Security News
APPLE-SA-2021-07-21-7 Safari 14.1.2
Posted by Apple Product Security via Fulldisclosure on Jul 23
APPLE-SA-2021-07-21-7 Safari 14.1.2Safari 14.1.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212606.
WebKit
Available for: macOS Catalina and macOS Mojave
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved state
handling.
CVE-2021-30758: Christoph Guttandin of Media...
APPLE-SA-2021-07-21-6 tvOS 14.7
Posted by Apple Product Security via Fulldisclosure on Jul 23
APPLE-SA-2021-07-21-6 tvOS 14.7tvOS 14.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212604.
Audio
Available for: Apple TV 4K and Apple TV HD
Impact: A local attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2021-30781: tr3e
CoreAudio
Available for: Apple TV 4K...
APPLE-SA-2021-07-21-5 watchOS 7.6
Posted by Apple Product Security via Fulldisclosure on Jul 23
APPLE-SA-2021-07-21-5 watchOS 7.6watchOS 7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212605.
ActionKit
Available for: Apple Watch Series 3 and later
Impact: A shortcut may be able to bypass Internet permission
requirements
Description: An input validation issue was addressed with improved
input validation.
CVE-2021-30763: Zachary Keffaber (@QuickUpdate5)
Audio...
APPLE-SA-2021-07-21-4 Security Update 2021-005 Mojave
Posted by Apple Product Security via Fulldisclosure on Jul 23
APPLE-SA-2021-07-21-4 Security Update 2021-005 MojaveSecurity Update 2021-005 Mojave addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212603.
AMD Kernel
Available for: macOS Mojave
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2021-30805: ABC...
APPLE-SA-2021-07-21-3 Security Update 2021-004 Catalina
Posted by Apple Product Security via Fulldisclosure on Jul 23
APPLE-SA-2021-07-21-3 Security Update 2021-004 CatalinaSecurity Update 2021-004 Catalina addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212600.
AMD Kernel
Available for: macOS Catalina
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2021-30805: ABC...
APPLE-SA-2021-07-21-2 macOS Big Sur 11.5
Posted by Apple Product Security via Fulldisclosure on Jul 23
APPLE-SA-2021-07-21-2 macOS Big Sur 11.5macOS Big Sur 11.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212602.
AMD Kernel
Available for: macOS Big Sur
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2021-30805: ABC Research s.r.o
AppKit...
APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7
Posted by Apple Product Security via Fulldisclosure on Jul 23
APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7iOS 14.7 and iPadOS 14.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212601.
iOS 14.7 released July 19, 2021; iPadOS 14.7 released July 21, 2021
ActionKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)...
ipython3 may execute code from the current working directory
Posted by Georgi Guninski on Jul 23
Summary: under certain circumstances, ipython3 may executecode from the current working directory. This might be a
problem if the current working directory is not trusted.
python3 is safe.
Tested on ubuntu 20.
The following session illustrates it:
joro@bialokote:~/tests/dir2$ pwd
/home/joro/tests/dir2
joro@bialokote:~/tests/dir2$ ipython3 --version
7.13.0
joro@bialokote:~/tests/dir2$ ls ~/tests/dir1
a.py joro-orig.py __pycache__...
Cross-site Scripting vulnerability in Ampache 4.4.2
Posted by Daniel Bishtawi via Fulldisclosure on Jul 23
Hello,We are informing you about a Cross-site Scripting vulnerability in Ampache
4.4.2.
Information
--------------------
Advisory by Netsparker
Name: Cross-site Scripting vulnerability in Ampache 4.4.2
Affected Software: Ampache
Affected Versions: 4.4.2
Homepage: http://ampache.org/
Vulnerability: Cross-Site Scripting
Severity: High
Status: Fixed
CVSS Score (3.0): 7.4 (High)
Netsparker Advisory Reference: NS-21-003
Technical Details...
