Security News

OXAS-ADV-2024-0005: OX App Suite Security Advisory

Full Disclosure - 9 September, 2024 - 22:26

Posted by Martin Heiland via Fulldisclosure on Sep 09

Dear subscribers,

We're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs for OX App Suite, Dovecot and PowerDNS at YesWeHack.

This advisory has also been published at
https://documentation.open-xchange.com/appsuite/security/advisories/html/2024/oxas-adv-2024-0005.html.

Yours sincerely,
Martin Heiland, Open-Xchange...

[SYSS-2024-030]: C-MOR Video Surveillance - OS Command Injection (CWE-78)

Full Disclosure - 5 September, 2024 - 22:04

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-030
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401, 6.00PL01
Tested Version(s): 5.2401, 6.00PL01
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2024-04-05
Solution Date: -
Public Disclosure: 2024-09-04...

[SYSS-2024-029]: C-MOR Video Surveillance - Dependency on Vulnerable Third-Party Component (CWE-1395)

Full Disclosure - 5 September, 2024 - 22:04

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-029
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401
Tested Version(s): 5.2401
Vulnerability Type: Dependency on Vulnerable Third-Party
Component (CWE-1395)
Use of Unmaintained Third Party Components
(CWE-1104)
Risk Level: High
Solution Status: Fixed...

[SYSS-2024-028]: C-MOR Video Surveillance - Cleartext Storage of Sensitive Information (CWE-312)

Full Disclosure - 5 September, 2024 - 22:04

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-028
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401, 6.00PL01
Tested Version(s): 5.2401, 6.00PL01
Vulnerability Type: Cleartext Storage of Sensitive Information
(CWE-312)
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2024-04-05
Solution Date: -
Public...

[SYSS-2024-027]: C-MOR Video Surveillance - Improper Privilege Management (CWE-269)

Full Disclosure - 5 September, 2024 - 22:03

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-027
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401, 6.00PL01
Tested Version(s): 5.2401, 6.00PL01
Vulnerability Type: Improper Privilege Management (CWE-269)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2024-04-05
Solution Date: -
Public Disclosure:...

[SYSS-2024-026]: C-MOR Video Surveillance - Unrestricted Upload of File with Dangerous Type (CWE-434)

Full Disclosure - 5 September, 2024 - 22:03

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-026
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401
Tested Version(s): 5.2401
Vulnerability Type: Unrestricted Upload of File with Dangerous
Type (CWE-434)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2024-04-05
Solution Date: 2024-07-31
Public Disclosure:...

[SYSS-2024-025]: C-MOR Video Surveillance - Relative Path Traversal (CWE-23)

Full Disclosure - 5 September, 2024 - 22:03

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-025
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401
Tested Version(s): 5.2401
Vulnerability Type: Relative Path Traversal (CWE-23)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2024-04-05
Solution Date: 2024-07-31
Public Disclosure: 2024-09-04
CVE...

Backdoor.Win32.Symmi.qua / Remote Stack Buffer Overflow (SEH)

Full Disclosure - 5 September, 2024 - 22:03

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/6e81618678ddfee69342486f6b5ee780.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Symmi.qua
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description: The malware listens on two random high TCP ports, when
connecting (ncat) one port will return a single character like "♣"
ord(a)...

HackTool.Win32.Freezer.br (WinSpy) / Insecure Credential Storage

Full Disclosure - 5 September, 2024 - 22:03

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/2992129c565e025ebcb0bb6f80c77812.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: HackTool.Win32.Freezer.br (WinSpy)
Vulnerability: Insecure Credential Storage
Description: The malware listens on TCP ports 443, 80 and provides a
web interface for remote access to victim information like screenshots
etc.The username...

Backdoor.Win32.Optix.02.b / Weak Hardcoded Credentials

Full Disclosure - 5 September, 2024 - 22:03

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/706ddc06ebbdde43e4e97de4d5af3b19.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Optix.02.b
Vulnerability: Weak Hardcoded Credentials
Description: Optix listens on TCP port 5151 and is packed with ASPack
(2.11d). Unpacking is trivial set breakpoints on POPAD, RET, run and
dump using OllyDumpEx. The...

Backdoor.Win32.JustJoke.21 (BackDoor Pro) / Unauthenticated Remote Command Execution

Full Disclosure - 5 September, 2024 - 22:03

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/4dc39c05bcc93e600dd8de16f2f7c599.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.JustJoke.21 (BackDoor Pro - v2.0b4)
Vulnerability: Unauthenticated Remote Command Execution
Family: JustJoke
Type: PE32
MD5: 4dc39c05bcc93e600dd8de16f2f7c599
SHA256:...

