Security News

APPLE-SA-2019-8-26-1 iOS 12.4.1

Full Disclosure - 27 August, 2019 - 12:01

Posted by Akila Srinivasan via Fulldisclosure on Aug 27

APPLE-SA-2019-8-26-1 iOS 12.4.1

iOS 12.4.1 is now available and addresses the following:

Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8605: Ned Williamson working with Google Project Zero

Additional recognition...

[slackware-security] Slackware 14.2 kernel (SSA:2019-238-01)

Bug Traq - 27 August, 2019 - 01:56

Posted by Slackware Security Team on Aug 26

[slackware-security] Slackware 14.2 kernel (SSA:2019-238-01)

New kernel packages are available for Slackware 14.2 to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/linux-4.4.190/*: Upgraded.
These updates fix various bugs and a minor local denial-of-service security
issue. They also change this option:
FANOTIFY_ACCESS_PERMISSIONS n -> y
This is needed by...

[SECURITY] [DSA 4509-1] apache2 security update

Bug Traq - 27 August, 2019 - 01:53

Posted by Salvatore Bonaccorso on Aug 26

-------------------------------------------------------------------------
Debian Security Advisory DSA-4509-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
August 26, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : apache2
CVE ID : CVE-2019-9517 CVE-2019-10081...

APPLE-SA-2019-8-26-3 tvOS 12.4.1

Bug Traq - 27 August, 2019 - 01:51

Posted by Akila Srinivasan on Aug 26

APPLE-SA-2019-8-26-3 tvOS 12.4.1

tvOS 12.4.1 is now available and addresses the following:

Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8605: Ned Williamson working with Google Project Zero

Additional recognition

Kernel
We would like to acknowledge...

APPLE-SA-2019-8-26-2 macOS Mojave 10.14.6 Supplemental Update

Bug Traq - 27 August, 2019 - 01:45

Posted by Akila Srinivasan on Aug 26

APPLE-SA-2019-8-26-2 macOS Mojave 10.14.6 Supplemental Update

macOS Mojave 10.14.6 Supplemental Update is now available and
addresses the following:

Kernel
Available for: macOS Mojave 10.14.6
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8605: Ned Williamson working with Google Project Zero

Additional...

APPLE-SA-2019-8-26-1 iOS 12.4.1

Bug Traq - 27 August, 2019 - 01:41

Posted by Akila Srinivasan on Aug 26

APPLE-SA-2019-8-26-1 iOS 12.4.1

iOS 12.4.1 is now available and addresses the following:

Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8605: Ned Williamson working with Google Project Zero

Additional recognition...

[SECURITY] [DSA 4508-1] h2o security update

Bug Traq - 26 August, 2019 - 01:27

Posted by Moritz Muehlenhoff on Aug 25

-------------------------------------------------------------------------
Debian Security Advisory DSA-4508-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 24, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : h2o
CVE ID : CVE-2019-9512 CVE-2019-9514...

[SECURITY] [DSA 4507-1] squid security update

Bug Traq - 26 August, 2019 - 01:24

Posted by Salvatore Bonaccorso on Aug 25

-------------------------------------------------------------------------
Debian Security Advisory DSA-4507-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
August 24, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : squid
CVE ID : CVE-2019-12525 CVE-2019-12527...

[SECURITY] [DSA 4506-1] qemu security update

Bug Traq - 26 August, 2019 - 01:20

Posted by Moritz Muehlenhoff on Aug 25

-------------------------------------------------------------------------
Debian Security Advisory DSA-4506-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 24, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : qemu
CVE ID : CVE-2018-20815 CVE-2019-13164...

Hard-coded credentials on ProGrade/Lierda Grill Temperature Monitor [CVE-2019-15304]

Full Disclosure - 25 August, 2019 - 23:56

Posted by tim on Aug 25

[Author:] Tim Tepatti
[Website:] tepatti.com

[Title:] Hard-coded credentials on ProGrade/Lierda Grill Temperature
Monitor [CVE-2019-15304]

[Product:] Grill Temperature Monitor
[Manufacturer:] ProGrade / Lierda
[Affected Version(s):] V1.00_50006
[Tested Version(s):] V1.00_50006
[Vulnerability Type:] Use of hard-coded credentials (CWE ID 798)
[CVE Reference:] CVE-2019-15304

[TL;DR:]

ProGrade/Lierda Grill Temperature Monitor V1.00_50006 has a...

Unquoted Path - Trend Micro

Full Disclosure - 25 August, 2019 - 23:56

Posted by Silton Renato Pereira dos Santos on Aug 25

=====[ Tempest Security Intelligence - ADV-02/2019
]==========================

Trend Maximum Security 2019
Author: Silton Santos
Tempest Security Intelligence - Recife, Pernambuco - Brazil

=====[ Table of
Contents]=====================================================

* Overview
* Detailed description
* Timeline of disclosure
* Thanks & Acknowledgements
* References

=====[ Vulnerability...

