< Back to JetLib.com

jetlib.sec

« Expand/Collapse

Recent items

Skip to page: 1 2 3 4 ... 810

July 13, 2018
9:33
Hadoop YARN ResourceManager Unauthenticated Command Execution
» ‎ Packet Storm Security Misc. Files

This Metasploit module exploits an unauthenticated command execution vulnerability in Apache Hadoop through ResourceManager REST API.
Tags:

9:30
GNU Privacy Guard 2.2.9
» ‎ Packet Storm Security Recent Files

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
Tags:

9:30
GNU Privacy Guard 2.2.9
» ‎ Packet Storm Security Tools

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
Tags:

9:30
GNU Privacy Guard 2.2.9
» ‎ Packet Storm Security Misc. Files

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
Tags:

9:17
Clam AntiVirus parsehwp3_paragraph() Denial Of Service
» ‎ Packet Storm Security Advisories

Secunia Research has discovered a vulnerability in Clam AntiVirus, which can be exploited by malicious people to cause a DoS (Denial of Service). An integer overflow error within the "parsehwp3_paragraph()" function (libclamav/hwp.c) can be exploited to trigger an infinite loop via a specially crafted Hangul Word Processor file. The vulnerability is confirmed in version 0.100.0 and reported in versions prior to 0.100.1.
Tags:

9:17
Clam AntiVirus parsehwp3_paragraph() Denial Of Service
» ‎ Packet Storm Security Recent Files

Secunia Research has discovered a vulnerability in Clam AntiVirus, which can be exploited by malicious people to cause a DoS (Denial of Service). An integer overflow error within the "parsehwp3_paragraph()" function (libclamav/hwp.c) can be exploited to trigger an infinite loop via a specially crafted Hangul Word Processor file. The vulnerability is confirmed in version 0.100.0 and reported in versions prior to 0.100.1.
Tags:

9:17
Clam AntiVirus parsehwp3_paragraph() Denial Of Service
» ‎ Packet Storm Security Misc. Files

Secunia Research has discovered a vulnerability in Clam AntiVirus, which can be exploited by malicious people to cause a DoS (Denial of Service). An integer overflow error within the "parsehwp3_paragraph()" function (libclamav/hwp.c) can be exploited to trigger an infinite loop via a specially crafted Hangul Word Processor file. The vulnerability is confirmed in version 0.100.0 and reported in versions prior to 0.100.1.
Tags:

9:16
VMware Security Advisory 2018-0017
» ‎ Packet Storm Security Advisories

VMware Security Advisory 2018-0017 - VMware Tools update addresses an out-of-bounds read vulnerability.
Tags:

9:16
VMware Security Advisory 2018-0017
» ‎ Packet Storm Security Recent Files

VMware Security Advisory 2018-0017 - VMware Tools update addresses an out-of-bounds read vulnerability.
Tags:

9:16
VMware Security Advisory 2018-0017
» ‎ Packet Storm Security Misc. Files

VMware Security Advisory 2018-0017 - VMware Tools update addresses an out-of-bounds read vulnerability.
Tags:

9:14
G DATA TOTAL SECURITY 25.4.0.3 Active-X Buffer Overflow
» ‎ Packet Storm Security Exploits

G DATA TOTAL SECURITY version 25.4.0.3 suffers from an active-x buffer overflow vulnerability.
Tags:

9:14
G DATA TOTAL SECURITY 25.4.0.3 Active-X Buffer Overflow
» ‎ Packet Storm Security Recent Files

G DATA TOTAL SECURITY version 25.4.0.3 suffers from an active-x buffer overflow vulnerability.
Tags:

9:14
G DATA TOTAL SECURITY 25.4.0.3 Active-X Buffer Overflow
» ‎ Packet Storm Security Misc. Files

G DATA TOTAL SECURITY version 25.4.0.3 suffers from an active-x buffer overflow vulnerability.
Tags:

