Security News

Bugtraq: Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888)

Security Focus Vulnerabilities - 4 min 32 sec ago
Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888)

Bugtraq: [SECURITY] [DSA 4633-1] curl security update

Security Focus Vulnerabilities - 4 min 32 sec ago
[SECURITY] [DSA 4633-1] curl security update

Bugtraq: LPE and RCE in OpenSMTPD's default install (CVE-2020-8794)

Security Focus Vulnerabilities - 4 min 32 sec ago
LPE and RCE in OpenSMTPD's default install (CVE-2020-8794)

Bugtraq: Local information disclosure in OpenSMTPD (CVE-2020-8793)

Security Focus Vulnerabilities - 4 min 32 sec ago
Local information disclosure in OpenSMTPD (CVE-2020-8793)

More rss feeds from SecurityFocus

Security Focus Vulnerabilities - 4 min 32 sec ago
News, Infocus, Columns, Vulnerabilities, Bugtraq ...

[SYSS-2019-047] Micro Focus Vibe - Cross-Site Scripting (CVE-2020-9520)

Full Disclosure - 27 March, 2020 - 13:01

Posted by Vladimir Bostanov on Mar 27

Advisory ID: SYSS-2019-047
Product: Micro Focus Vibe (formerly Novelle Vibe)
Manufacturer: Micro Focus International plc
Affected Version(s): 4.0.6
Tested Version(s): 4.0.6
Vulnerability Type: Cross-Site Scripting (CWE-79)
Risk Level: Medium
Solution Status: Fixed
Manufacturer Notification: 2019-11-07
Solution Date: 2020-03-24
Public Disclosure: 2020-03-25
CVE Reference: CVE-2020-9520
Author of Advisory: Dr. Vladimir Bostanov, SySS GmbH...

[SYSS-2019-046] Micro Focus Vibe - HTML Injection

Full Disclosure - 27 March, 2020 - 13:01

Posted by Vladimir Bostanov on Mar 27

Advisory ID: SYSS-2019-046
Product: Micro Focus Vibe (formerly Novelle Vibe)
Manufacturer: Micro Focus International plc
Affected Version(s): 4.0.6
Tested Version(s): 4.0.6
Vulnerability Type: HTML Injection (CWE-79)
Risk Level: Low
Solution Status: Fixed
Manufacturer Notification: 2019-11-07
Solution Date: 2020-03-24
Public Disclosure: 2020-03-25
CVE Reference: Not assigned
Author of Advisory: Dr. Vladimir Bostanov, SySS GmbH...

Defense in depth -- the Microsoft way (part 65): unsafe, easy to rediect paths all over

Full Disclosure - 27 March, 2020 - 12:44

Posted by Stefan Kanthak on Mar 27

Hi @ll,

Microsoft still registers LOTS of DLLs (which implement COM classes,
cryptography service providers, services etc.) as well as command lines
with paths containing the (pre-defined) environment variables %windir%,
%SystemRoot%, %ProgramFiles%, %CommonProgramFiles%, %ProgramFiles(x86)%
and %CommonProgramFiles(x86)%.

For example, Windows Defender shipped with Windows Vista and newer versions
of Windows, installs a COM class which...

Defense in depth -- the Microsoft way (part 64): Windows Defender loads and exeutes arbitrary DLLs

Full Disclosure - 27 March, 2020 - 12:44

Posted by Stefan Kanthak on Mar 27

Hi @ll,

in September 2017, Microsoft relocated many executable files of Windows
Defender from the directory "%ProgramFiles%\Windows Defender\" to
"%ProgramData%\Microsoft\Windows Defender\platform\<version>\": see
<https://support.microsoft.com/en-us/help/4052623/update-for-windows-defender-antimalware-platform>

JFTR: if Microsoft were only capable to understand English language and
notice the difference...

APPLE-SA-2020-03-25-2 iCloud for Windows 7.18

Full Disclosure - 27 March, 2020 - 12:42

Posted by Apple Product Security via Fulldisclosure on Mar 27

APPLE-SA-2020-03-25-2 iCloud for Windows 7.18

iCloud for Windows 7.18 is now available and addresses the following:

libxml2
Available for: Windows 7 and later
Impact: Multiple issues in libxml2
Description: A buffer overflow was addressed with improved size
validation.
CVE-2020-3910: LGTM.com

libxml2
Available for: Windows 7 and later
Impact: Multiple issues in libxml2
Description: A buffer overflow was addressed with improved bounds
checking....

