Security News

[SYSS-2019-014]: Siemens LOGO! 8 - Storing Passwords in a Recoverable Format (CWE-257)

Full Disclosure - 29 May, 2019 - 20:54

Posted by Matthias Deeg on May 29

Advisory ID: SYSS-2019-014
Product: LOGO!
Manufacturer: Siemens
Affected Version(s): LOGO! 8 (all versions)
Tested Version(s): LOGO! 8, 6ED1052-2MD00-0BA8 FS:03, 0BA8.Standard V1.08.03
Vulnerability Type: Storing Passwords in a Recoverable Format (CWE-257)
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2019-04-04
Solution Date: 2019-05-14 (recommended mitigation by manufacturer)
Public Disclosure: 2019-05-29
CVE Reference:...

[SYSS-2019-013]: Siemens LOGO! 8 - Missing Authentication for Critical Function (CWE-306)

Full Disclosure - 29 May, 2019 - 20:54

Posted by Matthias Deeg on May 29

Advisory ID: SYSS-2020-013
Product: LOGO!
Manufacturer: Siemens
Affected Version(s): LOGO! 8 (all versions)
Tested Version(s): LOGO! 8, 6ED1052-2MD00-0BA8 FS:03, 0BA8.Standard V1.08.03
Vulnerability Type: Missing Authentication for Critical Function (CWE-306)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2019-04-04
Solution Date: 2019-05-14 (recommended mitigation by manufacturer)
Public Disclosure: 2019-05-29
CVE Reference:...

[SYSS-2019-012]: Siemens LOGO! 8 - Use of Hard-coded Cryptographic Key (CWE-321)

Full Disclosure - 29 May, 2019 - 20:54

Posted by Matthias Deeg on May 29

Advisory ID: SYSS-2019-012
Product: LOGO!
Manufacturer: Siemens
Affected Version(s): LOGO! 8 (all versions)
Tested Version(s): LOGO! 8, 6ED1052-2MD00-0BA8 FS:03, 0BA8.Standard V1.08.03
Vulnerability Type: Use of Hard-coded Cryptographic Key (CWE-321)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2019-04-04
Solution Date: 2019-05-14 (recommended mitigation by manufacturer)
Public Disclosure: 2019-05-29
CVE Reference:...

CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication

Full Disclosure - 29 May, 2019 - 20:54

Posted by Kevin Kotas via Fulldisclosure on May 29

CA20190523-01: Security Notice for CA Risk Authentication and CA
Strong Authentication

Issued: May 23, 2019
Last Updated: May 23, 2019

The Support team for CA Technologies, A Broadcom Company, is alerting
customers to multiple potential risks with CA Risk Authentication and
CA Strong Authentication. Multiple vulnerabilities exist that can
allow a remote attacker to gain additional access in certain
configurations or possibly gain sensitive...

Cross-site Scripting Vulnerabilities in VFront 0.99.5

Full Disclosure - 29 May, 2019 - 20:49

Posted by Daniel Bishtawi on May 29

Hello,

We are informing you about the vulnerabilities we reported in VFront 0.99.5.

Here are the details:

Advisory by Netsparker
Name: Multiple Reflected Cross-site Scripting in VFront 0.99.5
Affected Software: VFront
Affected Versions: 0.99.5
Homepage: http://www.vfront.org/
Vulnerability: Reflected Cross-site Scripting
Severity: High
Status: Fixed
CVE-ID: CVE-2019-9839
CVSS Score (3.0): 7.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N...

Reflected Cross-site Scripting Vulnerability in Kanboard 1.2.7

Full Disclosure - 29 May, 2019 - 20:48

Posted by Daniel Bishtawi on May 29

Hello,

We are informing you about the vulnerabilities we reported in Kanboard
1.2.7.

