SecureAuth – SecureAuth Labs Advisory http://www.secureauth.com/ Cisco WebEx Meetings Elevation of Privilege Vulnerability Version 2 1. *Advisory Information* Title: Cisco WebEx Meetings Elevation of Privilege Vulnerability Version 2 Advisory ID: CORE-2018-0012 Advisory URL: http://www.securea
[…続きを読む]
カテゴリ: セキュリティ
[SECURITY] [DSA 4395-2] chromium regression update
SHAREit for Android Authentication Bypass and Remote File Download
RedForce Advisory https://redforce.io ## ِAdvisory Information Title: SHAREit For Android <= 4.0.38 Multiple Vulnerabilities Advisory URL: https://blog.redforce.io/shareit-vulnerabilities-enable-unrestricted-access-to-adjacent-devices-files/ Date published: 2019-02-25 Date of last update: 2019-02
[…続きを読む]
Defense in depth — the Microsoft way (part 60): same old sins and incompetence!
[SECURITY] [DSA 4377-3] rssh security update
[SRP-2018-02] Details of a vulnerability in STMicroelectronics’ chipset
Hello All, Technical details of ST chipset vulnerability has been released and are now included in our technical report pertaining to the security of NC+ SAT TV platform. As indicated last week, the release is made as a direct result of no interest in this research. Updated version of the report, as
[…続きを読む]
[SAUTH-2019-0001] – Micro Focus Filr Multiple Vulnerabilities
SecureAuth – SecureAuth Labs Advisory http://www.secureauth.com/ Micro Focus Filr Multiple Vulnerabilities 1. *Advisory Information* Title: Micro Focus Filr Multiple Vulnerabilities Advisory ID: SAUTH-2019-0001 Advisory URL: https://www.secureauth.com/labs/advisories/micro-focus-filr-multiple-
[…続きを読む]
[SECURITY] [DSA 4396-1] ansible security update
[SECURITY] [DSA 4395-1] chromium security update
[SECURITY] [DSA 4394-1] rdesktop security update
[SECURITY] [DSA 4393-1] systemd security update
[SECURITY] [DSA 4388-2] mosquitto regression update
CVE-2018-20162: Digi TransPort LR54 Restricted Shell Escape
CVE-2018-20162: Digi TransPort LR54 Restricted Shell Escape =========================================================== The Digi TransPort LR54 is a high speed LTE router commonly used by industry, infrastructure, retail and public transportation. It supports running python scripts in a restricted s
[…続きを読む]
[SECURITY] [DSA 4392-1] thunderbird security update
DASAN H665 has vendor backdoor built into BusyBoxâs /bin/login
Hi! DASAN H665 has vendor backdoor built into BusyBox /bin/login. Account named “dnsekakf2$$” gives access to admin (uid 0) account over telnet without any password, at least for administration interface documented in H665 Quick Guide (subnet 192.168.55.0/24 on LAN interface). $ telnet 1
[…続きを読む]
[SECURITY] [DSA 4391-1] firefox-esr security update
Qkr! with MasterPass iOS Application – MITM SSL Certificate Vulnerability (CVE-2019-6702)
CA20190212-01: Security Notice for CA Privileged Access Manager
CA20190212-01: Security Notice for CA Privileged Access Manager Issued: February 12, 2019 Last Updated: February 12, 2019 CA Technologies Support is alerting customers to a potential risk with CA Privileged Access Manager. A vulnerability exists that can allow a remote attacker to access sensitive i
[…続きを読む]
[SECURITY] [DSA 4390-1] flatpak security update
[SECURITY] [DSA 4377-2] rssh regression update
[SECURITY] [DSA 4389-1] libu2f-host security update
[SECURITY] [DSA 4388-1] mosquitto security update
KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals.
