Security News

Mitel 6869i SIP Deskphone 4.2.2032: Unauthenticated Bash Command Injection Vulnerability with Root Priviledges in /cgi-bin/webuploadconfig script

Full Disclosure - 9 August, 2019 - 17:32

Posted by Axel Rengstorf on Aug 09

BlueBox Security
http://www.bluebox-security.de/ security(at)bluebox-security.de
bbs-2019.001.txt 08-August-2019

[SECURITY] [DSA 4493-1] postgresql-11 security update

Bug Traq - 8 August, 2019 - 17:00

Posted by Moritz Muehlenhoff on Aug 08

-------------------------------------------------------------------------
Debian Security Advisory DSA-4493-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 08, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : postgresql-11
CVE ID : CVE-2019-10208...

[SECURITY] [DSA 4492-1] postgresql-9.6 security update

Bug Traq - 8 August, 2019 - 16:57

Posted by Moritz Muehlenhoff on Aug 08

-------------------------------------------------------------------------
Debian Security Advisory DSA-4492-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 08, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : postgresql-9.6
CVE ID : CVE-2019-10208

A issue has...

[slackware-security] kdelibs (SSA:2019-220-01)

Bug Traq - 8 August, 2019 - 06:19

Posted by Slackware Security Team on Aug 08

[slackware-security] kdelibs (SSA:2019-220-01)

New kdelibs packages are available for Slackware 14.2 and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/kdelibs-4.14.38-i586-1_slack14.2.txz: Upgraded.
kconfig: malicious .desktop files (and others) would execute code.
For more information, see:...

[waraxe-2019-SA#110] - Reflected XSS in MapProxy 1.11.0

Bug Traq - 8 August, 2019 - 06:15

Posted by come2waraxe on Aug 08

[waraxe-2019-SA#110] - Reflected XSS in MapProxy 1.11.0
================================================================================

Author: Janek Vind "waraxe"
Date: 07. August 2019
Location: Estonia, Tartu
Web: http://www.waraxe.us/advisory-110.html

Target description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MapProxy is an open source proxy for geospatial data. It caches, accelerates and...

New Tool - Phishing Simulation

Full Disclosure - 7 August, 2019 - 15:12

Posted by jeny raval on Aug 07

Hello Team,

I have developed this tool "Phishing Simulation", which might be a good fit
for your arsenal.

https://github.com/jenyraval/Phishing-Simulation

I will also be presenting this one at defcon this year. Let me know if any
more information is needed.

Thanks!
Jyoti Raval

Fortinet FortiRecorder Hardcoded Password

Full Disclosure - 7 August, 2019 - 15:08

Posted by Aaron Blair via Fulldisclosure on Aug 07

Original posting:
https://xor.cat/2019/08/05/fortinet-fortirecorder-hardcoded-password/

Text archive available here:
https://xor.cat/archive/2019/08/05/fortinet-fortirecorder-hardcoded-password.txt

## Background

In June of 2019 I discovered a vulnerability in Fortinet's
FortiRecorder[1] product which impacts the FortiCam devices that are
connected to a FortiRecorder.

The FortiRecorder is a network video recorder product which administers...

FreeBSD Security Advisory FreeBSD-SA-19:21.bhyve

Bug Traq - 6 August, 2019 - 14:06

Posted by FreeBSD Security Advisories on Aug 06

=============================================================================
FreeBSD-SA-19:21.bhyve Security Advisory
The FreeBSD Project

Topic: Insufficient validation of guest-supplied data (e1000 device)

Category: core
Module: bhyve
Announced: 2019-08-06
Credits: Reno Robert
Affects: All supported versions...

FreeBSD Security Advisory FreeBSD-SA-19:20.bsnmp

Bug Traq - 6 August, 2019 - 14:03

Posted by FreeBSD Security Advisories on Aug 06

=============================================================================
FreeBSD-SA-19:20.bsnmp Security Advisory
The FreeBSD Project

Topic: Insufficient message length validation in bsnmp library

Category: contrib
Module: bsnmp
Announced: 2019-08-06
Credits: Guido Vranken <guidovranken () gmail com>...

FreeBSD Security Advisory FreeBSD-SA-19:19.mldv2

Bug Traq - 6 August, 2019 - 14:00

Posted by FreeBSD Security Advisories on Aug 06

=============================================================================
FreeBSD-SA-19:19.mldv2 Security Advisory
The FreeBSD Project

Topic: ICMPv6 / MLDv2 out-of-bounds memory access

Category: core
Module: net
Announced: 2019-08-06
Credits: CJD of Apple
Affects: All supported versions of FreeBSD....

