SOLDIERX.COM Nobody Can Stop Information Insemination

Posted by SEC Consult Vulnerability Lab on Nov 30

SEC Consult Vulnerability Lab Security Advisory < 20181130-0 >
=======================================================================
title: Multiple Vulnerabilities
product: Siglent Technologies SDS 1202X-E Digital Oscilloscope
vulnerable version: V5.1.3.13
fixed version: -
CVE number: -
impact: High
homepage: http://siglenteu.com/...

Posted by Rafael Pedrero on Nov 30

Vulnerability found in 2009.

<!--
# Exploit Title: Security Bypass Access Control Vulnerability in Tarantella
Enterprise before 3.11
# Date: 30-11-2018
# Exploit Author: Rafael Pedrero
# Vendor Homepage: Homepage: http://www.sun.com/ & http://www.oracle.com/
# Software Link: the product is discontinued (vulnerability found in 2009)
# Version: Tarantella Enterprise before 3.11
# Tested on: All
# CVE : CVE-2018-19754
# Category: webapps

1....

Posted by Rafael Pedrero on Nov 30

Vulnerability found in 2009.

<!--
# Exploit Title: Directory Traversal in Tarantella Enterprise before 3.11
# Date: 30-11-2018
# Exploit Author: Rafael Pedrero
# Vendor Homepage: Homepage: http://www.sun.com/ & http://www.oracle.com/
# Software Link: the product is discontinued (vulnerability found in 2009)
# Version: Tarantella Enterprise before 3.11
# Tested on: All
# CVE : CVE-2018-19753
# Category: webapps

1. Description

Tarantella...

Posted by Imre Rad on Nov 30

Product:
"KNC is Kerberised NetCat. It works in basically the same way as either
netcat or stunnel except that it is uses GSS-API to secure the
communication. You can use it to construct client/server applications while
keeping the Kerberos libraries out of your programs address space quickly
and easily."

Official page:
http://oskt.secure-endpoints.com/knc.html

Source code repository:
https://github.com/elric1/knc/

Vulnerability:
knc...

Posted by Maxim Khazov via Fulldisclosure on Nov 30

Moxa NPort W2x50A products with firmware version 2.1 Build_17112017 or lower are vulnerable to several authenticated OS
Command Injection vulnerabilities:

#1 Authenticated OS Command Injection in web server ping functionality

Reserverd CVE ID: CVE-2018-19659

A specially crafted HTTP POST request to /goform/net_WebPingGetValue can result in running OS commands as the root
user. Exploitation required authentication. This is similar to...

Posted by Black Arch on Nov 30

Black Arch <blackarchlinux () gmail com>
Thu, May 31, 12:47 AM
to fulldisclosure

Dear list,

We've released the new BlackArch Linux ISOs and OVA image (version:
2018.12.01) along with many many improvements. They include more than
2050 tools now. The armv6h, armv7h and aarch64 repositories are filled
with about 1950 tools.

A ChangeLog of the Live-ISO-2018.12.01:

- added more than 150 new tools
- enabled wicd service by default...

Posted by Rafael Pedrero on Nov 27

<!--
# Exploit Title: Impersonation may lead to incorrect user context in Remedy
AR System Server in BMC Remedy 7.1
# Date: 23-11-2018
# Exploit Author: Rafael Pedrero
# Vendor Homepage: http://www.bmc.com/
# Software Link: http://www.bmc.com/
# Version: Impersonation may lead to incorrect user context in Remedy AR
System Server in BMC Remedy 7.1
# Tested on: all
# CVE : 1CVE-2018-19505
# Category: webapps

1. Description

Remedy AR System...

Posted by Poyo VL via Fulldisclosure on Nov 27

XSS Fuzzer is a simple application written in plain HTML/JavaScript/CSS which generates XSS payloads based on
user-defined vectors using multiple placeholders which are replaced with fuzzing lists.
It offers the possibility to just generate the payloads as plain-text or to execute them inside an iframe. Inside
iframes, it is possible to send GET or POST requests from the browser to arbitrary URLs using generated payloads.
XSS Fuzzer is a...

Posted by Eitan Caspi via Fulldisclosure on Nov 27

Original, as HTML with images, was posted at LinkedIn -
https://www.linkedin.com/pulse/vulnerability-feature-zendesk-customer-act-now-eitan-caspi/And also at my security blog
- https://fudie.net/it-is-not-a-vulnerability-it-is-a-feature-a-zendesk-customer-act-now/

I am not a Zendesk expert but I have seen enough. Here is my story.
The short version:
If in your ZD settings the check box of “Require authentication to download” (in the site...

Posted by advisories on Nov 27

SecureAuth - SecureAuth Labs Advisory
http://www.secureauth.com/

Cisco WebEx Meetings Elevation of Privilege Vulnerability

1. *Advisory Information*

Title: Cisco WebEx Meetings Elevation of Privilege Vulnerability
Advisory ID: CORE-2018-0011
Advisory URL: http://www.secureauth.com/labs/advisories/cisco-webex-meetings-elevation-privilege-vulnerability
Date published: 2018-11-27
Date of last update: 2018-11-27
Vendors contacted: Cisco
Release...