APPLE-SA-2020-03-25-1 iCloud for Windows 10.9.3

Full Disclosure - 27 March, 2020 - 12:42

Posted by Apple Product Security via Fulldisclosure on Mar 27

APPLE-SA-2020-03-25-1 iCloud for Windows 10.9.3

iCloud for Windows 10.9.3 is now available and addresses the
following:

libxml2
Available for: Windows 10 and later via the Microsoft Store
Impact: Multiple issues in libxml2
Description: A buffer overflow was addressed with improved size
validation.
CVE-2020-3910: LGTM.com

libxml2
Available for: Windows 10 and later via the Microsoft Store
Impact: Multiple issues in libxml2
Description: A buffer...

CVE-2019-4716: conf overwrite + auth bypass = rce as root / SYSTEM on IBM PA / TM1

Full Disclosure - 27 March, 2020 - 12:42

Posted by Pedro Ribeiro on Mar 27

Hi,

Here's a fun one I have been working on for some time.
tl;dr IBM PA / TM1, dating back to 2014, maybe 2009 is vulnerable to a unauthenticated configuration overwrite; this is
abused to "fake authenticate" to it, and finally execute code as root / SYSTEM using TM1 scripting.

Advisory below, permalink in:
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/ibm-tm1-rce.txt

Exploit:...

New tool: nullscan v1.0.0 - A modular framework designed to chain and automate security tests

Full Disclosure - 27 March, 2020 - 12:41

Posted by Levon Kayan on Mar 27

Howdy,

We've just released nullscan v1.0.0, a modular framework designed to
chain and automate security tests. It's a beast and highly recommended
to learn and use it. :)

Here are some details:

[ Description ]

A modular framework designed to chain and automate security tests. It
parses target definitions from the command line and runs corresponding
modules and their nullscan-tools afterwards. It can also take hosts and
start nmap...

CVE-2019-19913

Full Disclosure - 27 March, 2020 - 12:41

Posted by Georg Ph E Heise via Fulldisclosure on Mar 27

codeBeamer – Stored Cross-Site Scripting

===============================================================================

Identifiers

-------------------------------------------------

* CVE-2019-19913

CVSSv3 score

-------------------------------------------------

6.4
([AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H&version=3.1))

Vendor...

CVE-2019-19912

Full Disclosure - 27 March, 2020 - 12:41

Posted by Georg Ph E Heise via Fulldisclosure on Mar 27

codeBeamer – Stored Cross-Site Scripting

===============================================================================

Identifiers

-------------------------------------------------

* CVE-2019-19912

CVSSv3 score

-------------------------------------------------

6.4 (AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H)

Vendor

-------------------------------------------------

Intland – Codebeamer (https://codebeamer.com)

Product...

Re: Command And Control

Daily Dave - 26 March, 2020 - 09:59

Posted by Moses Frost on Mar 26

As I sit here in my pseudo shelter in place status about 40 miles north of
you, I am releasing all of my long held thoughts of the past as I mindly
remote work in front of a WebEx/Zoom/Slack/GoToMeeting/etc hoping to
contact with actual lifeforms one day outside of the few that I live with.
While all this is happening I was mulling over the realization of a few
things.

1. The biggest threat to an organization happened during the big migration...

Command And Control

Daily Dave - 25 March, 2020 - 15:10

Posted by Dave Aitel on Mar 25

I just listened to a webinar on threat hunting. It's a thing you can do.
Anyways, at one point the presenter talked about how he really preferred to
threat hunt by looking at network protocols for threat hunting, and he
focused on beaconing and C2.

Every time someone says that, I flash back to this amazing post from
BitDefender, which is about how Flame did C2 over USB....

Re: The best bugclass is whatever the defender is most mentally invested in

Daily Dave - 25 March, 2020 - 08:32

Posted by Laura on Mar 25

ESSAY: What if AI waged war?

The Fatal Flaw
<https://jessicaanneeise.files.wordpress.com/2019/05/what-if-ai-waged-war_eise_creative-writing.pdf
>,
by Jessica Eise (Short Story)

HP ThinPro - Privileged command injection

Full Disclosure - 25 March, 2020 - 00:37

Posted by Eldar Marcussen on Mar 24

HP ThinPro - Privileged command injection
===============================================================================

Identifiers
-------------------------------------------------
* CVE-2019-18910

CVSSv3 score
-------------------------------------------------
7.6 (AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L)

Vendor
-------------------------------------------------
HP - [https://www.hp.com](https://www.hp.com)

Product...

HP ThinPro - Citrix command injection

Full Disclosure - 25 March, 2020 - 00:37

Posted by Eldar Marcussen on Mar 24

HP ThinPro - Citrix command injection
===============================================================================

Identifiers
-------------------------------------------------
* CVE-2019-18909

CVSSv3 score
-------------------------------------------------
6.1 (AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)

Vendor
-------------------------------------------------
HP - [https://www.hp.com](https://www.hp.com)

Product...
Syndicate content