
2. SQL Injection: Input passed via the "status" GET parameter to "admin/stats_monthly_sales.php", "country" POST parameter to "admin/create_account_process.php", "username" POST parameter to "admin/login.php" scripts are not properly sanitised before being used in SQL query.

Vulnerability ID: HTB23081
Vendor Notification / Patch / Public Disclosure Dates: 14 March / 30 March / 4 April
Vulnerabilities Type: Cross-Site Scripting (XSS), SQL Injection
Solution Status: Fixed by Vendor
Risk level: High
Solution: Upgrade to osCMax v2.5.1 or later version

InfoSurance: High-Tech Bridge is a new member

High-Tech Bridge is proud to announce it's new membership at InfoSurance, a Swiss information security association founded in 1999.

Through the Swiss Security Day as well as by providing training to schools and businesses the InfoSurance association promotes the awareness of information security. Swiss Security Day event aims to bring awareness on how to securely use a computer, from emailing to social networking.

As a new member of InfoSurance, High-Tech Bridge will promote the importance of information security.

Source: High-Tech Bridge: Member of InfoSurance