Security News

APPLE-SA-2021-07-21-7 Safari 14.1.2

Full Disclosure - 23 July, 2021 - 02:12

Posted by Apple Product Security via Fulldisclosure on Jul 23

APPLE-SA-2021-07-21-7 Safari 14.1.2

Safari 14.1.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212606.

WebKit
Available for: macOS Catalina and macOS Mojave
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved state
handling.
CVE-2021-30758: Christoph Guttandin of Media...

APPLE-SA-2021-07-21-6 tvOS 14.7

Full Disclosure - 23 July, 2021 - 02:12

Posted by Apple Product Security via Fulldisclosure on Jul 23

APPLE-SA-2021-07-21-6 tvOS 14.7

tvOS 14.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212604.

Audio
Available for: Apple TV 4K and Apple TV HD
Impact: A local attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2021-30781: tr3e

CoreAudio
Available for: Apple TV 4K...

APPLE-SA-2021-07-21-5 watchOS 7.6

Full Disclosure - 23 July, 2021 - 02:12

Posted by Apple Product Security via Fulldisclosure on Jul 23

APPLE-SA-2021-07-21-5 watchOS 7.6

watchOS 7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212605.

ActionKit
Available for: Apple Watch Series 3 and later
Impact: A shortcut may be able to bypass Internet permission
requirements
Description: An input validation issue was addressed with improved
input validation.
CVE-2021-30763: Zachary Keffaber (@QuickUpdate5)

Audio...

APPLE-SA-2021-07-21-4 Security Update 2021-005 Mojave

Full Disclosure - 23 July, 2021 - 02:12

Posted by Apple Product Security via Fulldisclosure on Jul 23

APPLE-SA-2021-07-21-4 Security Update 2021-005 Mojave

Security Update 2021-005 Mojave addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212603.

AMD Kernel
Available for: macOS Mojave
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2021-30805: ABC...

APPLE-SA-2021-07-21-3 Security Update 2021-004 Catalina

Full Disclosure - 23 July, 2021 - 02:12

Posted by Apple Product Security via Fulldisclosure on Jul 23

APPLE-SA-2021-07-21-3 Security Update 2021-004 Catalina

Security Update 2021-004 Catalina addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212600.

AMD Kernel
Available for: macOS Catalina
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2021-30805: ABC...

APPLE-SA-2021-07-21-2 macOS Big Sur 11.5

Full Disclosure - 23 July, 2021 - 02:12

Posted by Apple Product Security via Fulldisclosure on Jul 23

APPLE-SA-2021-07-21-2 macOS Big Sur 11.5

macOS Big Sur 11.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212602.

AMD Kernel
Available for: macOS Big Sur
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2021-30805: ABC Research s.r.o

AppKit...

APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7

Full Disclosure - 23 July, 2021 - 02:12

Posted by Apple Product Security via Fulldisclosure on Jul 23

APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7

iOS 14.7 and iPadOS 14.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212601.

iOS 14.7 released July 19, 2021; iPadOS 14.7 released July 21, 2021

ActionKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)...

ipython3 may execute code from the current working directory

Full Disclosure - 23 July, 2021 - 02:12

Posted by Georgi Guninski on Jul 23

Summary: under certain circumstances, ipython3 may execute
code from the current working directory. This might be a
problem if the current working directory is not trusted.

python3 is safe.

Tested on ubuntu 20.

The following session illustrates it:

joro@bialokote:~/tests/dir2$ pwd
/home/joro/tests/dir2
joro@bialokote:~/tests/dir2$ ipython3 --version
7.13.0
joro@bialokote:~/tests/dir2$ ls ~/tests/dir1
a.py joro-orig.py __pycache__...

Cross-site Scripting vulnerability in Ampache 4.4.2

Full Disclosure - 23 July, 2021 - 02:11

Posted by Daniel Bishtawi via Fulldisclosure on Jul 23

Hello,

We are informing you about a Cross-site Scripting vulnerability in Ampache
4.4.2.

Information
--------------------
Advisory by Netsparker
Name: Cross-site Scripting vulnerability in Ampache 4.4.2
Affected Software: Ampache
Affected Versions: 4.4.2
Homepage: http://ampache.org/
Vulnerability: Cross-Site Scripting
Severity: High
Status: Fixed
CVSS Score (3.0): 7.4 (High)
Netsparker Advisory Reference: NS-21-003

Technical Details...

