Security News

Assessment

Daily Dave - 20 July, 2018 - 12:02

Posted by Dave Aitel on Jul 20

So soon after the Immunity deal closed we had this big all hands conference
call with everyone in the larger Cyxtera group on it, and Chris Day, who
runs the group I'm in, said, "Hey Dave, can you give everyone a quick
rundown as to what Immunity is, now that we're all one big team?" and I'll
be honest, I totally bombed.

Immunity has never done corporate verbiage. There's a tendency to be
extremely bland and generic...

Capstone disassembler framework v3.0.5 is out!

Daily Dave - 20 July, 2018 - 12:00

Posted by Nguyen Anh Quynh on Jul 20

Greetings,

We are very happy to announce version 3.0.5 of Capstone disassembler
framework!

In no particular order, we would like to thank CrowdStrike, CMC Infosec &
Jurriaan Bremer for sponsoring this release!

This stable version fixes some security issues in the core, as well as many
improvements, so existing users are strongly recommended to upgrade.

More details are available at http://capstone-engine.org/Version-3.0.5.html

(For those...

[CVE-2018-12998]Zoho manageengine Reflected XSS in multiple Products

Full Disclosure - 20 July, 2018 - 11:00

Posted by xiaotian.wang on Jul 20

This issue has been reported to the vendor who has already published patches for this issue.
http://opmanager.helpdocsonline.com/read-me

==========================
Advisory: Zoho manageengine Reflected XSS in multiple Products
Author: M3 From DBAppSecurity
Affected Products:
Netflow Analyzer Network Configuration Manager OpManager Oputils Opmanagerplus firewall analyzer
==========================
Proof of Concept:
==========================...

[CVE-2018-12999]Zoho manageengine Desktop Central Arbitrary File Deletion

Full Disclosure - 20 July, 2018 - 11:00

Posted by xiaotian.wang on Jul 20

This issue has been reported to the vendor who has already published patches for this issue.

==========================
Advisory: Zoho manageengine Desktop Central Arbitrary File Deletion
Author: M3 From DBAppSecurity
Affected Products:Desktop Central
==========================
Proof of Concept:
==========================

POST /agenttrayicon HTTP/1.1 Host: 192.168.1.203:8020 Accept-Encoding: gzip, deflate Accept: */* Accept-Language: en...

[CVE-2018-12997]Zoho manageengine Arbitrary File Read in multiple Products

Full Disclosure - 20 July, 2018 - 11:00

Posted by xiaotian.wang on Jul 20

This issue has been reported to the vendor who has already published patches for this issue.
http://opmanager.helpdocsonline.com/read-me

==========================
Advisory:Zoho manageengine Arbitrary File Read in multiple Products
Author: M3 From DBAppSecurity
Affected Products:
Netflow Analyzer Network Configuration Manager OpManager Oputils Opmanagerplus firewall analyzer
==========================
Proof of Concept:
==========================...

[CVE-2018-12996] Zoho manageengine Applications Manager Reflected XSS

Full Disclosure - 20 July, 2018 - 11:00

Posted by xiaotian.wang on Jul 20

This issue has been reported to the vendor who has already published patches for this issue.
https://www.manageengine.com/products/applications_manager/issues.html

==========================
Advisory:Zoho manageengine Applications Manager Reflected XSSVulnerability
Author: M3 From DBAppSecurity
Affected Version: All
==========================
Proof of Concept:
==========================...

Defense in depth -- the Microsoft way (part 56): 10+ year old security update installers are susceptiblle to 20+ year old vulnerability

Full Disclosure - 20 July, 2018 - 10:59

Posted by Stefan Kanthak on Jul 20

Hi @ll,

Microsoft released <https://support.microsoft.com/en-us/help/4336919>
"Description of the security update for the remote code execution
vulnerability in Visual Studio 2010 Service Pack 1: July 10, 2018"
some days ago.

The executable installer VS10SP1-KB4336919-x86.exe offered for
download from <https://aka.ms/vs/10/release/4336919> alias
<...

Defense in depth -- the Microsoft way (part 55): new software built with 5.5 year old tool shows 20+ year old vulnerabilities

Full Disclosure - 20 July, 2018 - 10:59

Posted by Stefan Kanthak on Jul 20

Hi @ll,

Microsoft released <https://support.microsoft.com/en-us/help/4340040/>
"July 2018 servicing release for Microsoft Desktop Optimization Pack"
some days ago.

<https://www.microsoft.com/en-us/download/details.aspx?id=57157> offers
three executable installers to update existing installations:
MBAM2.5_Client_x64_KB4340040.exe, MBAM2.5_Client_x86_KB4340040.exe and
MBAM2.5_X64_Server_KB4340040.exe

1. All three executable...

DSA-2018-130: RSA Archer® Multiple Vulnerabilities

Full Disclosure - 20 July, 2018 - 10:58

Posted by Dell EMC Product Security Response Center on Jul 20

DSA-2018-130: RSA Archer® Multiple Vulnerabilities

Dell EMC Identifier: DSA-2018-130

CVE Identifier: CVE-2018-11059, CVE-2018-11060

Severity Rating: See below for scores of individual CVEs

Severity: High

Affected Products:

RSA Archer version 6.4
RSA Archer versions 6.3.x
RSA Archer versions 6.2.x
RSA Archer versions 6.1.x

Summary:

RSA Archer has fixes available for multiple security vulnerabilities that could potentially be exploited by...