9:11
Total AV 4.6.19 Insecure Permissions
» ‎ Packet Storm Security Exploits

A vulnerability allows local attackers to escalate privilege on TotalAV versions 4.1.7 through 4.6.19 because of weak "C:\Program Files\TotalAV" permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM.
Tags:

9:11
Total AV 4.6.19 Insecure Permissions
» ‎ Packet Storm Security Recent Files

A vulnerability allows local attackers to escalate privilege on TotalAV versions 4.1.7 through 4.6.19 because of weak "C:\Program Files\TotalAV" permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM.
Tags:

9:11
Total AV 4.6.19 Insecure Permissions
» ‎ Packet Storm Security Misc. Files

A vulnerability allows local attackers to escalate privilege on TotalAV versions 4.1.7 through 4.6.19 because of weak "C:\Program Files\TotalAV" permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM.
Tags:

9:08
ISS For Business 14.0.1400.2029 Blue Screen Of Death
» ‎ Packet Storm Security Advisories

In MicroWorld eScan Internet Security Suite (ISS) for Business version 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD).
Tags:

9:08
ISS For Business 14.0.1400.2029 Blue Screen Of Death
» ‎ Packet Storm Security Recent Files

In MicroWorld eScan Internet Security Suite (ISS) for Business version 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD).
Tags:

9:08
ISS For Business 14.0.1400.2029 Blue Screen Of Death
» ‎ Packet Storm Security Misc. Files

In MicroWorld eScan Internet Security Suite (ISS) for Business version 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD).
Tags:

9:04
OpenConext-EngineBlock 5.7.3 Cross Site Scripting
» ‎ Packet Storm Security Exploits

OpenConext-EngineBlock versions 5.7.0 through 5.7.3suffers from a cross site scripting vulnerability.
Tags:

9:04
OpenConext-EngineBlock 5.7.3 Cross Site Scripting
» ‎ Packet Storm Security Recent Files

OpenConext-EngineBlock versions 5.7.0 through 5.7.3suffers from a cross site scripting vulnerability.
Tags:

9:04
OpenConext-EngineBlock 5.7.3 Cross Site Scripting
» ‎ Packet Storm Security Misc. Files

OpenConext-EngineBlock versions 5.7.0 through 5.7.3suffers from a cross site scripting vulnerability.
Tags:

9:01
Fortify SSC 17.10 / 17.20 / 18.10 XXE Injection
» ‎ Packet Storm Security Exploits

Fortify SSC versions 17.10, 17.20, and 18.10 suffer from an out-of-band XML external entity injection vulnerability.
Tags:

9:01
Fortify SSC 17.10 / 17.20 / 18.10 XXE Injection
» ‎ Packet Storm Security Recent Files

Fortify SSC versions 17.10, 17.20, and 18.10 suffer from an out-of-band XML external entity injection vulnerability.
Tags:

9:01
Fortify SSC 17.10 / 17.20 / 18.10 XXE Injection
» ‎ Packet Storm Security Misc. Files

Fortify SSC versions 17.10, 17.20, and 18.10 suffer from an out-of-band XML external entity injection vulnerability.
Tags:

8:59
Barracuda ADC 5.x Cross Site Scripting
» ‎ Packet Storm Security Exploits

Barracuda ADC version 5.x suffers from cross site scripting vulnerabilities.
Tags:

8:59
Barracuda ADC 5.x Cross Site Scripting
» ‎ Packet Storm Security Recent Files

Barracuda ADC version 5.x suffers from cross site scripting vulnerabilities.
Tags:

8:59
Barracuda ADC 5.x Cross Site Scripting
» ‎ Packet Storm Security Misc. Files

Barracuda ADC version 5.x suffers from cross site scripting vulnerabilities.
Tags:

8:57
Bogus MDM System Used To Hack iPhones In India
» ‎ Packet Storm Security Headlines

