Basic and visual security awareness initiation for brokers and insurers was presented at 4th brokers forum which occurred in Chavannes-de-Bogis by Frederic Bourla, some of the threats which could deadly impact brokers businesses.
YouTube videos:
Related links:
Ever since the Internet took off from its humble beginnings as a simple connection between the two networks of UCLA and Stanford for educational purposes, it has increasingly been used by the global population as a means of communication, commerce, charity and much more. The myriad ways of utilizing the Internet backbone all require software engineering of web-enabled applications (webapps). A new product from High-Tech Bridge SA called ImmuniWeb® performs webapp security assessments. If you’re like me, you’re probably thinking that this is just another webapp vulnerability scanner but hang on! It provides an innovative hybrid approach along with some really creative additional modules for assessing security beyond just the webapp. Why would we need such a hybrid approach? Read more at ethicalhacker.net.
In Q1 and Q2 of 2013 Cross-Site Scripting (XSS) was the most common vulnerability in web applications, SQL Injection took the second place, and Cross-Site Request Forgery the third one. During this period of time 65% of discovered vulnerabilities had medium risk, 20% had high risk. 95% of vendors released security patches before public disclosure of vulnerabilities. On average, vendors released security patches within 3 weeks after they were notified about discovered vulnerabilities. Read more at globalsecuritymag.com
Cross-Site Scripting (XSS) was the most common vulnerability in web applications found during the first half of 2013, followed by SQL Injection and Cross-Site Request Forgery, a new report has found. Read full article: cbronline.com.
High-Tech Bridge Security Research Lab released its statistics on web application security for the first half of 2013. The statistics is based on HTB Security Advisories that are released on a weekly basis and cover 73 vulnerabilities in open source web applications which names are quoted at least 50’000 times in Google. Read more at net-security.org.
Malware and internet-based attacks continue to escalate in both volume and complexity, but when it comes to web application security, critical-level risk appears to be in the minority thanks to the convoluted code that most apps run on. Read more at infosecurity-us.com.
About one month ago High-Tech Bridge Security Research Lab was discovered two cross-site scripting /XSS/ vulnerabilities in OpenCMS version 8.5.1 and they was disclosed this days as "Multiple Cross-Site Scripting (XSS) in OpenCms: CVE-2013-4600".
Descriptions of vulnerabilities:
Exists due to insufficient sanitisation of user-supplied data in "title" HTTP GET parameter passed to "opencms/opencms/system/workplace/views/admin/admin-main.jsp" script.
Exists due to insufficient sanitisation of user-supplied data in "requestedResource" HTTP POST parameter passed to "opencms/opencms/system/login/index.html" URL.
This issues are fixed now and solution is available: upgrade to OpenCms 8.5.2.
Experts from the High-Tech Bridge Security Research Lab have identified multiple vulnerabilities in OpenX, the popular advertising platform. The flaws can be exploited to execute arbitrary PHP code, launch cross-site scripting (XSS) attacks and compromise affected systems.
The first vulnerability is a Local File Inclusion (LFI) issue that can be exploited by an attacker that has administrative privileges, or by tricking a logged-in OpenX administrator to open a malicious web page that triggers a Cross-Site Request Forgery (CSRF) exploit code.
Experts have also discovered a couple of XSS vulnerabilities that can be leveraged by a remote attacker to get administrators to execute arbitrary code by tricking them into opening a specially crafter link.
The vulnerabilities, which affect Open X 2.8.10 and probably older versions, were reported to the vendor on May 8. They were addressed last week.
Additional technical details and patches are available here.
Source: Softpedia, Eduard Kovacs
Article by Steve Ragan:
OpenX, the open source ad serving platform, patched two flaws last week, after they were discovered by Geneva, Switzerland’s High-Tech Bridge. The platform has had several issues before, and is a favorite target of criminals operating using malvertising as an attack vector.
According to the High-Tech Bridge advisory, OpenX patched two flaws in the final days of June. The first was a file inclusion vulnerability, which if the attacker has administrative privileges, can be used to access stored files such as the webservers /etc/passwd file.
"Successful exploitation of these vulnerabilities requires administrative privileges, however they can also be exploited by a remote non-authenticated attacker via CSRF vector, since the application is prone to Cross-Site Request Forgery (CSRF) attacks. In order to do so an attacker should trick logged-in OpenX administrator to open a specially crafted web page with CSRF exploit code," the advisory explains.
Read Full Article at: SecurityWeek.com
Related posts:
HTB23155: OpenX PHP file inclusion & cross-site scripting
Serious vulnerabilities in OpenX ad platform expose millions to risk
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in OpenX, which can be exploited to execute arbitrary PHP code, perform Cross-Site Scripting (XSS) attacks and compromise vulnerable system.
Read More at Help Net Security.
Multiple vulnerabilities (PHP file inclusion and cross-site scripting) in OpenX version 2.8.10 have been discovered by High-Tech Bridge Security Research Lab about 2 months ago and disclosed this week.
Local File Inclusion in OpenX:
Input passed via "group" HTTP GET parameter to "/www/admin/plugin-preferences.php" and "/www/admin/plugin-settings.php" scripts is not properly verified before being used in PHP 'include()' function and can be exploited to include arbitrary local files via directory traversal sequences and URL-encoded NULL byte techniques.
Cross-Site Scripting (XSS) in OpenX:
The vulnerabilities exists due to insufficient filtration of user-supplied data in "package" HTTP GET parameter passed to "/www/admin/plugin-index.php" and "group" HTTP GET parameter passed to "/www/admin/plugin-settings.php" scripts.
To fix this issues replace files from SVN repository as mentioned in High-Tech Bridge security advisory HTB23155: Multiple Vulnerabilities in OpenX, also diff-dile is available. Proof-of-Concept (PoC) examples also available on researcher's page.
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Kasseler CMS version 2 r1223, which can be exploited to perform SQL injection, Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks and compromise vulnerable application.
SQL Injection:
Exists due to insufficient validation of "groups" HTTP POST parameter passed to "admin.php" script. A remote authenticated administrator can execute arbitrary SQL commands in application's database.
Stored Cross-Site Scripting (XSS):
Exists due to insufficient filtration of "cat" HTTP POST parameter passed to "admin.php" script. A remote attacker with privileges to create categories can permanently inject arbitrary HTML and script code into application database that will be executed in browser of every website visitor.
Сross-Site Request Forgery (CSRF):
Exists due to absence of CSRF protection mechanisms in the entire application. A remote attacker can trick logged-in administrator to visit a specially crafted webpage with CSRF exploit code. This will enable the attacker to execute arbitrary SQL queries in application's database and gain complete control over the application.
Upgrade to Kasseler CMS 2 r1232 to stay secure from this issues.
High-Tech Bridge SA, is pleased to announce that its innovative web application security assessment SaaS solution ImmuniWeb® has successfully obtained CVE and CWE Compatibility certifications from MITRE.
ImmuniWeb® is officially "CWE-Compatible" and "CWE-Compatible".
ImmuniWeb® is a unique hybrid of security vulnerabilities scanner and manual penetration testing in parallel, distributed as a SaaS (Software-as-a-Service) solution. It is inexpensive and efficient tool to assess security of your website. ImmuniWeb® Portal is a web platform from which customer can manage security assessment process from begin to end, as well as to receive assessment report in a secure manner. It enables even SMBs and private persons who are not familiar with information security to order security assessment of their website very quickly.
MITRE CVE and CWE News:
1 Product from High Tech Bridge Now Registered as Officially "CVE-Compatible"
1 Product from High Tech Bridge Now Registered as Officially "CWE-Compatible"
