Search the Community
Showing results for tags 'business'.
Found 3 results
M1tn1ck posted a topic in Discutii non-ITHi all, I'm a businessman and I want to build a team to develop my business ideas! I'm looking for serious people to implement my ideas that will bring good profits, I do not ask for any money, I just ask a serious person to listen to me about what I'm thinking about and think about it, I'm collecting a team no more than 3-4 peopleHere is my contact: firstname.lastname@example.orgПривет всем, я бизнесмен, и я хочу создать команду для разработки моих бизнес-идей! Я ищу серьезных людей для реализации моих идей, которые принесут хорошую прибыль, я не прошу денег, я просто прошу серьезного человека послушать меня о том, о чем я думаю, и подумать об этом, я Сбор сборной не более 3-4 человекВот мой контакт: email@example.com
Aerosol posted a topic in ExploituriDocument Title: =============== Oracle Business Intelligence Mobile HD v11.x iOS - Persistent UI Vulnerability References (Source): ==================== http://vulnerability-lab.com/get_content.php?id=1361 Oracle Security ID: S0540289 Tracking ID: S0540289 Reporter ID: #1 2015Q1 Release Date: ============= 2015-05-06 Vulnerability Laboratory ID (VL-ID): ==================================== 1361 Common Vulnerability Scoring System: ==================================== 3.8 Product & Service Introduction: =============================== Oracle Business Intelligence Mobile HD brings new capabilities that allows users to make the most of their analytics information and leverage their existing investment in BI. Oracle Business Intelligence Mobile for Apple iPad is a mobile analytics app that allows you to view, analyze and act on Oracle Business Intelligence 11g content. Using Oracle Business Intelligence Mobile, you can view, analyze and act on all your analyses, dashboards, scorecards, reports, alerts and notifications on the go. Oracle Business Intelligence Mobile allows you to drill down reports, apply prompts to filter your data, view interactive formats on geo-spatial visualizations, view and interact with Dashboards, KPIs and Scorecards. You can save your analyses and Dashboards for offline viewing, and refresh them when online again; thus providing always-available access to the data you need. This app is compatible with Oracle Business Intelligence 11g, version 126.96.36.199.2BP1 and above. (Copy of the Vendor Homepage: http://www.oracle.com/technetwork/middleware/bi-foundation/bi-mobile-hd-1983913.html ) (Copy of the APP Homepage: https://itunes.apple.com/us/app/oracle-business-intelligence/id534035015 ) Abstract Advisory Information: ============================== The Vulnerability Laboratory Research Team discovered an application-side validation web vulnerability in the official Oracle Business Intelligence Mobile HD v188.8.131.52.0.2420 iOS web-application. Vulnerability Disclosure Timeline: ================================== 2014-10-27: Researcher Notification & Coordination (Benjamin Kunz Mejri - Evolution Security GmbH) 2014-11-01: Vendor Notification (Oracle Sec Alert Team - Acknowledgement Program) 2015-02-25: Vendor Response/Feedback (Oracle Sec Alert Team - Acknowledgement Program) 2015-04-15: Vendor Fix/Patch (Oracle Developer Team) 2015-05-01: Bug Bounty Reward (Oracle Sec Alert Team - CPU Bulletin Acknowledgement) 2015-05-06: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Oracle Product: Business Intelligence Mobile HD 184.108.40.206.0.2420 Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ The Vulnerability Laboratory Research Team discovered an application-side validation web vulnerability in the official Oracle Business Intelligence Mobile HD v220.127.116.11.0.2420 iOS web-application. The vulnerability is located in the input field of the dasboard file export name value of the local save (lokal speichern) function. After the injection of a system specific command to the input field of the dasboard name the attacker is able to use the email function. By clicking the email button the script code gets wrong encoded even if the attachment function is activated for pdf only. The wrong encoded input of the lokal save in the mimeAttachmentHeaderName (mimeAttachmentHeader) allows a local attacker to inject persistent system specific codes to compromise the integrity of the oracle ib email function. In case of the scenario the issue get first correct encoded on input and the reverse encoded inside allows to manipulate the mail context. Regular the function is in use to get the status notification mail with attached pdf or html file. For the tesings the pdf value was activated and without html. The security risk of the filter bypass and application-side input validation web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.8. Exploitation of the persistent web vulnerability requires a low privilege web application user account and low user interaction. Successful exploitation of the vulnerability results in session hijacking, persistent phishing, persistent external redirects, persistent load of malicous script codes or persistent web module context manipulation. Vulnerable Module(s): [+] Lokal speichern - Local save Vulnerable Parameter(s): [+] mimeAttachmentHeaderName (mimeAttachmentHeader) Affected Service(s): [+] Email - Local Dasboard File Proof of Concept (PoC): ======================= The application-side vulnerability can be exploited by local privilege application user accounts with low user interaction. For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. Manual reproduce of the vulnerability ... 