Security News
APPLE-SA-2020-05-26-9 iCloud for Windows 11.2
Posted by Apple Product Security via Fulldisclosure on May 29
APPLE-SA-2020-05-26-9 iCloud for Windows 11.2iCloud for Windows 11.2 is now available and addresses the following:
ImageIO
Available for: Windows 10 and later via the Microsoft Store
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9789: Wenchao Li of VARAS@IIE
CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year...
APPLE-SA-2020-05-26-5 watchOS 6.2.5
Posted by Apple Product Security via Fulldisclosure on May 29
APPLE-SA-2020-05-26-5 watchOS 6.2.5watchOS 6.2.5 addresses the following:
Accounts
Available for: Apple Watch Series 1 and later
Impact: A remote attacker may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt
AppleMobileFileIntegrity
Available for: Apple Watch Series 1 and later
Impact: An application may be able to...
APPLE-SA-2020-05-26-8 iTunes 12.10.7 for Windows
Posted by Apple Product Security via Fulldisclosure on May 29
APPLE-SA-2020-05-26-8 iTunes 12.10.7 for WindowsiTunes 12.10.7 for Windows addresses the following:
ImageIO
Available for: Windows 7 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9789: Wenchao Li of VARAS@IIE
CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab
ImageIO
Available for:...
APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra
Posted by Apple Product Security via Fulldisclosure on May 29
APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update2020-003 Mojave, Security Update 2020-003 High Sierra
macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security
Update 2020-003 High Sierra are now available and address the
following:
Accounts
Available for: macOS Catalina 10.15.4
Impact: A remote attacker may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
input...
APPLE-SA-2020-05-26-7 Safari 13.1.1
Posted by Apple Product Security via Fulldisclosure on May 29
APPLE-SA-2020-05-26-7 Safari 13.1.1Safari 13.1.1 is now available and addresses the following:
Safari
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A malicious process may cause Safari to launch an application
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9801: @jinmo123, @setuid0x0_, and @insu_yun_en of
@SSLab_Gatech working with Trend Micro’s Zero Day Initiative...
APPLE-SA-2020-05-26-6 watchOS 5.3.7
Posted by Apple Product Security via Fulldisclosure on May 29
APPLE-SA-2020-05-26-6 watchOS 5.3.7watchOS 5.3.7 addresses the following:
Available for: Apple Watch Series 1, Apple Watch Series 2, Apple
Watch Series 3, and Apple Watch Series 4 when paired to an iPhone
with iOS 12 installed
Impact: Processing a maliciously crafted mail message may lead to
heap corruption
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2020-9819: ZecOps.com
Wi-Fi
Available for:...
APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5
Posted by Apple Product Security via Fulldisclosure on May 29
APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5iOS 13.5 and iPadOS 13.5 address the following:
Accounts
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt
AirDrop
Available for:...
APPLE-SA-2020-05-26-2 iOS 12.4.7
Posted by Apple Product Security via Fulldisclosure on May 29
APPLE-SA-2020-05-26-2 iOS 12.4.7iOS 12.4.7 addresses the following:
Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad
mini 2, iPad mini 3, and iPod touch 6th generation
Impact: Processing a maliciously crafted mail message may lead to
unexpected memory modification or application termination
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9818: ZecOps.com
Available for:...
New BlackArch Linux ISOs + OVA Image released!
Posted by Black Arch on May 29
Dear list,We've released new BlackArch Linux ISOs and OVA image (version
2020.06.01). Many improvements and QA went through all packages and
tools Blackarch Linux offers! For details see the ChangeLog below. The
BlackArch repository, Live-ISO and OVA image include more than 2550
tools now. The aarch64 repository is filled with about 2300 tools.
A ChangeLog of the Live-ISO-2020.06.01:
- added more than 150 new tools
- disabled...
Konica Minolta FTP Utility v1.0 - 'NLST' Denial of Service (PoC)
Posted by socket_0x03 on May 22
Konica Minolta FTP Utility v1.0 - 'LIST' Denial of Service (PoC)
Posted by socket_0x03 on May 22
Filetto v1.0 - 'FEAT' Denial of Service (PoC)
Posted by socket_0x03 on May 22
[IAIK JCE] Timing Attack Side Channel in DSA Implementation
Posted by Giuseppe Cocomazzi on May 22
IAIK JCE is a provider for the Java Cryptography Extension that,according to the vendor, "supplements the security functionality of
the default JDK". It is a commercial product developed by Stiftung
Secure Information and Communication Technologies:
https://jce.iaik.tugraz.at/about-us/
The way that some of the computations involved in the signature
generation are carried out introduces a side channel that leaks timing
information...
