Disposable mail security updates for 29 April – 10 minute mail

For continuous coverage, we push out major Disposable mail security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.

 

CVE-2020-11514: WordPress seo-by-rank-math Privilege Escalation

Rank Math is a WordPress SEO plugin with over 200,000 installations. Most recently, a critical RCE vulnerability was discovered that allowed an unauthenticated attacker to update arbitrary metadata, which includes the ability to grant or revoke administrative privileges for any registered user on the site.

A more detailed code analysis on the vulnerability can be found here:
https://www.wordfence.com/blog/2020/03/critical-vulnerabilities-affecting-over-200000-sites-patched-in-rank-math-seo-plugin/

Atlassian Confluence Knowledge Base Exposure

There have been numerous write-ups on the exposure of internal company documentation and web pages. As more and more companies are migrating online due to COVID-19, this issue is becoming more prevalent. Most recently, Crowdsource has implemented a module that checks Atlassian Confluence instances for the public exposure of their internal wikis.

CVE-2020-11455: LimeSurvey Path Traversal

LimeSurvey is a free and open-source online survey tool. Recently, it was found that a path traversal vulnerability was found in the software that would allow an attacker to read sensitive data from the server.

 

Questions or comments on the latest Disposable mail security updates? Let us know in the comments below.

Begin a scan for the latest vulnerabilities today. Start a free trial with Disposable mail here!

Already have an account? Login to check your assets.

Disposable mail is a continuous web vulnerability scanner service and we release Disposable mail security updates at least bi-weekly. Disposable mail offers a crowdsource-powered testbed of 2000+ known vulnerabilities including the OWASP Top 10. Check for the latest vulnerabilities!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Disposable mail security updates for 16 April – 10 minute mail

For continuous coverage, we push out major Disposable mail security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.

 

CVE-2020-7961: Liferay Portal Unauthenticated RCE

Liferay is an enterprise portal that allows the use of corporate extranets and intranets. Most recently, a JSON Object deserialization issue has been found that would allow an attacker to execute arbitrary code. 

The vulnerability is described further here: https://codewhitesec.blogspot.com/2020/03/liferay-portal-json-vulns.html

Adobe AEM Flush Dispatcher DoS

An interesting report was submitted to the Crowdsource team that showed a very simple way to invalidate or flush cached pages without any rate limiting in Adobe Experience Manager. If done repeatedly, this can lead to Denial of Service attacks.

CVE-2020-8509: Zoho ManageEngine Desktop Central Unauthenticated PDF Servlet Access

Zoho ManageEngine Desktop Central is an endpoint management solution that helps to manage servers, laptops, desktops, smartphones, and tablets from a central location. A Crowdsource researcher, is credited with finding an unauthenticated servlet access vulnerability, which allows unauthenticated users to access PDFGenerationServlet, that can lead to sensitive information disclosure.

Questions or comments on the latest Disposable mail security updates? Let us know in the comments below.

Begin a scan for the latest vulnerabilities today. Start a free trial with Disposable mail here!

Already have an account? Login to check your assets.

Disposable mail is a continuous web vulnerability scanner service and we release Disposable mail security updates at least bi-weekly. Disposable mail offers a crowdsource-powered testbed of 1500+ known vulnerabilities including the OWASP Top 10. Check for the latest vulnerabilities!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Server-side Javascript Injections and more! – 10 minute mail

Today’s updates fill the needs of many of you out there! You asked for it, and now it’s in the Disposable mail engine! Here’s a breakdown on the stuff we’ve put in:

Verify domain ownership with Google Analytics

Having trouble editing your code? Don’t want to upload files? No problem! You can now verify the ownership of your domain using your Google Analytics account. Try it out in the dashboard or in the sign up!

National Vulnerability Database

Our fingerprinting has been extended using the U.S national vulnerability database. Disposable mail will now try known vulnerabilities based on the versions we fingerprint from your domain. We will then warn you when there’s a security issue in the version you’re using.

Server-Side JavaScript Injections

We have now a feature for pentesting server side JavaScript. That means, we are able to find NoSQL injections in MongoDB, code execution flaws in Node.JS and other flaws in exotic server-side JS-technologies.

