Security News
[SECURITY] [DSA 4618-1] libexif security update
Posted by Salvatore Bonaccorso on Feb 10
-------------------------------------------------------------------------Debian Security Advisory DSA-4618-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 06, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : libexif
CVE ID : CVE-2019-9278
Debian Bug :...
[SECURITY] [DSA 4619-1] libxmlrpc3-java security update
Posted by Salvatore Bonaccorso on Feb 10
-------------------------------------------------------------------------Debian Security Advisory DSA-4619-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 06, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : libxmlrpc3-java
CVE ID : CVE-2019-17570
Debian Bug...
xglance-bin exploit (CVE-2014-2630)
Posted by redazione on Feb 10
In one of our recent penetration tests we have abused a vulnerability affecting a suid binary called “xglance-bin“.Part of HP Performance Monitoring solution, it allowed us to escalate our local unprivileged sessions on some Linux
RHEL 6.x/7.x/8.x systems to root. To be very honest, it was not the first time we leveraged that specific vulnerability
as we abused it frequently on many HP servers with RHEL installed since 2014.
There has...
xglance-bin exploit (CVE-2014-2630)
Posted by redazione on Feb 07
In one of our recent penetration tests we have abused a vulnerability affecting a suid binary called “xglance-bin“.Part of HP Performance Monitoring solution, it allowed us to escalate our local unprivileged sessions on some Linux
RHEL 6.x/7.x/8.x systems to root. To be very honest, it was not the first time we leveraged that specific vulnerability
as we abused it frequently on many HP servers with RHEL installed since 2014.
There has...
New Release: UFONet v1.4 - "T|M3WaRS!"...
Posted by psy on Feb 07
Hi Community,I am glad to present a new release of this tool:
- https://ufonet.03c8.net
"UFONet is a free software, P2P and cryptographic -disruptive toolkit-
that allows to perform DoS and DDoS attacks; on the Layer 7 (APP/HTTP)
through the exploitation of Open Redirect vectors on third-party
websites to act as a botnet and on the Layer3 (Network) abusing the
protocol."
See these links for more info:
- UFONet schema (WebAbuse...
[SECURITY] [DSA 4617-1] qtbase-opensource-src security update
Posted by Moritz Muehlenhoff on Feb 04
-------------------------------------------------------------------------Debian Security Advisory DSA-4617-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 03, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : qtbase-opensource-src
CVE ID : CVE-2020-0569...
[SECURITY] [DSA 4612-1] prosody-modules security update
Posted by Moritz Muehlenhoff on Feb 03
-------------------------------------------------------------------------Debian Security Advisory DSA-4612-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
January 31, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : prosody-modules
CVE ID : CVE-2020-8086
It was...
[SECURITY] [DSA 4613-1] libidn2 security update
Posted by Salvatore Bonaccorso on Feb 03
-------------------------------------------------------------------------Debian Security Advisory DSA-4613-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 01, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : libidn2
CVE ID : CVE-2019-18224
Debian Bug :...
[slackware-security] sudo (SSA:2020-031-01)
Posted by Slackware Security Team on Feb 03
[slackware-security] sudo (SSA:2020-031-01)New sudo packages are available for Slackware 14.0, 14.1, 14.2,
and -current to fix a security issue.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/sudo-1.8.31-i586-1_slack14.2.txz: Upgraded.
This update fixes a security issue:
In Sudo before 1.8.31, if pwfeedback is enabled in /etc/sudoers, users can
trigger a stack-based buffer overflow...
[SECURITY] [DSA 4614-1] sudo security update
Posted by Salvatore Bonaccorso on Feb 03
-------------------------------------------------------------------------Debian Security Advisory DSA-4614-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 01, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : sudo
CVE ID : CVE-2019-18634
Debian Bug :...
[SECURITY] [DSA 4615-1] spamassassin security update
Posted by Salvatore Bonaccorso on Feb 03
-------------------------------------------------------------------------Debian Security Advisory DSA-4615-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 01, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : spamassassin
CVE ID : CVE-2020-1930 CVE-2020-1931...