Here are the details:

Advisory by Netsparker
Name: Reflected Cross-site Scripting in Kanboard
Affected Software: Kanboard
Affected Versions: 1.2.7
Homepage: https://kanboard.org/
Vulnerability: Reflected Cross-site Scripting
Severity: Medium
Status: Fixed
CVE-ID: CVE-2019-7324
CVSS Score (3.0): VA:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Netsparker Advisory Reference:...

[SYSS-2019-014]: Siemens LOGO! 8 - Storing Passwords in a Recoverable Format (CWE-257)

Bug Traq - 29 May, 2019 - 02:34

Posted by matthias . deeg on May 29

Advisory ID: SYSS-2019-014
Product: LOGO!
Manufacturer: Siemens
Affected Version(s): LOGO! 8 (all versions)
Tested Version(s): LOGO! 8, 6ED1052-2MD00-0BA8 FS:03, 0BA8.Standard V1.08.03
Vulnerability Type: Storing Passwords in a Recoverable Format (CWE-257)
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2019-04-04
Solution Date: 2019-05-14 (recommended mitigation by manufacturer)
Public Disclosure: 2019-05-29
CVE Reference:...

[SYSS-2019-013]: Siemens LOGO! 8 - Missing Authentication for Critical Function (CWE-306)

Bug Traq - 29 May, 2019 - 02:30

Posted by matthias . deeg on May 29

Advisory ID: SYSS-2019-013
Product: LOGO!
Manufacturer: Siemens
Affected Version(s): LOGO! 8 (all versions)
Tested Version(s): LOGO! 8, 6ED1052-2MD00-0BA8 FS:03, 0BA8.Standard V1.08.03
Vulnerability Type: Missing Authentication for Critical Function (CWE-306)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2019-04-04
Solution Date: 2019-05-14 (recommended mitigation by manufacturer)
Public Disclosure: 2019-05-29
CVE Reference:...

[SYSS-2019-012]: Siemens LOGO! 8 - Use of Hard-coded Cryptographic Key (CWE-321)

Bug Traq - 29 May, 2019 - 02:27

Posted by matthias . deeg on May 29

Advisory ID: SYSS-2019-012
Product: LOGO!
Manufacturer: Siemens
Affected Version(s): LOGO! 8 (all versions)
Tested Version(s): LOGO! 8, 6ED1052-2MD00-0BA8 FS:03, 0BA8.Standard V1.08.03
Vulnerability Type: Use of Hard-coded Cryptographic Key (CWE-321)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2019-04-04
Solution Date: 2019-05-14 (recommended mitigation by manufacturer)
Public Disclosure: 2019-05-29
CVE Reference:...

APPLE-SA-2019-5-28-1 iTunes for Windows 12.9.5

Bug Traq - 28 May, 2019 - 23:41

Posted by Apple Product Security on May 28

APPLE-SA-2019-5-28-1 iTunes for Windows 12.9.5

iTunes for Windows 12.9.5 is now available and addresses the
following:

SQLite
Available for: Windows 7 and later
Impact: An application may be able to gain elevated privileges
Description: An input validation issue was addressed with improved
memory handling.
CVE-2019-8577: Omer Gull of Checkpoint Research

SQLite
Available for: Windows 7 and later
Impact: A maliciously crafted SQL query may lead...

APPLE-SA-2019-5-28-2 iCloud for Windows 7.12

Bug Traq - 28 May, 2019 - 23:38

Posted by Apple Product Security on May 28

APPLE-SA-2019-5-28-2 iCloud for Windows 7.12

iCloud for Windows 7.12 is now available and addresses the following:

SQLite
Available for: Windows 7 and later
Impact: An application may be able to gain elevated privileges
Description: An input validation issue was addressed with improved
memory handling.
CVE-2019-8577: Omer Gull of Checkpoint Research

SQLite
Available for: Windows 7 and later
Impact: A maliciously crafted SQL query may lead to...

