SOLDIERX.COM Nobody Can Stop Information Insemination

Mozilla Firefox/Thunderbird/Firefox ESR Multiple Security Vulnerabilities

Posted by Kubilay Onur Gungor on May 19

I. VULNERABILITY
-------------------------
httpGetSet/httpGet.htm on
Emerson Network Power Liebert Challenger 5.1E0.5 devices allows XSS via the statusstr parameter.

II. CVE REFERENCE
-------------------------
CVE-2019-12167

III. VENDOR
-------------------------
Emerson Network Power

IV. TIMELINE
-------------------------
13/05/2019 Vulnerability discovered

V. CREDIT...

Posted by Marco Ivaldi on May 19

Dear Bugtraq,

Please find attached an advisory for the following vulnerability:

A buffer overflow in the DtPrinterAction::PrintActionExists() function in the
Common Desktop Environment 2.3.0 and earlier, as used in Oracle Solaris 10 1/13
(Update 11) and earlier, allows local users to gain root privileges via a long
printer name passed to dtprintinfo by a malicious lpstat program.

Note that Oracle Solaris CDE is based on the original CDE 1.x...

Posted by Marco Ivaldi on May 17

Dear Full Disclosure,

Please find attached an advisory for the following vulnerability:

A buffer overflow in the DtPrinterAction::PrintActionExists() function in the
Common Desktop Environment 2.3.0 and earlier, as used in Oracle Solaris 10 1/13
(Update 11) and earlier, allows local users to gain root privileges via a long
printer name passed to dtprintinfo by a malicious lpstat program.

Note that Oracle Solaris CDE is based on the original...

Posted by Jens Regel | Schneider & Wulf on May 17

Title:
======
CommSy <= 8.6.5 - SQL injection

Researcher:
===========
Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG

CVE-ID:
=======
CVE-2019-11880

Timeline:
=========
2019-04-15 Vulnerability discovered
2019-04-15 Asked for security contact and PGP key
2019-04-16 Send details to the vendor
2019-05-07 Flaw was approved but will not be fixed in branch 8.6
2019-05-15 Public disclosure

Affected Products:
==================...

Posted by gionreale on May 17

GAT-Ship Web Module >1.30 - Unauthenticated Information Disclosure Vulnerability

It is possible in versions 1.30 and below for unauthenticated attackers to query the GAT-Ship Web Module for system
information via a crafted request:

PoC:
---------------------------------------------------------------------------------------------------------------------------------------

POST /ws/gatshipWs.asmx/SqlVersion <...

Posted by Dave Aitel on May 17

https://techblog.mediaservice.net/2019/05/raptor-at-infiltrate-2019/ <--Marco
Ivaldi's blogpost on INFILTRATE.

I would go into more depth in this email but I feel like you should just go
read his post and watch his talk: https://vimeo.com/335197685.

-dave

Posted by RedTeam Pentesting GmbH on May 17

Advisory: Directory Traversal in Cisco Expressway Gateway

RedTeam Pentesting discovered a directory traversal vulnerability in
Cisco Expressway which enables access to administrative web interfaces.

Details
=======

Product: Cisco Expressway Gateway
Affected Versions: 11.5.1, possibly others
Fixed Versions: See Cisco Bug ID CSCvo47769 [1]
Vulnerability Type: Directory Traversal
Security Risk: medium
Vendor URL:...

Posted by RedTeam Pentesting GmbH on May 17

Advisory: Directory Traversal in Cisco Expressway Gateway

RedTeam Pentesting discovered a directory traversal vulnerability in
Cisco Expressway which enables access to administrative web interfaces.

Details
=======

Product: Cisco Expressway Gateway
Affected Versions: 11.5.1, possibly others
Fixed Versions: See Cisco Bug ID CSCvo47769 [1]
Vulnerability Type: Directory Traversal
Security Risk: medium
Vendor URL:...

cockpit-ovirt CVE-2019-10139 Local Information Disclosure Vulnerability

systemd CVE-2018-20839 Information Disclosure Vulnerability

Linux Kernel CVE-2018-7191 Local Denial of Service Vulnerability

Posted by Slackware Security Team on May 16

[slackware-security] rdesktop (SSA:2019-135-01)

New rdesktop packages are available for Slackware 14.0, 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/rdesktop-1.8.5-i586-1_slack14.2.txz: Upgraded.
This update fixes security issues:
Add bounds checking to protocol handling in order to fix many
security problems when communicating with...

Cisco NX-OS CVE-2019-1778 Local Command Injection Vulnerability

Fuji Electric Alpha7 PC Loader Out-of-Bounds Read Denial of Service Vulnerability

Symantec Messaging Gateway CVE-2019-9699 Information Disclosure Vulnerability

Posted by FreeBSD Security Advisories on May 15

=============================================================================
FreeBSD-SA-19:07.mds Security Advisory
The FreeBSD Project

Topic: Microarchitectural Data Sampling (MDS)

Category: core
Module: kernel
Announced: 2019-05-14
Credits: Refer to Intel's security advisory at the URL below for...

Posted by FreeBSD Security Advisories on May 15

=============================================================================
FreeBSD-SA-19:07.mds Security Advisory
The FreeBSD Project

Topic: Microarchitectural Data Sampling (MDS)

Category: core
Module: kernel
Announced: 2019-05-14
Credits: Refer to Intel's security advisory at the URL below for...

Posted by SEC Consult Vulnerability Lab on May 15

SEC Consult Vulnerability Lab Security Advisory < 20190515-0 >
=======================================================================
title: Authorization Bypass
product: RSA NetWitness
vulnerable version: <10.6.6.1, <11.2.1.1
fixed version: 10.6.6.1, 11.2.1.1
CVE number: CVE-2019-3724
impact: Medium
homepage: https://www.rsa.com
found: 2018-09-18...

Posted by FreeBSD Security Advisories on May 15

=============================================================================
FreeBSD-SA-19:07.mds Security Advisory
The FreeBSD Project

Topic: Microarchitectural Data Sampling (MDS)

Category: core
Module: kernel
Announced: 2019-05-14
Credits: Refer to Intel's security advisory at the URL below for...