Security News

Vuln: Mozilla Firefox/Thunderbird/Firefox ESR Multiple Security Vulnerabilities

Security Focus Vulnerabilities - 20 May, 2019 - 23:00
Mozilla Firefox/Thunderbird/Firefox ESR Multiple Security Vulnerabilities

Emerson Network Power Cross Site Scripting(XSS) Vulnerability

Bug Traq - 19 May, 2019 - 22:53

Posted by Kubilay Onur Gungor on May 19

I. VULNERABILITY
-------------------------
httpGetSet/httpGet.htm on
Emerson Network Power Liebert Challenger 5.1E0.5 devices allows XSS via the statusstr parameter.

II. CVE REFERENCE
-------------------------
CVE-2019-12167

III. VENDOR
-------------------------
Emerson Network Power

IV. TIMELINE
-------------------------
13/05/2019 Vulnerability discovered

V. CREDIT...

local privilege escalation via CDE dtprintinfo

Bug Traq - 19 May, 2019 - 22:49

Posted by Marco Ivaldi on May 19

Dear Bugtraq,

Please find attached an advisory for the following vulnerability:

A buffer overflow in the DtPrinterAction::PrintActionExists() function in the
Common Desktop Environment 2.3.0 and earlier, as used in Oracle Solaris 10 1/13
(Update 11) and earlier, allows local users to gain root privileges via a long
printer name passed to dtprintinfo by a malicious lpstat program.

Note that Oracle Solaris CDE is based on the original CDE 1.x...

local privilege escalation via CDE dtprintinfo

Full Disclosure - 17 May, 2019 - 11:47

Posted by Marco Ivaldi on May 17

Dear Full Disclosure,

Please find attached an advisory for the following vulnerability:

A buffer overflow in the DtPrinterAction::PrintActionExists() function in the
Common Desktop Environment 2.3.0 and earlier, as used in Oracle Solaris 10 1/13
(Update 11) and earlier, allows local users to gain root privileges via a long
printer name passed to dtprintinfo by a malicious lpstat program.

Note that Oracle Solaris CDE is based on the original...

[CVE-2019-11880] CommSy <= 8.6.5 - SQL injection

Full Disclosure - 17 May, 2019 - 11:47

Posted by Jens Regel | Schneider & Wulf on May 17

Title:
======
CommSy <= 8.6.5 - SQL injection

Researcher:
===========
Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG

CVE-ID:
=======
CVE-2019-11880

Timeline:
=========
2019-04-15 Vulnerability discovered
2019-04-15 Asked for security contact and PGP key
2019-04-16 Send details to the vendor
2019-05-07 Flaw was approved but will not be fixed in branch 8.6
2019-05-15 Public disclosure

Affected Products:
==================...

GAT-Ship Web Module >1.30 - Unauthenticated Information Disclosure Vulnerability

Full Disclosure - 17 May, 2019 - 11:46

Posted by gionreale on May 17

GAT-Ship Web Module >1.30 - Unauthenticated Information Disclosure Vulnerability

It is possible in versions 1.30 and below for unauthenticated attackers to query the GAT-Ship Web Module for system
information via a crafted request:

PoC:
---------------------------------------------------------------------------------------------------------------------------------------

POST /ws/gatshipWs.asmx/SqlVersion <...

The Past is not the Past

Daily Dave - 17 May, 2019 - 09:22

Posted by Dave Aitel on May 17

https://techblog.mediaservice.net/2019/05/raptor-at-infiltrate-2019/ <--Marco
Ivaldi's blogpost on INFILTRATE.

I would go into more depth in this email but I feel like you should just go
read his post and watch his talk: https://vimeo.com/335197685.

-dave

[RT-SA-2019-002] Directory Traversal in Cisco Expressway Gateway

Bug Traq - 17 May, 2019 - 06:23

Posted by RedTeam Pentesting GmbH on May 17

Advisory: Directory Traversal in Cisco Expressway Gateway

RedTeam Pentesting discovered a directory traversal vulnerability in
Cisco Expressway which enables access to administrative web interfaces.

Details
=======

Product: Cisco Expressway Gateway
Affected Versions: 11.5.1, possibly others
Fixed Versions: See Cisco Bug ID CSCvo47769 [1]
Vulnerability Type: Directory Traversal
Security Risk: medium
Vendor URL:...