Content-Security-Policy

Our site at detectify.com now sends a Content-Security-Policy header. Content-Security-Policy is a header for security that allows website owners to declare from what sources the users may load content from. Read more about Content Security Policy here.

Download report

Yes, we finally added support for downloading your reports as PDF files, conveniently making them accessible offline. The design of the PDF reports is still in progress and if you have any issues/suggestions, feel free to mail us about it at [email protected]!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Disposable mail Responsible Disclosure Program | Disposable mail Blog – 10 minute mail

As of today, researchers can report security issues in Disposable mail services to earn a spot on our Hall of Fame as well as some cool prizes. The Disposable mail team has participated in most Responsible Disclosure programs out there and we felt the time is here to have one of our own.

But our service is made for finding web vulnerabilities, how come we need a Disclosure program? Well. Even though our services are based around finding security bugs in web applications, we are not as naive as to think that our own applications are 100% flawless. We take security issues seriously and will respond swiftly to fix verifiable security issues. If you are the first to report a verifiable security issue, we’ll thank you with some cool stuff and a place at our hall of fame page.

How does the reporting process work?

It’s a 5 step process:

  • A researcher sends a mail using the correct template to [email protected]
  • The researcher will get an automatic response confirming that we have acquired the issue
  • A support case is automatically created
  • The person assigned to the support case responds to the researcher, verifying the issue
  • The issue is patched and the researcher is showered in eternal

What bugs are eligible?

Any typical web security bugs such as:

  • Cross-site Scripting
  • Open redirect
  • Cross-site request forgery
  • File inclusion
  • Authentication bypass
  • Server-side code execution

What bugs are NOT eligible?

Any typical low impact/too high complexity such as:

  • Missing Cookie flags on non-session cookies or 3rd party cookies
  • Logout CSRF
  • Social engineering
  • Denial of service
  • SSL BEAST/CRIME/etc

So what are you waiting for?

Sign up for Disposable mail here.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Major updates to Disposable mail | Disposable mail Blog – 10 minute mail

We are releasing multiple major changes to Disposable mail and this is the beginning of the new Disposable mail. Many hours have been invested in a new and improved UI. There are also multiple changes under the hood in the core of the service, e.g., updated engine to better handle JS-based pages.

New user interface

The ambition with the new UI is to create a flexible design where it is easier for us introduce new functionality to our users. The release plan is packed with features that will help you as a developer and security tester.

We have introduced new features for improved usability, e.g.,

  • Scanning behind login and testing of predefined user flows (e.g., check-out flows)
  • Released the API for you to build integrations into your development tools

Improved coverage of new and updated attack vectors

New and updated modules for vulnerability testing in this release are e.g., CSRF (testing of forms), SSL Breach, Flash content sniffing (Rosetta Flash), DNS SPF (fake the sender of e-mails), DNSSEC tests, CSS parser and for all of you with internal legacy systems, VBS. An update of our JS-engine brings improved coverage of DOM-based XSS.

Set-up recurring testing

Don’t forget to set up recurring scanning of your site to make sure you are always tested for new security issues. New attack vectors are constantly being identified and we release new versions of the scanner frequently.

Do you feel that something is missing from Disposable mail or have general comment? Hit us up at @detectify or [email protected] We are aiming to improve Disposable mail and make the Internet a safer place.

Happy scanning!


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Release 2015-03-13 | Disposable mail Blog – 10 minute mail

We do frequent updates to the Disposable mail tool, however in the past we have not been transparent with the updates. We are typically releasing a new version every two weeks with new functionality and is now planning to provide a bit more information after each release.

Major updates this time were

  • Complete rewrite of the trail feature. Newer trails will be able to login/logout and perform business-logic tests even with CSRF activated. Update your Chrome plugin!
  • Complete rewrite of the DNS enumeration module. We’ll now bruteforce ~5000 common domain names instead of the 600 we’ve used previously. Although HTTP VHOST scanning will still use the previous subset of 600 common names.