Bogus MDM System Used To Hack iPhones In India
Tags: headlinemalwarephoneindiafraudapple
8:57
Chrome Adds Ambitious Browser Mitigation For Spectre
» ‎ Packet Storm Security Headlines

Chrome Adds Ambitious Browser Mitigation For Spectre
Tags: headlineflawgooglepatchchromeintel
8:57
Cisco Patches High-Severity Bug In VoIP Phones
» ‎ Packet Storm Security Headlines

Cisco Patches High-Severity Bug In VoIP Phones
Tags: headlineflawpatchcisco
8:57
Ukraine Claims It Blocked VPNFilter Attack At Chemical Plant
» ‎ Packet Storm Security Headlines

Ukraine Claims It Blocked VPNFilter Attack At Chemical Plant
Tags: headlinemalwarecyberwarscada

8:30
Supersize DIY R/C Servos From Windscreen Wipers
» ‎ Hack a Day

We’re all familiar with the experience of buying hobby servos. The market is awash with cheap clones which have inflated specs and poor performance. Even branded servos often fail to deliver, and sometimes you just can’t get the required torque or speed from the small form factor of the typical hobby servo.

Enter [James Bruton] and his DIY RC servo from a windscreen wiper motor. Windscreen wiper motors are cheap as chips, and a classic salvage. The motor shaft is connected to a potentiometer via a pulley and some string, providing the necessary closed-loop feedback. Instead of using the traditional …read more

Tags: printer hacks

7:44
Linux execve(/bin/sh) Shellcode
» ‎ Packet Storm Security Recent Files

21 bytes small Linux x86_64 execve(/bin/sh) shellcode.
Tags:

7:44
Linux execve(/bin/sh) Shellcode
» ‎ Packet Storm Security Misc. Files

21 bytes small Linux x86_64 execve(/bin/sh) shellcode.
Tags:

7:19
Huawei eNSP v1 - Buffer Overflow (DoS) Vulnerability
» ‎ Full Disclosure

Posted by Vulnerability Lab on Jul 13
Document Title:
===============
Huawei eNSP v1 - Buffer Overflow (DoS) Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2132

Security ID: huawei-sa-20180309-01-ensp

https://nvd.nist.gov/vuln/detail/CVE-2017-17321
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17321

Acknowledgements:
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180309-01-ensp-en...

Tags:

7:01
Behind The Pin: How The Raspberry Pi Gets Its Audio
» ‎ Hack a Day

Single board computers have provided us with a revolution in the way we approach computing as hardware creators. We have grown accustomed to a world in which an entire microcomputer has become a component in its own right rather than a complex system, and we interface to them as amorphous entities through their exposed interfaces. But every pin or socket on a single board computer has something behind it, so following up on a recent news-inspired item in which we took a look at what lies behind the Ethernet jack on a Raspberry Pi, we’d like to continue that theme …read more

Tags: featured
4:00
Replace your Calipers with a Microscope and Image Analysis
» ‎ Hack a Day

Getting a good measurement is a matter of using the right tool for the job. A tape measure and a caliper are both useful tools, but they’re hardly interchangeable for every task. Some jobs call for a hands-off, indirect way to measure small distances, which is where this image analysis measuring technique can come in handy.

Although it appears [Saulius Lukse] purpose-built this rig, which consists of a microscopic lens on a digital camera mounted to the Z-axis of a small CNC machine, we suspect that anything capable of accurately and smoothly transitioning a camera vertically could be used. The …read more

Tags: cnc hacks

3:32
macOS / iOS OfficeImporter JavaScript Injection
» ‎ Packet Storm Security Exploits

macOS and iOS suffer from a javascript injection bug in OfficeImporter.
Tags:

3:32
macOS / iOS OfficeImporter JavaScript Injection
» ‎ Packet Storm Security Recent Files

macOS and iOS suffer from a javascript injection bug in OfficeImporter.
Tags:

