Security News

[slackware-security] openjpeg (SSA:2019-095-01)

Bug Traq - 8 April, 2019 - 01:22

Posted by Slackware Security Team on Apr 07

[slackware-security] openjpeg (SSA:2019-095-01)

New openjpeg packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/openjpeg-2.3.1-i586-1_slack14.2.txz: Upgraded.
Includes many bug fixes (including security fixes).
(* Security fix *)
+--------------------------+

Where to find the new packages:...

[SECURITY] [DSA 4425-1] wget security update

Bug Traq - 8 April, 2019 - 01:18

Posted by Salvatore Bonaccorso on Apr 07

-------------------------------------------------------------------------
Debian Security Advisory DSA-4425-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
April 05, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : wget
CVE ID : CVE-2019-5953
Debian Bug : 926389...

Vuln: Samba CVE-2019-3880 Directory Traversal Vulnerability

Security Focus Vulnerabilities - 7 April, 2019 - 23:00
Samba CVE-2019-3880 Directory Traversal Vulnerability

Vuln: Samba CVE-2019-3870 Local Insecure File Permissions Vulnerability

Security Focus Vulnerabilities - 7 April, 2019 - 23:00
Samba CVE-2019-3870 Local Insecure File Permissions Vulnerability

Vuln: Symantec Endpoint Encryption CVE-2019-9694 Local Privilege Escalation Vulnerability

Security Focus Vulnerabilities - 7 April, 2019 - 23:00
Symantec Endpoint Encryption CVE-2019-9694 Local Privilege Escalation Vulnerability

WordPress plugin Contact Form by WD [CSRF → LFI]

Full Disclosure - 5 April, 2019 - 12:37

Posted by Panagiotis Vagenas on Apr 05

# Exploit Title: Contact Form by WD [CSRF → LFI]
# Date: 2019-03-17
# Exploit Author: Panagiotis Vagenas
# Vendor Homepage: http://web-dorado.com/
# Software Link: https://wordpress.org/plugins/contact-form-maker
# Version: 1.13.1
# Tested on: WordPress 5.1.1

Description
-----------

Plugin implements the following AJAX actions:

- `manage_fm`
- `get_stats`
- `generete_csv`
- `generete_xml`
- `formmakerwdcaptcha`
- `nopriv_formmakerwdcaptcha`...

WordPress Plugin Form Maker by WD [CSRF → LFI]

Full Disclosure - 5 April, 2019 - 12:37

Posted by Panagiotis Vagenas on Apr 05

# Exploit Title: Form Maker by WD [CSRF → LFI]
# Date: 2019-03-17
# Exploit Author: Panagiotis Vagenas
# Vendor Homepage: http://web-dorado.com/
# Software Link: https://wordpress.org/plugins/form-maker
# Version: 1.13.2
# Tested on: WordPress 5.1

Description
-----------

Plugin implements the following AJAX actions:

- `generete_csv`
- `generete_xml`
- `formmakerwdcaptcha`
- `formmakerwdmathcaptcha`
- `product_option`
-...

Arris Touchstone TG1672 Administrative Login Vulnerabilities

Full Disclosure - 5 April, 2019 - 12:34

Posted by Harley A.W. Lorenzo via Fulldisclosure on Apr 05

================================================================================
Title: Arris Touchstone TG1672 Administrative Login Vulnerabilities
Product: Arris Touchstone TG1672
Version: TS0901103AS_092216_16XX.GW_SIP (most likely other versions
affected by unconfirmed)
Product Page: https://www.arris.com/products/
touchstone-telephony-gateway-tg1672/
Published: 2019-04-05...

Uniqkey Password Manager 1.14 - Remote Denial Of Service [CVE-2019-10845]

Full Disclosure - 5 April, 2019 - 12:34

Posted by gionreale on Apr 05

An issue was discovered in Uniqkey Password Manager 1.14.
When entering new credentials to a site that isn't registered within
this product, a pop-up window will appear asking the user if
they want to save these new credentials. The code of the pop-up window
can be read and, to some extent, manipulated by remote servers. This
pop-up window will stay on any page the user visits within the browser
until a decision is made. A malicious web...

WordPress plugin Contact Form by WD [CSRF → LFI]

Bug Traq - 5 April, 2019 - 07:09

Posted by Panagiotis Vagenas on Apr 05

# Exploit Title: Contact Form by WD [CSRF → LFI]
# Date: 2019-03-17
# Exploit Author: Panagiotis Vagenas
# Vendor Homepage: http://web-dorado.com/
# Software Link: https://wordpress.org/plugins/contact-form-maker
# Version: 1.13.1
# Tested on: WordPress 5.1.1

Description
-----------

Plugin implements the following AJAX actions:

- `manage_fm`
- `get_stats`
- `generete_csv`
- `generete_xml`
- `formmakerwdcaptcha`
- `nopriv_formmakerwdcaptcha`...