[RT-SA-2019-002] Directory Traversal in Cisco Expressway Gateway

Full Disclosure - 17 May, 2019 - 02:37

Posted by RedTeam Pentesting GmbH on May 17

Advisory: Directory Traversal in Cisco Expressway Gateway

RedTeam Pentesting discovered a directory traversal vulnerability in
Cisco Expressway which enables access to administrative web interfaces.

Details
=======

Product: Cisco Expressway Gateway
Affected Versions: 11.5.1, possibly others
Fixed Versions: See Cisco Bug ID CSCvo47769 [1]
Vulnerability Type: Directory Traversal
Security Risk: medium
Vendor URL:...

Vuln: cockpit-ovirt CVE-2019-10139 Local Information Disclosure Vulnerability

Security Focus Vulnerabilities - 16 May, 2019 - 23:00
cockpit-ovirt CVE-2019-10139 Local Information Disclosure Vulnerability

Vuln: systemd CVE-2018-20839 Information Disclosure Vulnerability

Security Focus Vulnerabilities - 16 May, 2019 - 23:00
systemd CVE-2018-20839 Information Disclosure Vulnerability

Vuln: Linux Kernel CVE-2018-7191 Local Denial of Service Vulnerability

Security Focus Vulnerabilities - 16 May, 2019 - 23:00
Linux Kernel CVE-2018-7191 Local Denial of Service Vulnerability

[slackware-security] rdesktop (SSA:2019-135-01)

Bug Traq - 16 May, 2019 - 07:46

Posted by Slackware Security Team on May 16

[slackware-security] rdesktop (SSA:2019-135-01)

New rdesktop packages are available for Slackware 14.0, 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/rdesktop-1.8.5-i586-1_slack14.2.txz: Upgraded.
This update fixes security issues:
Add bounds checking to protocol handling in order to fix many
security problems when communicating with...

Vuln: Cisco NX-OS CVE-2019-1778 Local Command Injection Vulnerability

Security Focus Vulnerabilities - 15 May, 2019 - 23:00
Cisco NX-OS CVE-2019-1778 Local Command Injection Vulnerability

Vuln: Fuji Electric Alpha7 PC Loader Out-of-Bounds Read Denial of Service Vulnerability

Security Focus Vulnerabilities - 15 May, 2019 - 23:00
Fuji Electric Alpha7 PC Loader Out-of-Bounds Read Denial of Service Vulnerability

Vuln: Symantec Messaging Gateway CVE-2019-9699 Information Disclosure Vulnerability

Security Focus Vulnerabilities - 15 May, 2019 - 23:00
Symantec Messaging Gateway CVE-2019-9699 Information Disclosure Vulnerability

FreeBSD Security Advisory FreeBSD-SA-19:07.mds [REVISED]

Bug Traq - 15 May, 2019 - 21:12

Posted by FreeBSD Security Advisories on May 15

=============================================================================
FreeBSD-SA-19:07.mds Security Advisory
The FreeBSD Project

Topic: Microarchitectural Data Sampling (MDS)

Category: core
Module: kernel
Announced: 2019-05-14
Credits: Refer to Intel's security advisory at the URL below for...

FreeBSD Security Advisory FreeBSD-SA-19:07.mds

Bug Traq - 15 May, 2019 - 21:08

Posted by FreeBSD Security Advisories on May 15

=============================================================================
FreeBSD-SA-19:07.mds Security Advisory
The FreeBSD Project

Topic: Microarchitectural Data Sampling (MDS)

Category: core
Module: kernel
Announced: 2019-05-14
Credits: Refer to Intel's security advisory at the URL below for...

SEC Consult SA-20190515-0 :: Authorization Bypass in RSA NetWitness (@sec_consult)

Bug Traq - 15 May, 2019 - 05:37

Posted by SEC Consult Vulnerability Lab on May 15

SEC Consult Vulnerability Lab Security Advisory < 20190515-0 >
=======================================================================
title: Authorization Bypass
product: RSA NetWitness
vulnerable version: <10.6.6.1, <11.2.1.1
fixed version: 10.6.6.1, 11.2.1.1
CVE number: CVE-2019-3724
impact: Medium
homepage: https://www.rsa.com
found: 2018-09-18...

FreeBSD Security Advisory FreeBSD-SA-19:07.mds

Bug Traq - 15 May, 2019 - 05:35

Posted by FreeBSD Security Advisories on May 15

=============================================================================
FreeBSD-SA-19:07.mds Security Advisory
The FreeBSD Project

Topic: Microarchitectural Data Sampling (MDS)

Category: core
Module: kernel
Announced: 2019-05-14
Credits: Refer to Intel's security advisory at the URL below for...
Syndicate content