Archive for March, 2008

security advisory: Elastic Path Unrestricted Filesystem Access

Monday, March 10th, 2008

Elastic Path is a popular Java e-commerce platform for building online stores and shopping carts. Elastic Path consists of both a shopping front end where customers can browse and choose the products and a managing backend for administration purposes.

Users of the administrative interface can be granted different levels of access. Research revealed that users with upload/download privileges could abuse them to gain access to arbitrary files in the remote system (read the security advisory - mirror #1, mirror #2).

update: a link to the patch is available in Elastic Path Developer’s site (thanks to d-dub).
update: this vulnerability has been assigned the following CVE number: CVE-2008-1606.
(more…)

Posted in Advisories | 2 Comments »

dradis v1.1 is out

Friday, March 7th, 2008

A new version of dradis, the information sharing tool for security teams, was released on the 29th of February. Some major changes were introduced from the first release back on December:-

  • New client GUI that runs in Linux, Windows and Mac OS (screenshots).
  • New web interface.
  • Improved step-by-step installation instructions.
  • New contributed modules:
    • Export your Knowledge Base to an XML file.
    • run nmap from dradis and store the results in the knowledge base.

If you want to give it a try, go to the download page. And please let me know any thoughts or feedback (remember that you can use the dradis development mailing list: dradis-devel).
(more…)

Posted in Tools | No Comments »