Security News
APPLE-SA-2019-8-26-1 iOS 12.4.1
Posted by Akila Srinivasan via Fulldisclosure on Aug 27
APPLE-SA-2019-8-26-1 iOS 12.4.1iOS 12.4.1 is now available and addresses the following:
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8605: Ned Williamson working with Google Project Zero
Additional recognition...
[slackware-security] Slackware 14.2 kernel (SSA:2019-238-01)
Posted by Slackware Security Team on Aug 26
[slackware-security] Slackware 14.2 kernel (SSA:2019-238-01)New kernel packages are available for Slackware 14.2 to fix a security issue.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/linux-4.4.190/*: Upgraded.
These updates fix various bugs and a minor local denial-of-service security
issue. They also change this option:
FANOTIFY_ACCESS_PERMISSIONS n -> y
This is needed by...
[SECURITY] [DSA 4509-1] apache2 security update
Posted by Salvatore Bonaccorso on Aug 26
-------------------------------------------------------------------------Debian Security Advisory DSA-4509-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
August 26, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : apache2
CVE ID : CVE-2019-9517 CVE-2019-10081...
APPLE-SA-2019-8-26-3 tvOS 12.4.1
Posted by Akila Srinivasan on Aug 26
APPLE-SA-2019-8-26-3 tvOS 12.4.1tvOS 12.4.1 is now available and addresses the following:
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8605: Ned Williamson working with Google Project Zero
Additional recognition
Kernel
We would like to acknowledge...
APPLE-SA-2019-8-26-2 macOS Mojave 10.14.6 Supplemental Update
Posted by Akila Srinivasan on Aug 26
APPLE-SA-2019-8-26-2 macOS Mojave 10.14.6 Supplemental UpdatemacOS Mojave 10.14.6 Supplemental Update is now available and
addresses the following:
Kernel
Available for: macOS Mojave 10.14.6
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8605: Ned Williamson working with Google Project Zero
Additional...
APPLE-SA-2019-8-26-1 iOS 12.4.1
Posted by Akila Srinivasan on Aug 26
APPLE-SA-2019-8-26-1 iOS 12.4.1iOS 12.4.1 is now available and addresses the following:
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8605: Ned Williamson working with Google Project Zero
Additional recognition...
[SECURITY] [DSA 4508-1] h2o security update
Posted by Moritz Muehlenhoff on Aug 25
-------------------------------------------------------------------------Debian Security Advisory DSA-4508-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 24, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : h2o
CVE ID : CVE-2019-9512 CVE-2019-9514...
[SECURITY] [DSA 4507-1] squid security update
Posted by Salvatore Bonaccorso on Aug 25
-------------------------------------------------------------------------Debian Security Advisory DSA-4507-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
August 24, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : squid
CVE ID : CVE-2019-12525 CVE-2019-12527...
[SECURITY] [DSA 4506-1] qemu security update
Posted by Moritz Muehlenhoff on Aug 25
-------------------------------------------------------------------------Debian Security Advisory DSA-4506-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 24, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : qemu
CVE ID : CVE-2018-20815 CVE-2019-13164...
Hard-coded credentials on ProGrade/Lierda Grill Temperature Monitor [CVE-2019-15304]
Posted by tim on Aug 25
[Author:] Tim Tepatti[Website:] tepatti.com
[Title:] Hard-coded credentials on ProGrade/Lierda Grill Temperature
Monitor [CVE-2019-15304]
[Product:] Grill Temperature Monitor
[Manufacturer:] ProGrade / Lierda
[Affected Version(s):] V1.00_50006
[Tested Version(s):] V1.00_50006
[Vulnerability Type:] Use of hard-coded credentials (CWE ID 798)
[CVE Reference:] CVE-2019-15304
[TL;DR:]
ProGrade/Lierda Grill Temperature Monitor V1.00_50006 has a...
Unquoted Path - Trend Micro
Posted by Silton Renato Pereira dos Santos on Aug 25
=====[ Tempest Security Intelligence - ADV-02/2019]==========================
Trend Maximum Security 2019
Author: Silton Santos
Tempest Security Intelligence - Recife, Pernambuco - Brazil
=====[ Table of
Contents]=====================================================
* Overview
* Detailed description
* Timeline of disclosure
* Thanks & Acknowledgements
* References
=====[ Vulnerability...