3:32
macOS / iOS OfficeImporter JavaScript Injection
» ‎ Packet Storm Security Misc. Files

macOS and iOS suffer from a javascript injection bug in OfficeImporter.
Tags:

3:11
Huawei eNSP Buffer Overflow
» ‎ Packet Storm Security Advisories

Huawei eNSP version 1 suffers from a buffer overflow vulnerability that results in a denial of service condition.
Tags:

3:11
Huawei eNSP Buffer Overflow
» ‎ Packet Storm Security Recent Files

Huawei eNSP version 1 suffers from a buffer overflow vulnerability that results in a denial of service condition.
Tags:

3:11
Huawei eNSP Buffer Overflow
» ‎ Packet Storm Security Misc. Files

Huawei eNSP version 1 suffers from a buffer overflow vulnerability that results in a denial of service condition.
Tags:

1:44
G DATA TOTAL SECURITY v25.4.0.3 Activex Buffer Overflow
» ‎ Full Disclosure

Posted by filipe on Jul 13
=====[ Tempest Security Intelligence - ADV-24/2018 ]===

G DATA TOTAL SECURITY v25.4.0.3 Activex Buffer Overflow
Author: Filipe Xavier Oliveira
Tempest Security Intelligence - Recife, Pernambuco - Brazil

=====[ Table of Contents
]=====================================================

* Overview
* Detailed description
* Timeline of disclosure
* Thanks & Acknowledgements
* References

=====[ Overview...

Tags:
1:44
Total AV 4.1.7 ~ 4 .6.19 - Insecure Permissions
» ‎ Full Disclosure

Posted by filipe on Jul 13
=====[ Tempest Security Intelligence - ADV-23/2018 ]===

Total AV 4.1.7 ~ 4 .6.19 - Insecure Permissions
-------------------------------------------------------
Author:
- Filipe Xavier Oliveira: < filipe.xavier () tempest.com.br
<http://tempest.com.br/>

=====[ Table of Contents
]=====================================================

* Overview
* Detailed description
* Timeline of disclosure
* Thanks & Acknowledgements
*...

Tags:
1:44
eScan ISS for Business v14.0.1400.2029 - BSOD through of a IOCTL
» ‎ Full Disclosure

Posted by filipe on Jul 13
=====[ Tempest Security Intelligence - ADV-24/2018 ]===

eScan ISS for Business v14.0.1400.2029 - BSOD through of a IOCTL
Author: Filipe Xavier Oliveira
Tempest Security Intelligence - Recife, Pernambuco - Brazil

=====[ Table of Contents
]=====================================================

* Overview
* Detailed description
* Timeline of disclosure
* Thanks & Acknowledgements
* References

=====[ Overview...

Tags:
1:43
XSS in OpenConext-EngineBlock 5.7.0 to 5.7.3
» ‎ Full Disclosure

Posted by Andrew Klaus on Jul 13
XSS vulnerabilities were found in multiple pages that allows an attacker to
inject arbitrary web scripts.

The Twig PHP extension configuration was not sanitizing user input before
display it to the user.

Issues fixed in version 5.7.4 and 5.8.0. Git commit here:
https://github.com/OpenConext/OpenConext-engineblock/pull/566

PoC URLs:
https://engine.example.org/authentication/idp/help-discover?%22%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E...

Tags:
1:43
0day CVE-2018-12463
» ‎ Full Disclosure

Posted by alt3kx via Fulldisclosure on Jul 13
Hello guys
Report and exploit attachedDetails
================
Software: Fortify SSC (Software Security Center)
Version: 17.10, 17.20 & 18.10
Homepage: https://www.microfocus.com
Advisory report: https://github.com/alt3kx/CVE-2018-12463
CVE: CVE-2018-12463 at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12463
CVSS: HIGH (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CWE-611, CWE-918

Description
================
Out-of-Band XML External...