CFP for Hardwear.io Netherlands 2021
Posted by Andrea Simonca on Jul 23
Hardwear.io Security Trainings and Conference Netherlands 202128-29 October 2021, NH Hotel Den Haag, The Netherlands
https://hardwear.io/netherlands-2021/
It is a pleasure to invite you to bring forward your cutting-edge research
at Hardwear.io Netherlands 2021:
Important Dates
Deadline for submission: 20 August 2021
Notification of acceptance: 3 September 2021
Security topics of interest (but not limited to):
-
Smart cards:...
AST-2021-009: pjproject/pjsip: crash when SSL socket destroyed during handshake
Posted by Asterisk Security Team on Jul 22
Asterisk Project Security Advisory - AST-2021-009Product Asterisk
Summary pjproject/pjsip: crash when SSL socket destroyed
during handshake
Nature of Advisory Denial of service
Susceptibility Remote unauthenticated sessions...
AST-2021-008: Remote crash when using IAX2 channel driver
Posted by Asterisk Security Team on Jul 22
Asterisk Project Security Advisory - AST-2021-008Product Asterisk
Summary Remote crash when using IAX2 channel driver
Nature of Advisory Denial of service
Susceptibility Remote unauthenticated sessions
Severity Major...
AST-2021-007: Remote Crash Vulnerability in PJSIP channel driver
Posted by Asterisk Security Team on Jul 22
Asterisk Project Security Advisory - AST-2021-007Product Asterisk
Summary Remote Crash Vulnerability in PJSIP channel driver
Nature of Advisory Denial of Service
Susceptibility Remote Authenticated Sessions
Severity Moderate...
Backdoor.Win32.IRCBot.gen / Unauthenticated Remote Command Execution
Posted by malvuln on Jul 20
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/96f5cdfa5b3416c819d76060f11dc88d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.IRCBot.gen
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 6777. Third-party attackers
who can reach infected systems can execute commands. Commands must be
wrapped in quotes or...
Trojan-Spy.Win32.SpyEyes.hqd / Insecure Permissions
Posted by malvuln on Jul 20
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/6f484fea8f6bb3974185fc856f37541b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan-Spy.Win32.SpyEyes.hqd
Vulnerability: Insecure Permissions
Description: The malware creates a dir with insecure permissions under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the...
Trojan-Spy.Win32.SpyEyes.abdb / Insecure Permissions
Posted by malvuln on Jul 20
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/9185538b01ad700603f38fb0eb8b6e3b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan-Spy.Win32.SpyEyes.abdb
Vulnerability: Insecure Permissions
Description: The malware creates a dir with insecure permissions under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the...
Backdoor.Win32.Agent.bjev / Insecure Permissions
Posted by malvuln on Jul 20
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/ca40998b5d62ee7f936537ff3de7993d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Agent.bjev
Vulnerability: Insecure Permissions
Description: The malware creates a dir with insecure permissions under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the...
Backdoor.Win32.IRCBot.gen / Weak Hardcoded Password
Posted by malvuln on Jul 20
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/9b12ff6b8b025e7fb0a171abad41c79c.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.IRCBot.gen
Vulnerability: Weak Hardcoded Password
Description: The malware listens on TCP port 13013. Authentication is
required for remote user access. However, the password "slimanus" is weak
and hardcoded in plaintext...
HEUR.Backdoor.Win32.Generic / Unauthenticated Open Proxy
Posted by malvuln on Jul 20
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/f2b5429feaa7d229418cf499ce5f5822.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: HEUR.Backdoor.Win32.Generic
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP ports 1080, 8080. Third-party
attackers who can connect to the infected system can relay requests from
the original connection to the...
HEUR.Backdoor.Win32.Generic / Unauthenticated Open Proxy
Posted by malvuln on Jul 20
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/bcf45d515f2a0c6ead1e44ea6371276b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: HEUR.Backdoor.Win32.Generic
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP ports 1080, 8080. Third-party
attackers who can connect to the infected system can relay requests from
the original connection to the...