[CVE-2019-15150] CSRF in MediaWiki extension OAuth2 Client 0.3
Posted by Justin Bull on Aug 25
[CVE-2019-15150] CSRF in MediaWiki extension OAuth2 Client 0.3Happy Sunday everyone.
A security bulletin for you all.
Software:
--------
MediaWiki OAuth2 Client (https://github.com/Schine/MW-OAuth2Client)
Description:
----------
MediaWiki implementation of the PHP League's OAuth2 Client, to allow MediaWiki
to act as a client to any OAuth2 server.
Not Affeted:
------------
0.2 and earlier.
Affected Versions:
---------------
0.3
Fixed...
Realtek Managed Switch Controller RTL83xx
Posted by bashis on Aug 25
[SOT][Subject]
Realtek Managed Switch Controller (RTL83xx) PoC (2019 bashis)
https://www.realtek.com/en/products/communications-network-ics/category/managed-switch-controller
[Brief description]
1. Boa/Hydra suffer of exploitable stack overflow with a 'one byte read-write loop' w/o boundary check. (all FW
version and vendors affected)
Note: The vulnerability are _not_ from Boa nor...
CoreFTP Server FTP / SFTP Server v2 - Build 674 MDTM Directory Traversal (Metasploit) Exploit
Posted by Kevin R on Aug 25
# Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 MDTMDirectory Traversal (Metasploit)
# Google Dork: N/A
# Date: 8/21/2019
# Exploit Author: Kevin Randall
# Vendor Homepage: https://www.coreftp.com
# Software Link: http://www.coreftp.com/server/index.html
# Version: Firmware: CoreFTP Server FTP / SFTP Server v2 - Build 674
# Tested on: Windows 7 and Windows XP
# CVE : CVE-2019-9649
class MetasploitModule < Msf::Auxiliary...
CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE Directory Traversal (Metasploit) Exploit
Posted by Kevin R on Aug 25
# Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZEDirectory Traversal (Metasploit)
# Google Dork: N/A
# Date: 8/20/2019
# Exploit Author: Kevin Randall
# Vendor Homepage: https://www.coreftp.com
# Software Link: http://www.coreftp.com/server/index.html
# Version: Firmware: CoreFTP Server FTP / SFTP Server v2 - Build 674
# Tested on: Windows 7 and Windows XP
# CVE : CVE-2019-9648
class MetasploitModule < Msf::Auxiliary...
CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry
Posted by David Tomaschik via Fulldisclosure on Aug 25
CVE-2019-10071: Timing Attack in HMAC Verification in Apache TapestryAffected versions:
- Apache Tapestry 5.3.6 through current releases.
Description:
Apache Tapestry uses HMACs to verify the integrity of objects stored on the
client side. This was added to address the Java deserialization
vulnerability
disclosed in CVE-2014-1972. In the fix for the previous vulnerability, the
HMACs were compared by string comparison, which is known to be...
[CFP] Bsides Lisbon 2019
Posted by Claudio Andre on Aug 25
BSidesLisbon is back and we need your help to make it bigger and betteronce more!!
The event will be held in Lisbon (really?) on November 28th and 29th at
Auditorio FMD-UL
To register go to: *https://cfp.bsideslisbon.org*
<https://cfp.bsideslisbon.org/>
Speaking slots
As in the previous year, we will have the following:
*Regular Talks:*
Presentation slots with a fixed duration of 45 minutes plus 10 minutes for
Q&A.
*Short Talks:*...
[SECURITY] [DSA 4505-1] nginx security update
Posted by Moritz Muehlenhoff on Aug 22
-------------------------------------------------------------------------Debian Security Advisory DSA-4505-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 22, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : nginx
CVE ID : CVE-2019-9511 CVE-2019-9513...
FreeBSD Security Advisory FreeBSD-SA-19:23.midi [REVISED]
Posted by FreeBSD Security Advisories on Aug 22
=============================================================================FreeBSD-SA-19:23.midi Security Advisory
The FreeBSD Project
Topic: kernel memory disclosure from /dev/midistat
Category: core
Module: sound
Announced: 2019-08-20
Credits: Peter Holm, Mark Johnston
Affects: All supported versions of...
SEC Consult SA-20190822-0 :: Multiple Vulnerabilities in OpenPGP.js
Posted by SEC Consult Vulnerability Lab on Aug 22
You owe me € 10