Tags:

1:00
Give the Clapper a Hand
» ‎ Hack a Day

While “The Clapper” probably first conjures images of low-budget commercials, it was still a useful way to remotely switch lights and other things around the house. But if the lights you want to switch weren’t plugged into the wall, like a ceiling fan, for example, The Clapper was not going to help you. To add some functionality to this infamous device, [Robin] built one from scratch that has all the extra features built in that you could ever want.

First, the new Clapper attaches to the light switch directly, favoring mechanical action of the switch itself rather than an electromechanical …read more

Tags: home hacks

0:29
Secunia Research: Clam AntiVirus "parsehwp3_paragraph()" Denial of Service Vulnerability
» ‎ Bugtraq

Posted by Secunia Research on Jul 13
======================================================================

Secunia Research 2018/07/12

Clam AntiVirus "parsehwp3_paragraph()"
Denial of Service Vulnerability

======================================================================
Table of Contents

Affected Software....................................................1...

Tags:
0:25
SEC Consult SA-20180712-0 :: Remote Code Execution & Local File Disclosure in Zeta Producer Desktop CMS
» ‎ Bugtraq

Posted by SEC Consult Vulnerability Lab on Jul 13
SEC Consult Vulnerability Lab Security Advisory < 20180712-0 >
=======================================================================
title: Remote Code Execution & Local File Disclosure
product: Zeta Producer Desktop CMS
vulnerable version: <=14.2.0
fixed version: >=14.2.1
CVE number: CVE-2018-13981, CVE-2018-13980
impact: critical
homepage:...

Tags:

July 12, 2018
22:00
Old Time Traffic Signal Revived with a Raspberry Pi Controller
» ‎ Hack a Day

Anyone with even a passing familiarity with the classic animated shorts of the 1940s will recognize the traffic signal in the image above. Yes, such things actually existed in the real world, not just in the Looney world of [Bugs Bunny] et al. As sturdy as such devices were, they don’t last forever, though, which is why a restoration of this classic Acme traffic signal was necessary for a California museum. Yes, that Acme.

When you see a traffic signal from the early days of the automotive age like this one, it becomes quickly apparent how good the modern equivalent …read more

Tags: classic hacks
19:00
Fail of the Week: Careful Case Mod is all for Naught
» ‎ Hack a Day

Today’s entry comes to us from [Robert Tomsons], who was kind enough to document this crushing tale of woe so that we might all learn what true heartbreak is. If you’ve ever toiled away at getting that perfect surface finish with body filler, this one is going to hurt. In fact, you might just want to hit that “Back” button and head to safety now. There’s probably a pleasant story about some 3D printed thing being used with a Raspberry Pi of some sort that you can read instead.

For those of you brave enough to continue on, today we’ll …read more

Tags: computer hacks

17:00
[dos] G DATA Total Security 25.4.0.3 - Activex Buffer Overflow
» ‎ Exploit-DB

G DATA Total Security 25.4.0.3 - Activex Buffer Overflow
Tags:
17:00
[webapps] Zeta Producer Desktop CMS 14.2.0 - Remote Code Execution / Local File Disclosure
» ‎ Exploit-DB

Zeta Producer Desktop CMS 14.2.0 - Remote Code Execution / Local File Disclosure
Tags:
17:00
[webapps] QNAP Qcenter Virtual Appliance - Multiple Vulnerabilities
» ‎ Exploit-DB

QNAP Qcenter Virtual Appliance - Multiple Vulnerabilities
Tags:
17:00
[webapps] WAGO e!DISPLAY 7300T - Multiple Vulnerabilities
» ‎ Exploit-DB

WAGO e!DISPLAY 7300T - Multiple Vulnerabilities
Tags:
17:00
[remote] phpMyAdmin - Authenticated Remote Code Execution (Metasploit)
» ‎ Exploit-DB

phpMyAdmin - (Authenticated) Remote Code Execution (Metasploit)
Tags:
17:00
[remote] Apache CouchDB - Arbitrary Command Execution (Metasploit)
» ‎ Exploit-DB