WordPress Plugin Form Maker by WD [CSRF → LFI]

Bug Traq - 5 April, 2019 - 07:05

Posted by Panagiotis Vagenas on Apr 05

# Title: Form Maker by WD [CSRF → LFI]
# Date: 2019-03-17
# Exploit Author: Panagiotis Vagenas
# Vendor Homepage: http://web-dorado.com/
# Software Link: https://wordpress.org/plugins/form-maker
# Version: 1.13.2
# Tested on: WordPress 5.1

Description
-----------

Plugin implements the following AJAX actions:

- `generete_csv`
- `generete_xml`
- `formmakerwdcaptcha`
- `formmakerwdmathcaptcha`
- `product_option`
- `FormMakerEditCountryinPopup`...

hardwear.io 2019 Call For Papers is Open - USA & Netherlands

Full Disclosure - 5 April, 2019 - 00:36

Posted by Yuliya Pliavaka on Apr 04

Dear InfoSec Gurus,

Hardwear.io Security Conference and Training is a platform for hardware and
security community where researchers showcase and discuss their innovative
research on attacking and defending hardware.

Submission Topics

hardwear.io accepts papers on any topic that discusses in-depth hardware
and firmware security both from the offensive as well as defensive
perspective. Example topics: IC, Processors, IoT, Automotive,...

SphereFTP 2.0 Denial Of Service

Full Disclosure - 5 April, 2019 - 00:35

Posted by Sachin Wagh on Apr 04

#!/usr/bin/python
# Exploit Title: SphereFTP Server v2.0 Remote Denial of Service
Vulnerability
# Date: 2019-31-03
# Exploit Author: Sachin Wagh (@tiger_tigerboy)
# Software Link: http://www.menasoft.com/sphereftp/sphereftp_win32_v20.zip
# Tested on: Windows 10 64-bit

import socket
import sys

evil = "A"*3000
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
connect=s.connect(('192.168.56.1',21))

s.recv(1024)...

DSA-2019-031: Dell EMC IsilonSD Management Server Cross-Site Scripting (XSS) Vulnerabilities

Full Disclosure - 5 April, 2019 - 00:35

Posted by secure on Apr 04

Dell EMC Product Taxonomy IsilonSD Management Server

Role Security Advisory Technically Signed Off by
Product Management John Harr
Engineering Team Phillip Nordwall
Program Management David Geijsbeek
Service Product Lead (SDS) Jeremy Johnson

DSA-2019-031: Dell EMC IsilonSD Management Server Cross-Site Scripting (XSS) Vulnerabilities

Dell EMC Identifier: DSA-2019-031
CVE Identifier: CVE-2019-3708, CVE-2019-3709...

CVE-2019-7727 - JMX/RMI Nice ENGAGE <= 6.5 Remote Command Execution

Full Disclosure - 5 April, 2019 - 00:35

Posted by Red Timmy Sec - on Apr 04

Description
===========
NICE Engage is an interaction recording platform. The default configuration in versions <= 6.5 (and possible higher)
binds an unauthenticated JMX/RMI interface to all network interfaces, without restricting registration of MBeans, which
allows remote attackers to execute arbitrary code via the RMI protocol by using the JMX connector. The observed
affected TCP port is 6338 but based on product's configuration a...

c0c0n XII | The cy0ps c0n - Call For Papers & Call For Workshops

Full Disclosure - 5 April, 2019 - 00:35

Posted by Prajwal Panchmahalkar on Apr 04

#################################################################
c0c0n XII | The cy0ps c0n - Call For Papers & Call For Workshops
#################################################################

Sep 25-28, 2019 - Grand Hyatt, Kochi (Cochin), Kerala, India

Buenos Dias from the God's Own Country!

We are extremely delighted to announce the Call for Papers and Call for
Workshops for c0c0n 2019 <http://www.is-ra.org/c0c0n/>, a...

Open-Xchange Security Advisory 2019-04-01

Full Disclosure - 5 April, 2019 - 00:34

Posted by Open-Xchange GmbH via Fulldisclosure on Apr 04

Dear subscribers,

we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs (appsuite, dovecot, powerdns) at HackerOne.

Yours sincerely,
Martin Heiland, Open-Xchange GmbH

Product: OX App Suite
Vendor: OX Software GmbH

Internal reference: 61771 (Bug ID)
Vulnerability type: Information Exposure (CWE-200)
Vulnerable...

Uniqkey Password Manager 1.14 - Remote Credential Disclosure

Full Disclosure - 5 April, 2019 - 00:31

Posted by gionreale on Apr 04

CVE-2019-10676

Various vulnerabilities in Lupusec XT2 Plus home alarm system

Full Disclosure - 5 April, 2019 - 00:29

Posted by Dan Fabian on Apr 04

=======================================================================
title: Multiple Vulnerabilities
product: Lupusec XT2 Plus Main Panel
version: Firmware 0.0.2.19E
homepage: https://www.lupus-electronics.de/
found: 01/2019
by: D. Fabian
=======================================================================

Vendor description:
-------------------
"The new...

Vuln: Cisco IOS and IOS XE Software CVE-2018-15373 Denial of Service Vulnerability

Security Focus Vulnerabilities - 4 April, 2019 - 23:00
Cisco IOS and IOS XE Software CVE-2018-15373 Denial of Service Vulnerability
Syndicate content