CFP for Hardwear.io Netherlands 2021

Full Disclosure - 23 July, 2021 - 02:10

Posted by Andrea Simonca on Jul 23

Hardwear.io Security Trainings and Conference Netherlands 2021

28-29 October 2021, NH Hotel Den Haag, The Netherlands

https://hardwear.io/netherlands-2021/

It is a pleasure to invite you to bring forward your cutting-edge research
at Hardwear.io Netherlands 2021:

Important Dates

Deadline for submission: 20 August 2021

Notification of acceptance: 3 September 2021

Security topics of interest (but not limited to):

-

Smart cards:...

AST-2021-009: pjproject/pjsip: crash when SSL socket destroyed during handshake

Full Disclosure - 22 July, 2021 - 17:53

Posted by Asterisk Security Team on Jul 22

Asterisk Project Security Advisory - AST-2021-009

Product Asterisk
Summary pjproject/pjsip: crash when SSL socket destroyed
during handshake
Nature of Advisory Denial of service
Susceptibility Remote unauthenticated sessions...

AST-2021-008: Remote crash when using IAX2 channel driver

Full Disclosure - 22 July, 2021 - 17:53

Posted by Asterisk Security Team on Jul 22

Asterisk Project Security Advisory - AST-2021-008

Product Asterisk
Summary Remote crash when using IAX2 channel driver
Nature of Advisory Denial of service
Susceptibility Remote unauthenticated sessions
Severity Major...

AST-2021-007: Remote Crash Vulnerability in PJSIP channel driver

Full Disclosure - 22 July, 2021 - 17:53

Posted by Asterisk Security Team on Jul 22

Asterisk Project Security Advisory - AST-2021-007

Product Asterisk
Summary Remote Crash Vulnerability in PJSIP channel driver
Nature of Advisory Denial of Service
Susceptibility Remote Authenticated Sessions
Severity Moderate...

Backdoor.Win32.IRCBot.gen / Unauthenticated Remote Command Execution

Full Disclosure - 20 July, 2021 - 11:03

Posted by malvuln on Jul 20

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/96f5cdfa5b3416c819d76060f11dc88d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.IRCBot.gen
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 6777. Third-party attackers
who can reach infected systems can execute commands. Commands must be
wrapped in quotes or...

Trojan-Spy.Win32.SpyEyes.hqd / Insecure Permissions

Full Disclosure - 20 July, 2021 - 11:03

Posted by malvuln on Jul 20

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/6f484fea8f6bb3974185fc856f37541b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Spy.Win32.SpyEyes.hqd
Vulnerability: Insecure Permissions
Description: The malware creates a dir with insecure permissions under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the...

Trojan-Spy.Win32.SpyEyes.abdb / Insecure Permissions

Full Disclosure - 20 July, 2021 - 11:03

Posted by malvuln on Jul 20

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/9185538b01ad700603f38fb0eb8b6e3b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Spy.Win32.SpyEyes.abdb
Vulnerability: Insecure Permissions
Description: The malware creates a dir with insecure permissions under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the...

Backdoor.Win32.Agent.bjev / Insecure Permissions

Full Disclosure - 20 July, 2021 - 11:03

Posted by malvuln on Jul 20

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/ca40998b5d62ee7f936537ff3de7993d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.bjev
Vulnerability: Insecure Permissions
Description: The malware creates a dir with insecure permissions under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the...

Backdoor.Win32.IRCBot.gen / Weak Hardcoded Password

Full Disclosure - 20 July, 2021 - 11:03

Posted by malvuln on Jul 20

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/9b12ff6b8b025e7fb0a171abad41c79c.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.IRCBot.gen
Vulnerability: Weak Hardcoded Password
Description: The malware listens on TCP port 13013. Authentication is
required for remote user access. However, the password "slimanus" is weak
and hardcoded in plaintext...

HEUR.Backdoor.Win32.Generic / Unauthenticated Open Proxy

Full Disclosure - 20 July, 2021 - 11:03

Posted by malvuln on Jul 20

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/f2b5429feaa7d229418cf499ce5f5822.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HEUR.Backdoor.Win32.Generic
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP ports 1080, 8080. Third-party
attackers who can connect to the infected system can relay requests from
the original connection to the...

HEUR.Backdoor.Win32.Generic / Unauthenticated Open Proxy

Full Disclosure - 20 July, 2021 - 11:03

Posted by malvuln on Jul 20

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/bcf45d515f2a0c6ead1e44ea6371276b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HEUR.Backdoor.Win32.Generic
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP ports 1080, 8080. Third-party
attackers who can connect to the infected system can relay requests from
the original connection to the...
Syndicate content