Security News

APPLE-SA-2020-05-26-9 iCloud for Windows 11.2

Full Disclosure - 29 May, 2020 - 12:21

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2020-05-26-9 iCloud for Windows 11.2

iCloud for Windows 11.2 is now available and addresses the following:

ImageIO
Available for: Windows 10 and later via the Microsoft Store
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9789: Wenchao Li of VARAS@IIE
CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year...

APPLE-SA-2020-05-26-5 watchOS 6.2.5

Full Disclosure - 29 May, 2020 - 12:21

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2020-05-26-5 watchOS 6.2.5

watchOS 6.2.5 addresses the following:

Accounts
Available for: Apple Watch Series 1 and later
Impact: A remote attacker may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt

AppleMobileFileIntegrity
Available for: Apple Watch Series 1 and later
Impact: An application may be able to...

APPLE-SA-2020-05-26-8 iTunes 12.10.7 for Windows

Full Disclosure - 29 May, 2020 - 12:20

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2020-05-26-8 iTunes 12.10.7 for Windows

iTunes 12.10.7 for Windows addresses the following:

ImageIO
Available for: Windows 7 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9789: Wenchao Li of VARAS@IIE
CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab

ImageIO
Available for:...

APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra

Full Disclosure - 29 May, 2020 - 12:20

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update
2020-003 Mojave, Security Update 2020-003 High Sierra

macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security
Update 2020-003 High Sierra are now available and address the
following:

Accounts
Available for: macOS Catalina 10.15.4
Impact: A remote attacker may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
input...

APPLE-SA-2020-05-26-7 Safari 13.1.1

Full Disclosure - 29 May, 2020 - 12:20

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2020-05-26-7 Safari 13.1.1

Safari 13.1.1 is now available and addresses the following:

Safari
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A malicious process may cause Safari to launch an application
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9801: @jinmo123, @setuid0x0_, and @insu_yun_en of
@SSLab_Gatech working with Trend Micro’s Zero Day Initiative...

APPLE-SA-2020-05-26-6 watchOS 5.3.7

Full Disclosure - 29 May, 2020 - 12:20

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2020-05-26-6 watchOS 5.3.7

watchOS 5.3.7 addresses the following:

Mail
Available for: Apple Watch Series 1, Apple Watch Series 2, Apple
Watch Series 3, and Apple Watch Series 4 when paired to an iPhone
with iOS 12 installed
Impact: Processing a maliciously crafted mail message may lead to
heap corruption
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2020-9819: ZecOps.com

Wi-Fi
Available for:...

APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5

Full Disclosure - 29 May, 2020 - 12:20

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5

iOS 13.5 and iPadOS 13.5 address the following:

Accounts
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt

AirDrop
Available for:...

APPLE-SA-2020-05-26-2 iOS 12.4.7

Full Disclosure - 29 May, 2020 - 12:20

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2020-05-26-2 iOS 12.4.7

iOS 12.4.7 addresses the following:

Mail
Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad
mini 2, iPad mini 3, and iPod touch 6th generation
Impact: Processing a maliciously crafted mail message may lead to
unexpected memory modification or application termination
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9818: ZecOps.com

Mail
Available for:...

New BlackArch Linux ISOs + OVA Image released!

Full Disclosure - 29 May, 2020 - 12:16

Posted by Black Arch on May 29

Dear list,

We've released new BlackArch Linux ISOs and OVA image (version
2020.06.01). Many improvements and QA went through all packages and
tools Blackarch Linux offers! For details see the ChangeLog below. The
BlackArch repository, Live-ISO and OVA image include more than 2550
tools now. The aarch64 repository is filled with about 2300 tools.

A ChangeLog of the Live-ISO-2020.06.01:

- added more than 150 new tools
- disabled...

Konica Minolta FTP Utility v1.0 - 'NLST' Denial of Service (PoC)

Full Disclosure - 22 May, 2020 - 11:40

Posted by socket_0x03 on May 22


Konica Minolta FTP Utility v1.0 - 'LIST' Denial of Service (PoC)

Full Disclosure - 22 May, 2020 - 11:40

Posted by socket_0x03 on May 22


Filetto v1.0 - 'FEAT' Denial of Service (PoC)

Full Disclosure - 22 May, 2020 - 11:40

Posted by socket_0x03 on May 22


[IAIK JCE] Timing Attack Side Channel in DSA Implementation

Full Disclosure - 22 May, 2020 - 11:39

Posted by Giuseppe Cocomazzi on May 22

IAIK JCE is a provider for the Java Cryptography Extension that,
according to the vendor, "supplements the security functionality of
the default JDK". It is a commercial product developed by Stiftung
Secure Information and Communication Technologies:
https://jce.iaik.tugraz.at/about-us/

The way that some of the computations involved in the signature
generation are carried out introduces a side channel that leaks timing
information...

