Security News

Vuln: WPA2 Key Reinstallation Multiple Security Weaknesses

Security Focus Vulnerabilities - 21 February, 2019 - 00:00
WPA2 Key Reinstallation Multiple Security Weaknesses

[SAUTH-2019-0001] - Micro Focus Filr Multiple Vulnerabilities

Bug Traq - 20 February, 2019 - 23:02

Posted by advisories on Feb 20

SecureAuth - SecureAuth Labs Advisory
http://www.secureauth.com/

Micro Focus Filr Multiple Vulnerabilities

1. *Advisory Information*

Title: Micro Focus Filr Multiple Vulnerabilities
Advisory ID: SAUTH-2019-0001
Advisory URL:
https://www.secureauth.com/labs/advisories/micro-focus-filr-multiple-vulnerabilities
Date published: 2019-02-20
Date of last update: 2019-02-20
Vendors contacted: Micro Focus
Release mode: Coordinated release

2....

[SRP-2018-02] Details of a vulnerability in STMicroelectronics' chipset

Full Disclosure - 20 February, 2019 - 16:41

Posted by Adam Gowdiak on Feb 20

Hello All,

Technical details of ST chipset vulnerability has been released
and are now included in our technical report pertaining to the
security of NC+ SAT TV platform.

As indicated last week, the release is made as a direct result
of no interest in this research.

Updated version of the report, associated Proof of Concept codes
and tools can be downloaded from SRP-2018-02 project location:...

[SECURITY] [DSA 4396-1] ansible security update

Bug Traq - 20 February, 2019 - 03:15

Posted by Moritz Muehlenhoff on Feb 20

-------------------------------------------------------------------------
Debian Security Advisory DSA-4396-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 19, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : ansible
CVE ID : CVE-2018-10855 CVE-2018-10875...

Vuln: systemd CVE-2019-6454 Local Denial of Service Vulnerability

Security Focus Vulnerabilities - 20 February, 2019 - 00:00
systemd CVE-2019-6454 Local Denial of Service Vulnerability

Vuln: Elasticsearch Logstash CVE-2019-7612 Information Disclosure Vulnerability

Security Focus Vulnerabilities - 19 February, 2019 - 00:00
Elasticsearch Logstash CVE-2019-7612 Information Disclosure Vulnerability

Vuln: WordPress CVE-2019-8943 Directory Traversal Vulnerability

Security Focus Vulnerabilities - 19 February, 2019 - 00:00
WordPress CVE-2019-8943 Directory Traversal Vulnerability

Vuln: Horner Automation Cscape CVE-2019-6555 Arbitrary Code Execution Vulnerability

Security Focus Vulnerabilities - 19 February, 2019 - 00:00
Horner Automation Cscape CVE-2019-6555 Arbitrary Code Execution Vulnerability

Vuln: Delta Industrial Automation CNCSoft CVE-2019-6547 Denial of Service Vulnerability

Security Focus Vulnerabilities - 19 February, 2019 - 00:00
Delta Industrial Automation CNCSoft CVE-2019-6547 Denial of Service Vulnerability

Vuln: LibVNCServer Incomplete Fix Multiple Heap Buffer Overflow Vulnerabilities

Security Focus Vulnerabilities - 19 February, 2019 - 00:00
LibVNCServer Incomplete Fix Multiple Heap Buffer Overflow Vulnerabilities

[SECURITY] [DSA 4395-1] chromium security update

Bug Traq - 18 February, 2019 - 23:27

Posted by Michael Gilbert on Feb 18

-------------------------------------------------------------------------
Debian Security Advisory DSA-4395-1 security () debian org
https://www.debian.org/security/ Michael Gilbert
February 18, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : chromium
CVE ID : CVE-2018-17481 CVE-2019-5754...

[SECURITY] [DSA 4394-1] rdesktop security update

Bug Traq - 18 February, 2019 - 21:34

Posted by Moritz Muehlenhoff on Feb 18

-------------------------------------------------------------------------
Debian Security Advisory DSA-4394-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 18, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : rdesktop
CVE ID : CVE-2018-8791 CVE-2018-8792...

[SECURITY] [DSA 4393-1] systemd security update

Bug Traq - 18 February, 2019 - 21:30

Posted by Salvatore Bonaccorso on Feb 18

-------------------------------------------------------------------------
Debian Security Advisory DSA-4393-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 18, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : systemd
CVE ID : CVE-2019-6454

Chris Coulson...

Re: The dream of the LISP machine is alive in the 90ies

Daily Dave - 18 February, 2019 - 11:41

Posted by the grugq on Feb 18

inline...

I like to think I'm as good an armchair philosopher as anyone else that

Attacking information processing systems is what I’ve been researching for
the last few years. The only way to create propaganda or implement
deceptions is if you have a model of how the entity processes data. Once
you have that model you can craft information that will force the entity to
respond in the manner you chose. This is the theory anyway. There...

Vuln: QEMU CVE-2019-3812 Out-Of-Bounds Read Local Information Disclosure Vulnerability

Security Focus Vulnerabilities - 18 February, 2019 - 00:00
QEMU CVE-2019-3812 Out-Of-Bounds Read Local Information Disclosure Vulnerability

Vuln: SolarWinds Orion Network Performance Monitor (NPM) CVE-2019-8917 Remote Code Execution Vulnerability

Security Focus Vulnerabilities - 18 February, 2019 - 00:00
SolarWinds Orion Network Performance Monitor (NPM) CVE-2019-8917 Remote Code Execution Vulnerability

Vuln: Multiple Dasan GPON Routers Command Injection and Authentication Bypass Vulnerabilities

Security Focus Vulnerabilities - 18 February, 2019 - 00:00
Multiple Dasan GPON Routers Command Injection and Authentication Bypass Vulnerabilities

Vuln: Multiple F5 BIG-IP Products CVE-2018-15319 Denial of Service Vulnerability

Security Focus Vulnerabilities - 18 February, 2019 - 00:00
Multiple F5 BIG-IP Products CVE-2018-15319 Denial of Service Vulnerability

[SECURITY] [DSA 4388-2] mosquitto regression update

Bug Traq - 17 February, 2019 - 23:13

Posted by Salvatore Bonaccorso on Feb 17

-------------------------------------------------------------------------
Debian Security Advisory DSA-4388-2 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 17, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : mosquitto
Debian Bug : 922071

Kushal Kumaran reported...

CVE-2018-20162: Digi TransPort LR54 Restricted Shell Escape

Bug Traq - 17 February, 2019 - 23:09

Posted by Stig Palmquist on Feb 17

CVE-2018-20162: Digi TransPort LR54 Restricted Shell Escape
===========================================================

The Digi TransPort LR54 is a high speed LTE router commonly used by industry,
infrastructure, retail and public transportation.

It supports running python scripts in a restricted sandbox, and has a custom
shell accessible over SSH which is subjected to the same restrictions. The
underlying OS is inaccessible to the...
Syndicate content