[CVE-2019-15150] CSRF in MediaWiki extension OAuth2 Client 0.3

Full Disclosure - 25 August, 2019 - 23:56

Posted by Justin Bull on Aug 25

[CVE-2019-15150] CSRF in MediaWiki extension OAuth2 Client 0.3

Happy Sunday everyone.

A security bulletin for you all.

Software:
--------
MediaWiki OAuth2 Client (https://github.com/Schine/MW-OAuth2Client)

Description:
----------
MediaWiki implementation of the PHP League's OAuth2 Client, to allow MediaWiki
to act as a client to any OAuth2 server.

Not Affeted:
------------
0.2 and earlier.

Affected Versions:
---------------
0.3

Fixed...

Realtek Managed Switch Controller RTL83xx

Full Disclosure - 25 August, 2019 - 23:56

Posted by bashis on Aug 25

[SOT]

[Subject]

Realtek Managed Switch Controller (RTL83xx) PoC (2019 bashis)
https://www.realtek.com/en/products/communications-network-ics/category/managed-switch-controller

[Brief description]

1. Boa/Hydra suffer of exploitable stack overflow with a 'one byte read-write loop' w/o boundary check. (all FW
version and vendors affected)
Note: The vulnerability are _not_ from Boa nor...

CoreFTP Server FTP / SFTP Server v2 - Build 674 MDTM Directory Traversal (Metasploit) Exploit

Full Disclosure - 25 August, 2019 - 23:56

Posted by Kevin R on Aug 25

# Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 MDTM
Directory Traversal (Metasploit)
# Google Dork: N/A
# Date: 8/21/2019
# Exploit Author: Kevin Randall
# Vendor Homepage: https://www.coreftp.com
# Software Link: http://www.coreftp.com/server/index.html
# Version: Firmware: CoreFTP Server FTP / SFTP Server v2 - Build 674
# Tested on: Windows 7 and Windows XP
# CVE : CVE-2019-9649

class MetasploitModule < Msf::Auxiliary...

CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE Directory Traversal (Metasploit) Exploit

Full Disclosure - 25 August, 2019 - 23:56

Posted by Kevin R on Aug 25

# Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE
Directory Traversal (Metasploit)
# Google Dork: N/A
# Date: 8/20/2019
# Exploit Author: Kevin Randall
# Vendor Homepage: https://www.coreftp.com
# Software Link: http://www.coreftp.com/server/index.html
# Version: Firmware: CoreFTP Server FTP / SFTP Server v2 - Build 674
# Tested on: Windows 7 and Windows XP
# CVE : CVE-2019-9648

class MetasploitModule < Msf::Auxiliary...

CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry

Full Disclosure - 25 August, 2019 - 23:48

Posted by David Tomaschik via Fulldisclosure on Aug 25

CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry

Affected versions:
- Apache Tapestry 5.3.6 through current releases.

Description:
Apache Tapestry uses HMACs to verify the integrity of objects stored on the
client side. This was added to address the Java deserialization
vulnerability
disclosed in CVE-2014-1972. In the fix for the previous vulnerability, the
HMACs were compared by string comparison, which is known to be...

[CFP] Bsides Lisbon 2019

Full Disclosure - 25 August, 2019 - 23:47

Posted by Claudio Andre on Aug 25

BSidesLisbon is back and we need your help to make it bigger and better
once more!!

The event will be held in Lisbon (really?) on November 28th and 29th at
Auditorio FMD-UL

To register go to: *https://cfp.bsideslisbon.org*
<https://cfp.bsideslisbon.org/>
Speaking slots

As in the previous year, we will have the following:

*Regular Talks:*

Presentation slots with a fixed duration of 45 minutes plus 10 minutes for
Q&A.

*Short Talks:*...

[SECURITY] [DSA 4505-1] nginx security update

Bug Traq - 22 August, 2019 - 14:59

Posted by Moritz Muehlenhoff on Aug 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-4505-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 22, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : nginx
CVE ID : CVE-2019-9511 CVE-2019-9513...

FreeBSD Security Advisory FreeBSD-SA-19:23.midi [REVISED]

Bug Traq - 22 August, 2019 - 14:55

Posted by FreeBSD Security Advisories on Aug 22

=============================================================================
FreeBSD-SA-19:23.midi Security Advisory
The FreeBSD Project

Topic: kernel memory disclosure from /dev/midistat

Category: core
Module: sound
Announced: 2019-08-20
Credits: Peter Holm, Mark Johnston
Affects: All supported versions of...

SEC Consult SA-20190822-0 :: Multiple Vulnerabilities in OpenPGP.js

Bug Traq - 22 August, 2019 - 07:30

Posted by SEC Consult Vulnerability Lab on Aug 22

You owe me € 10
Syndicate content