1. Install the oracle business intelligence mobile hd ios app to your apple device (https://itunes.apple.com/us/app/oracle-business-intelligence/id534035015) 2. Register to your server service to get access to the client functions 2. Click the dashboard button to access 3. Now, we push top right in the navigation the local save (lokal speichern) button 4. Inject system specific payload with script code to the lokal save dashboard filename input field 5. Switch back to the app index and open the saved dashboard that as been saved locally with the payload (mimeAttachmentHeaderName) 6. Push in the top right navigation the email button 7. The mail client opens with the wrong encoded payload inside of the mail with the template of the dashboard 8. Successful reproduce of the security vulnerability! PoC: Email - Local Dasboard File <meta http-equiv="content-type" content="text/html; "> <div>"><[PERSISTENT INJECTED SCRIPT CODE!]"></x></div><div><br><br></div><br> <fieldset class="mimeAttachmentHeader"><legend class="mimeAttachmentHeaderName">"><"x">%20<[PERSISTENT INJECTED SCRIPT CODE!]>.html</legend></fieldset><br> Solution - Fix & Patch: ======================= The vulnerability can be patched by a secure restriction and filter validation of the local dashboard file save module. Encode the input fields and parse the ouput next to reverse converting the context of the application through the mail function. The issue is not located in the apple device configuration because of the validation of the mimeAttachmentHeaderName in connection with the email function is broken. Security Risk: ============== The security risk of the application-side input validation web vulnerability in the oracle mobile application is estimated as medium. (CVSS 3.8) Credits & Authors: ================== Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (firstname.lastname@example.org) [www.vulnerability-lab.com] Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.evolution-sec.com Contact: email@example.com - firstname.lastname@example.org - email@example.com Section: magazine.vulnerability-db.com - vulnerability-lab.com/contact.php - evolution-sec.com/contact Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php Programs: vulnerability-lab.com/submit.php - vulnerability-lab.com/list-of-bug-bounty-programs.php - vulnerability-lab.com/register/ Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (firstname.lastname@example.org or email@example.com) to get a permission. Copyright © 2015 | Vulnerability Laboratory - Evolution Security GmbH ™ -- VULNERABILITY LABORATORY - RESEARCH TEAM SERVICE: www.vulnerability-lab.com CONTACT: firstname.lastname@example.org PGP KEY: http://email@example.com%280x198E9928%29.txt Source
l-am primit in casuta spam de la acest individ care ma crede idiot, a mai primit cineva atata generozitate?? :"> Dear Friend, email: firstname.lastname@example.org We want to transfer to overseas ($15,300.000.00 USD) I want to ask you to quietly look for a reliable and honest person who will be capable and fit to provide either an existing bank account or to set up a new Bank account immediately to receive this money, even an empty account can serve to receive this funds quietly.I am revealing this to you with believe in God that you will never let me down in this business, you are the first and the only person that I am contacting for this business, so please reply urgently so that I will inform you the next step to take urgently.email: email@example.com Send also your private telephone and fax number including the full details of the account to be used for the deposit. I need your full cooperation to make this work fine. because the management is ready to approve this payment to any foreigner who has correct information of this account, which I will give to you, upon your positive response and once I am convinced that you are capable and will meet up with instruction of a key bank official who is deeply involved with me in this business.At the conclusion of this business, you will be given 40% of the total amount, while 60% will be for me as pioneer of this business.I look forward to your earliest reply with re-confirm below information's.email: firstname.lastname@example.org (1)Full names:email: email@example.com (2)Occupation: (3)Age and Sex: (4)Marital Status: (5)Private phone number: (6)Current residential address: (7) Copy of your International passport or any Identity Card. Pls reply through my private email: firstname.lastname@example.org Sincerely, Best regard Mr.mohamad Hassan Mesaju in totalitate vine de la email@example.com cine vrea sa-i arda un flood bomb e invitatul meu