Posted by Rafael Pedrero on Nov 23

<!--
# Exploit Title: Cross Site Scripting in Oracle Secure Global Desktop
Administration Console - 4.4; Build: 20080807152602
# Date: 22-11-2018
# Exploit Author: Rafael Pedrero
# Vendor Homepage: http://www.oracle.com/
# Software Link: http://www.oracle.com/
# Version: Oracle Secure Global Desktop Administration Console - 4.4;
Build: 20080807152602
# Tested on: all
# CVE : CVE-2018-19439
# Category: webapps

1. Description

Cross Site...

Posted by Rafael Pedrero on Nov 23

Hi!!

8 years ago, I discovered this vulnerability, CVE-2010-1910, and now, you
can see the details.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1910

The login page, "/sdcxuser/asp/login.asp", had a commented access to the
page that allowed to change the password of any user, with a link with text
"Forgot your password".

The link that had the vulnerability was: "/adccommonn/asp/forgotpass.asp".

You...

Posted by SEC Consult Vulnerability Lab on Nov 21

An additional blog post has been published on this topic as well:

English version: https://r.sec-consult.com/governikus

German version: https://r.sec-consult.com/gov

SEC Consult Vulnerability Lab Security Advisory < 20181121-0 >
=======================================================================
title: Signature Bypass / Authentication Bypass
product: Governikus Autent SDK
vulnerable version: <=3.8.1...

Posted by SEC Consult Vulnerability Lab on Nov 21

SEC Consult Vulnerability Lab Security Advisory < 20181116-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: Miss Marple Enterprise Edition
vulnerable version: <2.0
fixed version: 2.0
CVE number: CVE-2018-19233, CVE-2018-19234
impact: Critical
homepage: www.comparex-group.com
found:...

Posted by SEC Consult Vulnerability Lab on Nov 21

SEC Consult Vulnerability Lab Security Advisory < 20181114-0 >
=======================================================================
title: Denial of Service
product: Microsoft Skype for Business 2016 / Lync 2013
vulnerable version: Microsoft Skype for Business 2015 (Lync 2013) before
v15.0.5075.1000
Skype for Business 2016: before v16.0.4756.1000
fixed version:...

Posted by Trvon via Fulldisclosure on Nov 20

We are pleased to announce that Carolina Con 15 will be hosted in Charlotte at the Renaissance Charlotte Suites April
26th through the 28th in 2019.

All interested in speaking to any topic in the realm of hacking, technology, science, robotics or any related field are
invited to submit a proposal to speak at the con.

A proposal should include the following:

- Name or handle/alias
- Presentation name
- A brief abstract about 1-2 paragraphs
-...

Posted by Stefan Kanthak on Nov 20

Hi @ll,

this is the second part of
<https://seclists.org/fulldisclosure/2018/Nov/45>

Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver
for Windows 10 and Windows Server 2016, version 16.0.2.1086 (Latest),
released 2/21/2018, available from
<https://downloadcenter.intel.com/download/27681/Intel-Rapid-Storage-Technology-Intel-RST-User-Interface-and-Driver>,
as well as the previous version 15.9.0.1015 (Previously...

Posted by secure on Nov 20

Hash: SHA256

DSA-2018-155: Dell EMC Avamar and Integrated Data Protection Appliance Command Injection Vulnerability

Dell EMC Identifier: DSA-2018-155

CVE Identifier: CVE-2018-11077

Severity: Medium

Severity Rating: CVSS v3 Base Score 6.7 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Affected products:

Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1

Dell EMC Integrated Data Protection Appliance...

Posted by secure on Nov 20

DSA-2018-154: Dell EMC Avamar and Integrated Data Protection Appliance Information Exposure Vulnerability

Dell EMC Identifier: DSA-2018-154

CVE Identifier: CVE-2018-11076

Severity: High

Severity Rating:
CVSS v3 Base Score: 7.9 (AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)

Affected products:
Dell EMC Avamar Server 7.2.0 and 7.2.1
Dell EMC Avamar Server 7.3.0 and 7.3.1
Dell EMC Avamar Server 7.4.0 and 7.4.1
Dell EMC Integrated Data Protection...

Posted by secure on Nov 20

DSA-2018-145: Dell EMC Avamar Multiple Vulnerabilities

Dell EMC Identifier: DSA-2018-145

CVE Identifier: CVE-2018-11066, CVE-2018-11067

Severity: Critical

Severity Rating: See Details section below of individual CVSS Scores for each CVE

Affected products:
Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1
Dell EMC Integrated Data Protection Appliance (IDPA) 2.0, 2.1 and 2.2

Summary:
Dell EMC...