[SECURITY] [DSA 4616-1] qemu security update
Posted by Moritz Muehlenhoff on Feb 03
-------------------------------------------------------------------------Debian Security Advisory DSA-4616-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 02, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : qemu
CVE ID : CVE-2019-15890 CVE-2020-7039...
Ultra
Posted by Dave Aitel on Feb 01
[image: image.png]Last week I had a conversation with a well known cyber policy expert and he
was like "I just finished reading Cryptonomicon and you always say it's
some sort of masters degree in cyber policy but I can't figure out why..."
But this US-CERT tweet, and the entire activity of behavior around the
Citrix RCE demonstrates exactly why. Because Cryptonomicon is about
vulnerabilities and the flow of information and...
Executable installers are vulnerable^WEVIL (case 58): Intel® Processor Identification Utility - Windows* Version - arbitrary code execution with escalation of privilege
Posted by Stefan Kanthak on Jan 31
Hi @ll,Intel® Processor Identification Utility - Windows* Version,
version 6.0.0211 from 2019-02-11, available from
<https://downloadmirror.intel.com/28539/a08/Intel(R)%20Processor%20Identification%20Utility.exe>
via <https://downloadcenter.intel.com/download/28539>, and
earlier versions 6.0.* are vulnerable: in default installations
of all supported versions of Windows (really: Windows Vista and
later), they allows arbitrary code...
[CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED
Posted by Stefan Kanthak on Jan 31
Hi @ll,on September 29, 2019, John Page reported a remote code execution
with escalation of privilege in TrendMicro's Anti-Threat Toolkit
to its vendor.
TrendMicro assigned CVE-2019-9491 to this vulnerability and told
the reporter, his dog and the world on October 18, 2019, that they
had fixed the vulnerable product.
See <https://success.trendmicro.com/solution/000149878>,
<https://seclists.org/fulldisclosure/2019/Oct/42> and...
LPE and RCE in OpenSMTPD (CVE-2020-7247)
Posted by Qualys Security Advisory on Jan 31
Qualys Security AdvisoryLPE and RCE in OpenSMTPD (CVE-2020-7247)
==============================================================================
Contents
==============================================================================
Summary
Analysis
Exploitation
Acknowledgments
==============================================================================
Summary
==============================================================================...
Defense in depth -- the Microsoft way (part 61): security features are built to fail (or documented wrong)
Posted by Stefan Kanthak on Jan 31
Hi @ll,(a long[er] form of the following advisory is available at
<https://skanthak.homepage.t-online.de/snafu.html>)
With Windows 10 1607, Microsoft introduced the /DEPENDENTLOADFLAG
linker option, a security feature to restrict or limit the search
path for DLLs:
| On supported operating systems, this option has the effect of
| changing calls to LoadLibrary("dependent.dll") to the equivalent
| of...
APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2
Posted by Apple Product Security via Fulldisclosure on Jan 31
APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2iCloud for Windows 10.9.2 is now available and addresses the
following:
ImageIO
Available for: Windows 10 and later via the Microsoft Store
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-3826: Samuel Groß of Google Project Zero
libxml2
Available for: Windows 10 and later...
APPLE-SA-2020-1-29-1 iCloud for Windows 7.17
Posted by Apple Product Security via Fulldisclosure on Jan 31
APPLE-SA-2020-1-29-1 iCloud for Windows 7.17iCloud for Windows 7.17 addresses the following:
ImageIO
Available for: Windows 7 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-3826: Samuel Groß of Google Project Zero
libxml2
Available for: Windows 7 and later
Impact: Processing maliciously crafted XML may lead...
APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4
Posted by Apple Product Security via Fulldisclosure on Jan 31
APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4iTunes for Windows 12.10.4 is now available and addresses the
following:
Mobile Device Service
Available for: Windows 7 and later
Impact: A user may gain access to protected parts of the file system
Description: The issue was addressed with improved permissions logic.
CVE-2020-3861: Andrea Pierini (@decoder_it), Christian Danieli
(@padovah4ck)
Installation note:
iTunes for Windows 12.10.4 may be...