[CVE-2018-1000211] Public apps can't revoke OAuth access & refresh tokens in Doorkeeper

Full Disclosure - 20 July, 2018 - 10:57

Posted by Justin Bull on Jul 20

Good morning everyone,

A security bulletin for all of you.

Software:
--------
Doorkeeper (https://github.com/doorkeeper-gem/doorkeeper)

Description:
----------
Doorkeeper is an OAuth 2 provider for Rails written in Ruby.

Affected Versions:
---------------
4.2.0 - 4.3.2
5.0.0.rc1

Fixed Versions:
-------------
4.4.0
5.0.0.rc2

Problem:
--------

Any OAuth application that uses public/non-confidential authentication when
interacting with...

CIRITICAL code injection vulnerability in National Instruments Linux driver package

Full Disclosure - 20 July, 2018 - 10:57

Posted by Enrico Weigelt, metux IT consult on Jul 20

Hello folks,

i've recently discovered a critical vulnerability in the National
Instruments Linux driver package, which opens up an remote code
injection (software update) vulnerability.

Classification:

CRITICAL / 0day - easily exploitable

Impact:

Complete takeover of the OS itself
Takeover of (potentially critical) industrial machinery

Affected product(s):

NI Linux Device Drivers / July 2018...

Oracle WebLogic - Multiple SAML Vulnerabilities (CVE-2018-2998/CVE-2018-2933)

Full Disclosure - 20 July, 2018 - 10:53

Posted by Denis Andzakovic via Fulldisclosure on Jul 20

Oracle WebLogic - Multiple SAML Vulnerabilities (CVE-2018-2998/CVE-2018-2933)

Release URL: https://pulsesecurity.co.nz/advisories/WebLogic-SAML-Vulnerabilities
Date Released: 18/07/2018
CVE: CVE-2018-2998 CVE-2018-2933
Author: Denis Andzakovic
Vendor Website: http://www.oracle.com
Affected Software: Oracle Fusion Middleware 12c (12.2.1.3.0) WebLogic Server

--[ Description

Two vulnerabilities were discovered within the Oracle WebLogic SAML...

Capstone disassembler framework v3.0.5 is out!

Full Disclosure - 20 July, 2018 - 10:51

Posted by Nguyen Anh Quynh on Jul 20

Greetings,

We are very happy to announce version 3.0.5 of Capstone disassembler
framework!

In no particular order, we would like to thank CrowdStrike, CMC Infosec &
Jurriaan Bremer for sponsoring this release!

This stable version fixes some security issues in the core, as well as many
improvements, so existing users are strongly recommended to upgrade.

More details are available at http://capstone-engine.org/Version-3.0.5.html

(For those...

Secunia Research: Oracle Outside In Technology Multiple Vulnerabilities

Bug Traq - 20 July, 2018 - 10:20

Posted by Secunia Research on Jul 20

======================================================================

Secunia Research 2018/07/20

Oracle Outside In Technology Multiple Vulnerabilities

======================================================================
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Description of...

Secunia Research: Oracle Outside In Technology Multiple Vulnerabilities

Bug Traq - 20 July, 2018 - 09:57

Posted by Secunia Research on Jul 20

======================================================================

Secunia Research 2018/07/20

Oracle Outside In Technology Multiple Vulnerabilities

======================================================================
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Description of...

Adobe Patches Vulnerability Affecting Internal Systems

Full Disclosure - 20 July, 2018 - 07:30

Posted by Vulnerability Lab on Jul 20

Title: Adobe Patches Vulnerability Affecting Internal Systems
Source:
https://www.securityweek.com/adobe-patches-vulnerability-affecting-internal-systems

Title: Adobe on internal systems security hole
Source: https://www.theregister.co.uk/2018/07/19/adobe_internal_systems_bug/

References: Hacker Injects Arbitrary Codes to Main Lead Database of
Adobe Systems...

Secunia Research: LibRaw "parse_minolta()" Infinite Loop Denial of Service Vulnerability

Bug Traq - 20 July, 2018 - 03:58

Posted by Secunia Research on Jul 20

======================================================================

Secunia Research 2018/07/17

LibRaw "parse_minolta()" Infinite Loop
Denial of Service Vulnerability

======================================================================
Table of Contents

Affected Software....................................................1...

Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities

Bug Traq - 20 July, 2018 - 03:54

Posted by Secunia Research on Jul 20

======================================================================

Secunia Research 2018/07/17
LibRaw Multiple Denial of Service Vulnerabilities

======================================================================
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Description of...

Adobe Systems - Arbitrary Code Injection Vulnerability

Bug Traq - 20 July, 2018 - 03:47

Posted by Vulnerability Lab on Jul 20

Document Title:
===============
Adobe Systems - Arbitrary Code Injection Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2120

PSIRT ID: 7873

Vulnerability Magazine:
https://www.vulnerability-db.com/?q=articles/2018/07/19/hacker-injects-arbitrary-codes-main-lead-database-adobe-systems

Acknowledgements: (Industry Partners)
https://helpx.adobe.com/security/acknowledgements.html...

Adobe Systems - Arbitrary Code Injection Vulnerability

Full Disclosure - 19 July, 2018 - 09:20

Posted by Vulnerability Lab on Jul 19

Document Title:
===============
Adobe Systems - Arbitrary Code Injection Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2120

PSIRT ID: 7873

Vulnerability Magazine:
https://www.vulnerability-db.com/?q=articles/2018/07/19/hacker-injects-arbitrary-codes-main-lead-database-adobe-systems

Acknowledgements: (Industry Partners)
https://helpx.adobe.com/security/acknowledgements.html...
Syndicate content