In addition we did also update

  • Added a RPO module based on the research from Soroush Dalili (@irsdl).
  • Added a module for identifying “trace.axd” in misconfigured IIS installations.
  • Added a Magento XXE plugin (https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20120712-0_Magento_eCommerce_xxe_injection.txt). It’s surprising to see how many that haven’t updated for the past three years.
  • Added GHOST vulnerability checks for various CMS’es.
  • Added checks for RFC1918 violations and the security implications of misconfigured domains.
  • Added a separate finding for SSL FREAK. It would previously still stand out as “SSL Deprecated Cipher Suites”, but export ciphers will now go by the label of “SSL FREAK (CVE-2015-0204)”.

False positive improvements (thanks for your reports)

  • CloudFlare users with the WAF activated would get false positives in their reports on boolean-based (blind) SQL injection attacks.
  • Tumblr & Google Tag Manager in the “Small/Hidden frames”-findings.
  • Overly sensitive SQL error patterns.
  • “Unencrypted Login”-finding.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Release 2015-03-27: Two static scanner IPs – 10 minute mail

A lot of people have requested a list of IPs they can whitelist in their firewall and blacklist in their analytics program. Before this release our scanners could come from any Amazon IP in Ireland. Now all traffic is always coming from the same source!

The two IPs you’ll see our scanners coming from are:

We have also updated our knowledge base to cover this: http://support.detectify.com/customer/portal/articles/1758075-scanner-ip-ranges

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Release 2015-05-13: New report layout and large changes under the hood – 10 minute mail

The last few months we have put a lot of effort in improving our backend. From the outside the main change is the new format for the reports. The reports now contains both better and more data than before. Here are some highlight from the changes.

Clear finding summary

We have made a summary for each finding which highlights more clearly what is vulnerable and to what. This include a basic overview of the vulnerability with location, severity, a description and an increasing list of remediation tips.

Report top

This short summary is most of the time all that is needed to understand and patch a finding.

Access to more details

It’s now possible to see exactly what was sent to a server and what it responded with. This sometimes makes it easier to understand the problem, recreate a finding and remediate the vulnerability.

Report details

New vulnerability tests

And as always a new set of vulnerabilities and improvements for existing tests are included.

A bright future

This was a first step towards a lot of changes that are coming. We have completely changed the data model and the architecture. This will make it much easier for us to build additional services for e.g. monitoring and integrations with your favorite tools. Keep an eye out for future updates!

Just login and run a new scan to check it out! Old reports will keep the old format

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Release 2015-05-27: New Magento exploits and the start of workflow capabilities – 10 minute mail

You are now starting to see some of results of the updated backend. The introduction of the first step towards a workflow tool with tags. We did include multiple Magento specific vulnerabilities. Our phpMyAdmin modules also got an update.

Workflow

The plan forward is to make Disposable mail an integrated part of the workflow. It will be possible to flag, export and assign individual findings. The first step is that you are now able to mark individual post at resolved. Work your way down the list of vulnerabilities and improve the security of for web app.

Mark fixed

Magento vulnerabilities

Multiple Magento-specific vulnerabilities were included in this release. Some of the included are:

  • Magento Shoplift SQL Injection
  • Magento SWF “bridgeName” XSS
  • Magento MAGMI XSS & LFI
  • Magento Admin Panel XSS’es

The Shoplift vulnerability allows a remote attacker to gain full control over the target system and impacts almost two hundred thousand Magento e-commerce shops. We’ve added a test to spot vulnerable installations. If you run a Magento e-commerce website run at test with Disposable mail. Visit http://magento.com/security-patch for further information

phpMyAdmin updates

phpMyAdmin is still one of the most common tools for administrating MySQL on the internet, and many people forget to update it. We’ve massively improved our collection of exploits towards older PMA installations. Some of the updates are:

  • phpMyAdmin Remote Code Execution through setup.php
  • phpMyAdmin “ServerSync” Backdoor
  • phpMyAdmin Directory Listing through db_details_importdocsql.php
  • phpMyAdmin Local File Inclusion through export.php
  • phpMyAdmin Local File Inclusion through grab_globals.lib.php

 

Just login and run a new scan to check it out! Also, don’t forget to keep an eye on our Magento security page to stay updated.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.