Vuln: Oracle VM VirtualBox Mulltiple Local Security Vulnerabilities

Security Focus Vulnerabilities - 28 May, 2019 - 23:00
Oracle VM VirtualBox Mulltiple Local Security Vulnerabilities

[CVE-2019-11604] Quest KACE Systems Management Appliance <= 9.0 kbot_service_notsoap.php METHOD Reflected Cross-Site Scripting

Full Disclosure - 24 May, 2019 - 12:23

Posted by RCE Security on May 24

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Quest KACE Systems Management Appliance
Vendor URL: www.quest.com
Type: Cross-Site Scripting [CWE-79]
Date found: 2018-09-09
Date published: 2019-05-19
CVSSv3 Score: 4.7 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N)
CVE: CVE-2019-11604

2. CREDITS
==========
This vulnerability was discovered and...

Exploring the File System via Jenkins Credentials Plugin Vulnerability – CVE-2019-10320

Full Disclosure - 24 May, 2019 - 12:22

Posted by Nightwatch Cybersecurity Research on May 24

[Original blog post here:
https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320/]

SUMMARY

The recently fixed vulnerability in the Jenkins Credentials plugin
(v2.1.19) allowed users with certain permissions to confirm existence
of a file on the server’s file system. While this doesn’t allow an
attacker to view the file content, the ability to obtain...

[REVIVE-SA-2019-002] Revive Adserver Vulnerability

Full Disclosure - 24 May, 2019 - 12:21

Posted by Matteo Beccati via Fulldisclosure on May 24

========================================================================
Revive Adserver Security Advisory REVIVE-SA-2019-002
------------------------------------------------------------------------
https://www.revive-adserver.com/security/revive-sa-2019-002
------------------------------------------------------------------------
CVE-IDs: t.b.a.
Date: 2019-05-21
Risk Level: High...

New BlackArch Linux ISOs + OVA Image (2019.06.01) with 2200 Tools released

Full Disclosure - 24 May, 2019 - 12:20

Posted by Black Arch on May 24

Dear list,

We've released the new BlackArch Linux ISOs and OVA image (version:
2019.06.01) along with many many improvements. They include more than
2190 tools now. The armv6h, armv7h and aarch64 repositories are filled
with about 2100 tools.

A ChangeLog of the Live-ISO-2019.06.01:

- added more than 150 new tools
- added 'jedi-vim' plugin
- updated vim plugins
- included every tool of BlackArch except:...

CMS Made Simple 2.2.10 - (Authenticated) Persistent Cross-Site Scripting

Full Disclosure - 24 May, 2019 - 12:20

Posted by Manuel Garcia Cardenas on May 24

=============================================
MGC ALERT 2019-002
- Original release date: April 10, 2019
- Last revised: May 22, 2019
- Discovered by: Manuel Garcia Cardenas
- Severity: 4,8/10 (CVSS Base Score)
- CVE-ID: CVE-2019-11226
=============================================

I. VULNERABILITY
-------------------------
CMS Made Simple 2.2.10 - (Authenticated) Persistent Cross-Site Scripting

II. BACKGROUND
-------------------------
CMS Made...

The Past is not the Past

Daily Dave - 17 May, 2019 - 09:22

Posted by Dave Aitel on May 17

https://techblog.mediaservice.net/2019/05/raptor-at-infiltrate-2019/ <--Marco
Ivaldi's blogpost on INFILTRATE.

I would go into more depth in this email but I feel like you should just go
read his post and watch his talk: https://vimeo.com/335197685.

-dave

Video Teleconferencing for Fun and Profit

Daily Dave - 14 May, 2019 - 08:47

Posted by Dave Aitel on May 14

We were not going to release videos in this order, but since for some
reason everyone is suddenly interested in the security of various video
teleconferencing software, here is
Natalie Silvanovich's hilarious talk on the subject from just a couple
weeks ago at INFILTRATE 2019!
https://vimeo.com/335950239

Of course, if you want to attend or sponsor INFILTRATE 2020, now is the
time to get in (just email infiltrate () immunityinc com)! Diamond...
Syndicate content