Remote Code Execution in qmail (CVE-2005-1513)
Posted by Qualys Security Advisory on May 22
Qualys Security Advisory15 years later: Remote Code Execution in qmail (CVE-2005-1513)
========================================================================
Contents
========================================================================
Summary
Analysis
Exploitation
qmail-verify
- CVE-2020-3811
- CVE-2020-3812
Mitigations
Acknowledgments
Patches
========================================================================
Summary...
APPLE-SA-2020-05-20-1 Xcode 11.5
Posted by Apple Product Security via Fulldisclosure on May 22
APPLE-SA-2020-05-20-1 Xcode 11.5Xcode 11.5 is now available and addresses the following:
Git
Available for: macOS Catalina 10.15.2 and later
Impact: A crafted git URL that contains a newline in it may cause
credential information to be provided for the wrong host
Description: This issue was addressed by forbidding a newline
character in any value passed via the credential protocol.
CVE-2020-11008: Carlo Arenas
Installation note:
Xcode 11.5...
Short notes on qmail security guarantee
Posted by Georgi Guninski on May 22
From my blog:https://j.ludost.net/blog/archives/2020/05/21/short_notes_on_qmail_security_guarantee/index.html
Short notes on qmail security guarantee
Disclaimer: written in hurry, could be wrong.
djb offers monetary bounty for verifiable qmail exploit,
called "qmail security guarantee" [1].
He hasn't awarded the bounty yet, despite several
vulnerabilities found by us in 2005 [2] and in 2020 [3]
Qualys discovered that at least...
Composr CMS 10.0.30 - (Authenticated) Cross-Site Scripting
Posted by Manuel Garcia Cardenas on May 22
=============================================MGC ALERT 2020-001
- Original release date: February 06, 2020
- Last revised: May 21, 2020
- Discovered by: Manuel Garcia Cardenas
- Severity: 4,8/10 (CVSS Base Score)
- CVE-ID: CVE-2020-8789
=============================================
I. VULNERABILITY
-------------------------
Composr CMS 10.0.30 - (Authenticated) Cross-Site Scripting
II. BACKGROUND
-------------------------
Composr CMS (or...
[SYSS-2019-039] Smartbear ReadyAPI/SoapUI Pro/jProductivity Licensing Unsafe Deserialization
Posted by Moritz Bechler on May 19
Advisory ID: SYSS-2019-039Product: Protection Licensing Toolkit, SoapUI/LoadUI/ServiceV Pro
Manufacturer: jProductivity LLC, SmartBear Software
Affected Version(s): - ReadyAPI 3.2.5
Tested Version(s): ReadyAPI 3.2.5
Vulnerability Type: Unsafe deserialization/remote code execution (CWE-502)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2019-09-02
Public Disclosure: 2020-05-18
CVE Reference: CVE-2020-12835
Author of Advisory:...
Multiple vulnerabilities in Dovecot IMAP server
Posted by Aki Tuomi on May 19
Dear subscribers,we are sending notifications for three vulnerabilities,
- CVE-2020-10957
- CVE-2020-10958
- CVE-2020-10967
Please find them below
---
Aki Tuomi
Open-Xchange Oy
------------------
Open-Xchange Security Advisory 2020-05-18
Product: Dovecot
Vendor: OX Software GmbH
Internal reference: DOV-3784
Vulnerability type: NULL pointer dereference (CWE-476)
Vulnerable version: 2.3.0 - 2.3.10
Vulnerable component: submission, lmtp...
Asset Explorer (Windows & Linux) - Authenticated Command Execution
Posted by xen1thLabs on May 15
XL-2020-004 - Asset Explorer (Windows & Linux) - Authenticated Command Execution===============================================================================
Identifiers
-------------------------------------------------
* CVE-2019-19034
* XL-20-004
CVSSv3 score
-------------------------------------------------
7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
Vendor
-------------------------------------------------
ManageEngine -
[...