[SECURITY] [DSA 4387-1] openssh security update
[SECURITY] [DSA 4386-1] curl security update
FreeBSD Security Advisory FreeBSD-SA-19:01.syscall
============================================================================= FreeBSD-SA-19:01.syscall Security Advisory The FreeBSD Project Topic: System call kernel data register leak Category: core Module: kernel Announced: 2019-02-05 Credits: Konstantin Belousov Affects: All supported versions o
[…続きを読む]
FreeBSD Security Advisory FreeBSD-SA-19:02.fd
============================================================================= FreeBSD-SA-19:02.fd Security Advisory The FreeBSD Project Topic: File description reference count leak Category: core Module: unix Announced: 2019-02-05 Credits: Peter Holm Affects: FreeBSD 12.0 Corrected: 2019-02-05 17:56
[…続きを読む]
[SECURITY] [DSA 4385-1] dovecot security update
SEC Consult SA-20190205-0 :: Multiple vulnerabilities in OSCI-Transport Library 1.2 for German e-Government
A blog post with further information has been released on this topic as well: https://r.sec-consult.com/osci SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: OSCI-Transport Library 1.2 for
[…続きを読む]
[Multiple CVE] – Cisco Identity Services Engine unauth stored XSS to RCE as root
Hi, On January 20th, SSD disclosed 3 vulnerabilities found by Agile Information Security in their Cisco Identity Services Engine (ISE) product. These are unauth stored XSS, unsafe Java deserialization and privesc to root, which when combined allow an unauthenticated attacker to achieve remote code e
[…続きを読む]
[SECURITY] [DSA 4384-1] libgd2 security update
[SECURITY] [DSA 4382-1] rssh security update
[SECURITY] [DSA 4383-1] libvncserver security update
[SECURITY] [DSA 4381-1] libreoffice security update
[SECURITY] [DSA 4380-1] golang-1.8 security update
[SECURITY] [DSA 4379-1] golang-1.7 security update
[SYSS-2018-032] COYO – Cross-Site Scripting
Advisory ID: SYSS-2018-032 Product: COYO Manufacturer: COYO GmbH Affected Version(s): 9.0.8, 10.0.11, 12.0.4 Tested Version(s): 9.0.8, 10.0.11, 10.0.33, 12.0.4 Vulnerability Type: Cross-Site Scripting (CWE-79) Risk Level: High Solution Status: Fixed Manufacturer Notification: 2018-09-06 Solution Dat
[…続きを読む]
[SYSS-2018-037] Pages for Bitbucket Server – Cross-Site Scripting
Advisory ID: SYSS-2018-037 Product: Pages for Bitbucket Server Manufacturer: Simplenia AG Affected Version(s): 2.6.0 and before Tested Version(s): 2.6.0 Vulnerability Type: Cross-Site Scripting (CWE-79) Risk Level: Medium Solution Status: Fixed Manufacturer Notification: 2018-11-26 Solution Date: 20
[…続きを読む]
[SECURITY] [DSA 4378-1] php-pear security update
[SECURITY] [DSA 4377-1] rssh security update
[SECURITY] [DSA 4376-1] firefox-esr security update
[SECURITY] [DSA 4375-1] spice security update
Fwd: CA20190124-01: Security Notice for CA Automic Workload Automation
CA20190124-01: Security Notice for CA Automic Workload Automation Issued: January 24, 2019 Last Updated: January 24, 2019 CA Technologies Support is alerting customers to a potential risk with CA Automic Workload Automation Automic Web Interface (AWI). A vulnerability exists that can allow an attack
[…続きを読む]
[SECURITY] [DSA 4374-1] qtbase-opensource-src security update
[SECURITY] [DSA 4373-1] coturn security update
Microsoft Windows “.contact” File HTML Injection Mailto: Link Remote Code Execution 0day ZDI-CAN-75
[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-CONTACT-FILE-HTML-INJECTION-MAILTO-LINK-ARBITRARY-CODE-EXECUTION.txt [+] ISR: ApparitionSec [+] Zero Day Initiative Program [+] ZDI-CAN-7591 [Vendor]
[…続きを読む]
[SECURITY] [DSA 4372-1] ghostscript security update
CVE-2019-6690: Improper Input Validation in python-gnupg
CVE-2019-6690: Improper Input Validation in python-gnupg ======================================================== We discovered a way to inject data through the passphrase property of the gnupg.GPG.encrypt() and gnupg.GPG.decrypt() methods when symmetric encryption is used. The supplied passphrase i
[…続きを読む]
SEC Consult SA-20190124-0 :: Cross-site scripting in CA Automic Workload Automation Web Interface (AWI)
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Cross-site scripting product: CA Automic Workload Automation Web Interface (AWI) (formerly Automic Automation Engine, UC4) vulnerable version: 12.0, 12.1, 12.2 fixed version
[…続きを読む]
[RT-SA-2018-004] Cisco RV320 Command Injection
Advisory: Cisco RV320 Command Injection RedTeam Pentesting discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router. Details ======= Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly others Affected Versions: 1.4.2.15 and later Fi
[…続きを読む]
[RT-SA-2018-003] Cisco RV320 Unauthenticated Diagnostic Data Retrieval