Apache CouchDB - Arbitrary Command Execution (Metasploit)
Tags:
17:00
[remote] Manage Engine Exchange Reporter Plus - Unauthenticated RCE (Metasploit)
» ‎ Exploit-DB

Manage Engine Exchange Reporter Plus - Remote Code Execution (Metasploit)
Tags:
17:00
[webapps] Grundig Smart Inter@ctive 3.0 - Cross-Site Request Forgery
» ‎ Exploit-DB

Grundig Smart Inter@ctive 3.0 - Cross-Site Request Forgery
Tags:
17:00
[remote] Hadoop YARN ResourceManager - Unauthenticated Command Execution (Metasploit)
» ‎ Exploit-DB

Hadoop YARN ResourceManager - Command Execution (Metasploit)
Tags:
17:00
[local] Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit)
» ‎ Exploit-DB

Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit)
Tags:

16:52
#0daytoday #Apache #CouchDB Arbitrary Command Execution Exploit [remote #exploits #0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #Apache #CouchDB Arbitrary Command Execution Exploit [remote #exploits #0day #Exploit]
Tags:
16:52
#0daytoday #Apache CouchDB Arbitrary Command Execution Exploit [remote #exploits #0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #Apache CouchDB Arbitrary Command Execution Exploit [remote #exploits #0day #Exploit]
Tags:
16:52
#0daytoday #phpMyAdmin Authenticated Remote Code Execution Exploit CVE-2018-12613 [remote #exploits #0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #phpMyAdmin Authenticated Remote Code Execution Exploit CVE-2018-12613 [remote #exploits #0day #Exploit]
Tags:
16:50
#0daytoday #ManageEngine Exchange Reporter Plus Unauthenticated Remote Code Execution Exploit [#0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #ManageEngine Exchange Reporter Plus Unauthenticated Remote Code Execution Exploit [#0day #Exploit]
Tags:
16:50
#0daytoday #Manage Engine Exchange Reporter Plus Unauthenticated Remote Code Execution Exploit [#0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #Manage Engine Exchange Reporter Plus Unauthenticated Remote Code Execution Exploit [#0day #Exploit]
Tags:
16:47
#0daytoday #Zeta Producer Desktop CMS 14.2.0 Code Execution / File Disclosure Vulnerabilities [#0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #Zeta Producer Desktop CMS 14.2.0 Code Execution / File Disclosure Vulnerabilities [#0day #Exploit]
Tags:
16:45
#0daytoday #QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection Vulnera [#0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection Vulnera [#0day #Exploit]
Tags:
16:42
#0daytoday #Chrome V8 KeyAccumulator Bug Exploit [dos #exploits #0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #Chrome V8 KeyAccumulator Bug Exploit [dos #exploits #0day #Exploit]
Tags:

16:00
Teardown Of Sonos And Amazon Smart Speakers Reveals Interesting Engineering Details
» ‎ Hack a Day

Taking things apart is always fun, and this What Cracking Open a Sonos One Tells Us About the Sonos IPO”>excellent writeup of a teardown of a Sonos and Amazon smart speaker by [Ben Einstein] shows what you can learn. [Ben] is a Venture Capitalist and engineer, so much of his write up focuses on what the devices say about how the company spends money. There are plenty of things to learn for hackers, though: he details how the Sonos One uses a PCI daughterboard for wireless communications, while the Amazon Echo has a programmable radio on the main board.