Backdoor.Win32.PoisonIvy.ymw / Insecure Credential Storage

Full Disclosure - 5 September, 2024 - 22:03

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/b0748f1c1a17bad44dc9bd750fc97547.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.PoisonIvy.ymw
Vulnerability: Insecure Credential Storage
Family: PoisonIvy
Type: PE32
MD5: b0748f1c1a17bad44dc9bd750fc97547
SHA256: 060c15f401ce4d38d70e7f60aabe31c81935d2c261e350c0ea34387886d48920
Vuln ID: MVID-2024-0688...

[SYSS-2024-024]: C-MOR Video Surveillance - Improper Access Control (CWE-284)

Full Disclosure - 5 September, 2024 - 22:03

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-024
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401
Tested Version(s): 5.2401
Vulnerability Type: Improper Access Control (CWE-284)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2024-04-05
Solution Date: 2024-07-31
Public Disclosure: 2024-09-04
CVE...

[SYSS-2024-023]: C-MOR Video Surveillance - SQL Injection (CWE-89)

Full Disclosure - 5 September, 2024 - 22:03

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-023
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401, 6.00PL01
Tested Version(s): 5.2401, 6.00PL01
Vulnerability Type: SQL Injection (CWE-89)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2024-04-05
Solution Date: -
Public Disclosure: 2024-09-04
CVE...

[SYSS-2024-022]: C-MOR Video Surveillance - Cross-Site Request Forgery (CWE-352)

Full Disclosure - 5 September, 2024 - 22:03

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-022
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401, 6.00PL01
Tested Version(s): 5.2401, 6.00PL01
Vulnerability Type: Cross-Site Request Forgery (CWE-352)
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2024-04-05
Solution Date: -
Public Disclosure:...

[SYSS-2024-021]: C-MOR Video Surveillance - Persistent Cross-Site Scripting (CWE-79)

Full Disclosure - 5 September, 2024 - 22:03

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-021
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401, 6.00PL01
Tested Version(s): 5.2401, 6.00PL01
Vulnerability Type: Persistent Cross-Site Scripting (CWE-79)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2024-04-05
Solution Date: -
Public Disclosure:...

CFP No cON Name 2024 - Barcelona

Full Disclosure - 2 September, 2024 - 21:17

Posted by Jose Nicolas Castellano via Fulldisclosure on Sep 02

******************************************
****** Call For Papers NcN 2k24 *********
******************************************

ph3ar disinformation and cognitive control

https://www.noconname.org/call-for-papers/

Exact place not disclosed until a few weeks before due celebration.

* INTRODUCTION
The organization has opened CFP proposals. No cON Name is the eldest
Hacking and Security Conference in Span. Our goal is to get highly...

Insufficiently Protected Credentials in Texas Instruments Fusion Digital Power Designer v.7.10.1

Full Disclosure - 2 September, 2024 - 21:16

Posted by Gionathan Armando Reale via Fulldisclosure on Sep 02

Insufficiently Protected Credentials in Texas Instruments Fusion Digital Power Designer v.7.10.1

Credit: Gionathan Armando Reale

//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

# Product: Fusion Digital Power Designer - Version 7.10.1
# Vendor: Texas Instruments
# CVE ID: CVE-2024-41629
#...

SCHUTZWERK-SA-2024-001: Privilege Escalation via Service Binary Hijacking in Vivavis HIGH-LEIT (CVE-2024-38456)

Full Disclosure - 2 September, 2024 - 21:16

Posted by David Brown via Fulldisclosure on Sep 02

Title
=====

SCHUTZWERK-SA-2024-001: Privilege Escalation via Service Binary
Hijacking in Vivavis HIGH-LEIT

Status
======

PUBLISHED

Version
=======

1.0

CVE reference
=============

CVE-2024-38456

Link
====

https://www.schutzwerk.com/advisories/schutzwerk-sa-2024-001/

Text-only version:
https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2024-001.txt

Affected products/vendor
========================

HIGH-LEIT by VIVAVIS AG[0]. Version 4...

Re: [SYSS-2024-038] DiCal-RED - Use of Password Hash Instead of Password for Authentication

Full Disclosure - 27 August, 2024 - 17:17

Posted by J. Hellenthal via Fulldisclosure on Aug 27

Correct me if I'm wrong but I believe he is trying to relay that "on the backend" where the password hashes are
stored.... if accessed by those with admin access or a bad actor if you will gives them the immediate ability to access
every account without needing to decrypt the passwords.

This is a very bad practice.
Syndicate content