Remote Code Execution in qmail (CVE-2005-1513)

Full Disclosure - 22 May, 2020 - 11:39

Posted by Qualys Security Advisory on May 22

Qualys Security Advisory

15 years later: Remote Code Execution in qmail (CVE-2005-1513)

========================================================================
Contents
========================================================================

Summary
Analysis
Exploitation
qmail-verify
- CVE-2020-3811
- CVE-2020-3812
Mitigations
Acknowledgments
Patches

========================================================================
Summary...

APPLE-SA-2020-05-20-1 Xcode 11.5

Full Disclosure - 22 May, 2020 - 11:38

Posted by Apple Product Security via Fulldisclosure on May 22

APPLE-SA-2020-05-20-1 Xcode 11.5

Xcode 11.5 is now available and addresses the following:

Git
Available for: macOS Catalina 10.15.2 and later
Impact: A crafted git URL that contains a newline in it may cause
credential information to be provided for the wrong host
Description: This issue was addressed by forbidding a newline
character in any value passed via the credential protocol.
CVE-2020-11008: Carlo Arenas

Installation note:

Xcode 11.5...

Short notes on qmail security guarantee

Full Disclosure - 22 May, 2020 - 11:33

Posted by Georgi Guninski on May 22

From my blog:
https://j.ludost.net/blog/archives/2020/05/21/short_notes_on_qmail_security_guarantee/index.html

Short notes on qmail security guarantee

Disclaimer: written in hurry, could be wrong.

djb offers monetary bounty for verifiable qmail exploit,
called "qmail security guarantee" [1].

He hasn't awarded the bounty yet, despite several
vulnerabilities found by us in 2005 [2] and in 2020 [3]
Qualys discovered that at least...

Composr CMS 10.0.30 - (Authenticated) Cross-Site Scripting

Full Disclosure - 22 May, 2020 - 11:30

Posted by Manuel Garcia Cardenas on May 22

=============================================
MGC ALERT 2020-001
- Original release date: February 06, 2020
- Last revised: May 21, 2020
- Discovered by: Manuel Garcia Cardenas
- Severity: 4,8/10 (CVSS Base Score)
- CVE-ID: CVE-2020-8789
=============================================

I. VULNERABILITY
-------------------------
Composr CMS 10.0.30 - (Authenticated) Cross-Site Scripting

II. BACKGROUND
-------------------------
Composr CMS (or...

[SYSS-2019-039] Smartbear ReadyAPI/SoapUI Pro/jProductivity Licensing Unsafe Deserialization

Full Disclosure - 19 May, 2020 - 10:10

Posted by Moritz Bechler on May 19

Advisory ID: SYSS-2019-039
Product: Protection Licensing Toolkit, SoapUI/LoadUI/ServiceV Pro
Manufacturer: jProductivity LLC, SmartBear Software
Affected Version(s): - ReadyAPI 3.2.5
Tested Version(s): ReadyAPI 3.2.5
Vulnerability Type: Unsafe deserialization/remote code execution (CWE-502)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2019-09-02
Public Disclosure: 2020-05-18
CVE Reference: CVE-2020-12835
Author of Advisory:...

Multiple vulnerabilities in Dovecot IMAP server

Full Disclosure - 19 May, 2020 - 10:03

Posted by Aki Tuomi on May 19

Dear subscribers,

we are sending notifications for three vulnerabilities,

- CVE-2020-10957
- CVE-2020-10958
- CVE-2020-10967

Please find them below

---
Aki Tuomi
Open-Xchange Oy

------------------

Open-Xchange Security Advisory 2020-05-18

Product: Dovecot
Vendor: OX Software GmbH

Internal reference: DOV-3784
Vulnerability type: NULL pointer dereference (CWE-476)
Vulnerable version: 2.3.0 - 2.3.10
Vulnerable component: submission, lmtp...

Asset Explorer (Windows & Linux) - Authenticated Command Execution

Full Disclosure - 15 May, 2020 - 10:43

Posted by xen1thLabs on May 15

XL-2020-004 - Asset Explorer (Windows & Linux) - Authenticated Command Execution

===============================================================================

Identifiers

-------------------------------------------------

* CVE-2019-19034

* XL-20-004

CVSSv3 score

-------------------------------------------------

7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Vendor

-------------------------------------------------

ManageEngine -
[...
Syndicate content