FreeBSD Security Advisory FreeBSD-SA-19:18.bzip2

Bug Traq - 6 August, 2019 - 13:57

Posted by FreeBSD Security Advisories on Aug 06

=============================================================================
FreeBSD-SA-19:18.bzip2 Security Advisory
The FreeBSD Project

Topic: Multiple vulnerabilities in bzip2

Category: contrib
Module: bzip2
Announced: 2019-08-06
Affects: All supported versions of FreeBSD.
Corrected: 2019-07-04 07:29:18 UTC...

[SECURITY] [DSA 4491-1] proftpd-dfsg security update

Bug Traq - 5 August, 2019 - 03:28

Posted by Moritz Muehlenhoff on Aug 05

-------------------------------------------------------------------------
Debian Security Advisory DSA-4491-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 04, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : proftpd-dfsg
CVE ID : CVE-2019-12815
Debian Bug...

Microsoft Windows PowerShell Unsanitized Filename Command Execution

Bug Traq - 5 August, 2019 - 03:24

Posted by apparitionsec on Aug 05

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt
[+] ISR: Apparition Security

[Vendor]
www.microsoft.com

[Product]
Windows PowerShell

Windows PowerShell is a Windows command-line shell designed especially for system administrators.
PowerShell includes an interactive...

Avira Free Security Suite 2019 - Exploiting Arbitrary File Writes for Local Elevation of Privilege

Full Disclosure - 2 August, 2019 - 13:42

Posted by filipe on Aug 02

=====[ Tempest Security Intelligence - ADV-01/2019
]==========================

Avira Free Security Suite 2019 - Software Updater v2.0.6.13175
Author: Silton Santos
Tempest Security Intelligence - Recife, Pernambuco - Brazil

=====[ Table of
Contents]=====================================================

* Overview
* Detailed description
* Timeline of disclosure
* Thanks & Acknowledgements
* References

=====[ Vulnerability...

Microsoft Windows PowerShell / Unsanitized Filename Command Execution

Full Disclosure - 2 August, 2019 - 13:42

Posted by hyp3rlinx on Aug 02

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt
[+] ISR: Apparition Security

[Vendor]
www.microsoft.com

[Product]
Windows PowerShell

Windows PowerShell is a Windows command-line shell designed especially for
system administrators.
PowerShell includes an interactive prompt and a scripting...

[slackware-security] mariadb (SSA:2019-213-01)

Bug Traq - 2 August, 2019 - 02:52

Posted by Slackware Security Team on Aug 02

[slackware-security] mariadb (SSA:2019-213-01)

New mariadb packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mariadb-5.5.65-i486-1_slack14.1.txz: Upgraded.
This update fixes bugs and security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2805...

[SECURITY] [DSA 4490-1] subversion security update

Bug Traq - 1 August, 2019 - 04:37

Posted by Salvatore Bonaccorso on Aug 01

-------------------------------------------------------------------------
Debian Security Advisory DSA-4490-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
August 01, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : subversion
CVE ID : CVE-2018-11782 CVE-2019-0203...

VTS19-002: Multiple Vulnerabilities in Veritas Resiliency Platform (VRP)

Full Disclosure - 31 July, 2019 - 00:30

Posted by David Dillard on Jul 30

Four vulnerabilities have been fixed in VRP 3.4 HF1, one of which is of critical severity.

Directory traversal vulnerability related to uploading application bundles
CVE-2019-14415
Critical severity

Arbitrary command execution vulnerability with root privilege related to DNS server configuration
CVE-2019-14416
High severity

Arbitrary command execution vulnerability with root privilege related to resiliency plans and custom scripts...

[SECURITY] [DSA 4489-1] patch security update

Bug Traq - 30 July, 2019 - 02:36

Posted by Salvatore Bonaccorso on Jul 30

-------------------------------------------------------------------------
Debian Security Advisory DSA-4489-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
July 27, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : patch
CVE ID : CVE-2019-13636 CVE-2019-13638
Debian...

CVE-2019-13635: Directory traversal in WP Fastest Cache 0.8.9.5 and below

Bug Traq - 30 July, 2019 - 02:32

Posted by Imre Rad on Jul 30

WP Fastest Cache is a Wordpress plugin that creates static html files
from the dynamic WordPress blog in order to speed up operation.

Version 0.8.9.5 and below of the plugin was identified being
vulnerable to directory traversal attacks.

The first two are Windows only, the 3rd one is generic. The Windows
specific ones were tested on WampServer (so with Apache's Httpd).

#1:
The impact is reading files outside of the cache directory. The...
Syndicate content