Advisory: Cisco RV320 Unauthenticated Diagnostic Data Retrieval RedTeam Pentesting discovered that the Cisco RV320 router exposes sensitive diagnostic data without authentication through the device’s web interface. Details ======= Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly othe
[…続きを読む]
[RT-SA-2018-002] Cisco RV320 Unauthenticated Configuration Export
Advisory: Cisco RV320 Unauthenticated Configuration Export RedTeam Pentesting discovered that the configuration of a Cisco RV320 router may be exported without authentication through the device’s web interface. Details ======= Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly others A
[…続きを読む]
CVE-2018-13042 – 1Password Android < 7.0 – Denial Of Service
############ Description ############ The 1Password application < 7.0 for Android is affected by a Denial Of Service vulnerability. By starting the activity com.agilebits.onepassword.filling.openyolo.OpenYoloDeleteActivity or com.agilebits.onepassword.filling.openyolo.OpenYoloRetrieveActivity fro
[…続きを読む]
[SECURITY] [DSA 4371-1] apt security update
[SRP-2018-02] Security of NC+ SAT TV platform and ST chipsets
Hello All, The report presenting the results of our SRP-2018-02 research into security of a digital satellite TV platform NC+ [1] is now available to general public from the following location: http://www.security-explorations.com/ncplus_sat_general_info.html In 2017 / 2018, we tried to obtain infor
[…続きを読む]
[Several CVE]: NUUO CMS – multiple vulnerabilities resulting in unauth RCE
–M2LnuDDMJoyIJlgKwqJJ70sxES6fp2AnG Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: quoted-printable Hi, In October 2018, ICS-CERT issued an advisory for Nuuo CMS: https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02 Long story short, Nuuo CMS contai
[…続きを読む]
CA20190117-01: Security Notice for CA Service Desk Manager
Defense in depth — the Microsoft way (part 59): we only fix every other vulnerability
Hi @ll the executable self-extractor (and its payload too) for the “Microsoft Office Subject Interface Packages for Digitally Signing VBA Projects”, available via , published April 19 2018, is (SURPRISE!) vulnerable! Vulnerability #1 ================ On a fully patched Windows 7, offices
[…続きを読む]
[SECURITY] [DSA 4370-1] drupal7 security update
[SYSS-2018-043] Authentication Bypass in Kentix MultiSensor LAN – CVE-2018-19783
[SYSS-2018-041] Mozilla Firefox – Information Exposure
[SECURITY] [DSA 4367-2] systemd regression update
CVE-2018-13798 Siemens – SICAM A8000 Series Webinterface XXE DoS
############################################################# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # ############################################################# # # Product: SICAM A8000 Series # Vendor: Siemens # CSNC ID: CSNC-2019-002 # CVE ID: CVE
[…続きを読む]
Microsoft Windows VCF File Insufficient UI Warning Remote Code Execution 0day ZDI-CAN-6920
[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-VCF-FILE-INSUFFICIENT-WARNING-REMOTE-CODE-EXECUTION.txt [+] ISR: ApparitionSec [+] Zero Day Initiative Program [Vendor] www.microsoft.com [Product] A
[…続きを読む]
[SECURITY] [DSA 4369-1] xen security update
[SECURITY] [DSA 4368-1] zeromq3 security update
[SECURITY] [DSA 4367-1] systemd security update
[SECURITY] [DSA 4366-1] vlc security update
[SYSS-2018-042] XSS in HMS Netbiter WS100 – CVE-2018-19694
[SYSS-2018-011] Portier – Cryptographic Issues
[SYSS-2018-011] Portier – SQL Injection
[SECURITY] [DSA 4365-1] tmpreaper security update
X41 D-Sec GmbH Security Advisory X41-2018-009: ReDoS Vulnerability in UA-Parser
SEC Consult SA-20190109-0 :: Multiple Vulnerabilities in Cisco VoIP Phones (88xx series)
SEC Consult Vulnerability Lab Security Advisory < 20190109-0 > ======================================================================= title: Multiple Vulnerabilities product: Cisco VoIP Phones, e.g. models 88XX vulnerable version: See list of vulnerable devices/firmwares below fixed version: 12.5.1
[…続きを読む]
メールサーバ間の暗号化
EU一般データ保護規則(General Data Protection Regulation:GDPR)により、 個人情報が含まれるメールのサーバ間のやり取りにも、暗号化が求められるようになりました。 常時SSL(Always On SSL)の流れは、メールにまで。 メールのヘッダに内に、下記のような記録が残されていれば、暗号化通信経路でメールを受け取っています。 (version=TLSv1 cipher=RC4-SHA bits=128/128); こちらのSSL-TOOLSを使って、相手先のメールサーバが暗号化に対応しているか確認することができます。 https://ssl-tools.
[…続きを読む]
Kaspersky Cyberthreat Real-Time Map
Symantec証明書
最近、自分のサイトをChromeで開いたとき、 ディベロッパーコンソール上に、下記の警告が出ていませんか? ⚠The SSL certificate used to load resources from https://xxxx.com will be distrusted in M70. Once distrusted, users will be prevented from loading these resources. See https://g.co/chrome/symantecpkicerts for more information. 2018年10月20日頃
[…続きを読む]
VirusTotalの紹介
ダウンロードしたファイルは、毎回VirusTotalのチェックする習慣をお勧めします。 VirusTotalサイト: https://www.virustotal.com/ 確認したいファイルをアップロードすると、こんな感じで60種類以上のアンチウイルスソフトで検査してくれます。 毎回ファイルをアップロードするのも面倒なので、 デスクトップツールを利用しましょう。 フッターのTools内にある、Desktop Appsからいけます。 ツールをインストールすると、右クリックのメニューに”Send to VirusTotal”と出てきます。 サーバにファイルを送る前にファイルのハッシュ値を計算し、
[…続きを読む]