Archive for February, 2014

Stark CRM v1.0 Multiple Script Injection And Session Riding Vulnerabilities

Multiple stored XSS and CSRF vulnerabilities exist when parsing user input to several POST parameters. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site and/or execute arbitrary HTML and script code in a user’s browser session.

starkcrm_xss

Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5169.php

Asseco SEE iBank FX Client <= 2.0.9.3 Local Privilege Escalation Vulnerability

The application is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the ‘F’ flag (full) for the ‘Everyone’ and ‘Users’ group, for the ‘RichClient.exe’ and ‘fxclient.exe’ binary files making them world-writable. After you replace the binary with your rootkit, on reboot you get SYSTEM privileges.

FX Client

Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5168.php