The …read more

Tags: teardown

15:11
Zeta Producer Desktop CMS 14.2.0 Code Execution / File Disclosure
» ‎ Packet Storm Security Exploits

Zeta Producer Desktop CMS versions 14.2.0 and below suffers from code execution and file disclosure vulnerabilities.
Tags:

15:11
Zeta Producer Desktop CMS 14.2.0 Code Execution / File Disclosure
» ‎ Packet Storm Security Recent Files

Zeta Producer Desktop CMS versions 14.2.0 and below suffers from code execution and file disclosure vulnerabilities.
Tags:

15:11
Zeta Producer Desktop CMS 14.2.0 Code Execution / File Disclosure
» ‎ Packet Storm Security Misc. Files

Zeta Producer Desktop CMS versions 14.2.0 and below suffers from code execution and file disclosure vulnerabilities.
Tags:

15:00
Manage Engine Exchange Reporter Plus Unauthenticated Remote Code Execution
» ‎ Packet Storm Security Exploits

This Metasploit module exploits a remote code execution vulnerability that exists in Exchange Reporter Plus versions 5310 and below, caused by execution of bcp.exe file inside ADSHACluster servlet
Tags:

15:00
Manage Engine Exchange Reporter Plus Unauthenticated Remote Code Execution
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a remote code execution vulnerability that exists in Exchange Reporter Plus versions 5310 and below, caused by execution of bcp.exe file inside ADSHACluster servlet
Tags:

15:00
Manage Engine Exchange Reporter Plus Unauthenticated Remote Code Execution
» ‎ Packet Storm Security Misc. Files

This Metasploit module exploits a remote code execution vulnerability that exists in Exchange Reporter Plus versions 5310 and below, caused by execution of bcp.exe file inside ADSHACluster servlet
Tags:

15:00
Apache CouchDB Arbitrary Command Execution
» ‎ Packet Storm Security Exploits

CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet.
Tags:

15:00
Apache CouchDB Arbitrary Command Execution
» ‎ Packet Storm Security Recent Files

CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet.
Tags:

15:00
Apache CouchDB Arbitrary Command Execution
» ‎ Packet Storm Security Misc. Files

CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet.
Tags:

14:59
phpMyAdmin Authenticated Remote Code Execution
» ‎ Packet Storm Security Exploits

phpMyAdmin v4.8.0 and v4.8.1 are vulnerable to local file inclusion, which can be exploited post-authentication to execute PHP code by application. The module has been tested with phpMyAdmin v4.8.1.
Tags:

14:59
phpMyAdmin Authenticated Remote Code Execution
» ‎ Packet Storm Security Recent Files

phpMyAdmin v4.8.0 and v4.8.1 are vulnerable to local file inclusion, which can be exploited post-authentication to execute PHP code by application. The module has been tested with phpMyAdmin v4.8.1.
Tags:

14:59
phpMyAdmin Authenticated Remote Code Execution
» ‎ Packet Storm Security Misc. Files

phpMyAdmin v4.8.0 and v4.8.1 are vulnerable to local file inclusion, which can be exploited post-authentication to execute PHP code by application. The module has been tested with phpMyAdmin v4.8.1.
Tags:

14:56
HP Security Bulletin MFSBGN03811 1
» ‎ Packet Storm Security Advisories

HP Security Bulletin MFSBGN03811 1 - An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC) allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Revision 1 of this advisory.
Tags:

14:56
HP Security Bulletin MFSBGN03811 1
» ‎ Packet Storm Security Recent Files

HP Security Bulletin MFSBGN03811 1 - An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC) allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Revision 1 of this advisory.
Tags:

14:56
HP Security Bulletin MFSBGN03811 1
» ‎ Packet Storm Security Misc. Files

HP Security Bulletin MFSBGN03811 1 - An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC) allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Revision 1 of this advisory.
Tags:

14:54
RSA Identity Governance And Lifecycle Bypass / XSS
» ‎ Packet Storm Security Advisories

RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component (ACM). A remote authenticated malicious user with non-admin privileges could potentially bypass the Java Security Policies. Once bypassed, a malicious user could potentially run arbitrary system commands at the OS level with application owner privileges on the affected system. RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser.
Tags:

14:54
RSA Identity Governance And Lifecycle Bypass / XSS
» ‎ Packet Storm Security Recent Files

RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component (ACM). A remote authenticated malicious user with non-admin privileges could potentially bypass the Java Security Policies. Once bypassed, a malicious user could potentially run arbitrary system commands at the OS level with application owner privileges on the affected system. RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser.
Tags:

14:54
RSA Identity Governance And Lifecycle Bypass / XSS
» ‎ Packet Storm Security Misc. Files

RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component (ACM). A remote authenticated malicious user with non-admin privileges could potentially bypass the Java Security Policies. Once bypassed, a malicious user could potentially run arbitrary system commands at the OS level with application owner privileges on the affected system. RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser.
Tags:

14:50
Microsoft Edge Chakra JIT SetConcatStrMultiItemBE Type Confusion
» ‎ Packet Storm Security Exploits

Microsoft Edge Chakra JIT suffers from a type confusion vulnerability with hoisted SetConcatStrMultiItemBE instructions.
Tags:

14:50
Microsoft Edge Chakra JIT SetConcatStrMultiItemBE Type Confusion
» ‎ Packet Storm Security Recent Files

Microsoft Edge Chakra JIT suffers from a type confusion vulnerability with hoisted SetConcatStrMultiItemBE instructions.
Tags:

14:50
Microsoft Edge Chakra JIT SetConcatStrMultiItemBE Type Confusion
» ‎ Packet Storm Security Misc. Files

Microsoft Edge Chakra JIT suffers from a type confusion vulnerability with hoisted SetConcatStrMultiItemBE instructions.
Tags:

14:49
Ubuntu Security Notice USN-3714-1
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 3714-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass CORS restrictions, obtain sensitive information, or execute arbitrary code. It was discovered that S/MIME and PGP decryption oracles can be built with HTML emails. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.
Tags:

14:49
Ubuntu Security Notice USN-3714-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 3714-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass CORS restrictions, obtain sensitive information, or execute arbitrary code. It was discovered that S/MIME and PGP decryption oracles can be built with HTML emails. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.
Tags:

14:49
Ubuntu Security Notice USN-3714-1
» ‎ Packet Storm Security Misc. Files

Ubuntu Security Notice 3714-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass CORS restrictions, obtain sensitive information, or execute arbitrary code. It was discovered that S/MIME and PGP decryption oracles can be built with HTML emails. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.
Tags:

14:48
Red Hat Security Advisory 2018-2186-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2018-2186-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include a remote SQL injection vulnerability.
Tags:

14:48
Red Hat Security Advisory 2018-2186-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2018-2186-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include a remote SQL injection vulnerability.
Tags:

14:48
Red Hat Security Advisory 2018-2186-01
» ‎ Packet Storm Security Misc. Files

Red Hat Security Advisory 2018-2186-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include a remote SQL injection vulnerability.
Tags:

14:48
Red Hat Security Advisory 2018-2185-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2018-2185-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include a remote SQL injection vulnerability.
Tags:

14:48
Red Hat Security Advisory 2018-2185-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2018-2185-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include a remote SQL injection vulnerability.
Tags:

14:48
Red Hat Security Advisory 2018-2185-01
» ‎ Packet Storm Security Misc. Files

Red Hat Security Advisory 2018-2185-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include a remote SQL injection vulnerability.
Tags:

14:46
Ubuntu Security Notice USN-3716-1
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 3716-1 - This update adds the latest DNSSEC validation trust anchor required for the upcoming Root Zone KSK Rollover.
Tags:

14:46
Ubuntu Security Notice USN-3716-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 3716-1 - This update adds the latest DNSSEC validation trust anchor required for the upcoming Root Zone KSK Rollover.
Tags:

14:46
Ubuntu Security Notice USN-3716-1
» ‎ Packet Storm Security Misc. Files

Ubuntu Security Notice 3716-1 - This update adds the latest DNSSEC validation trust anchor required for the upcoming Root Zone KSK Rollover.
Tags:

14:46
Ubuntu Security Notice USN-3715-1
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 3715-1 - This update adds the latest DNSSEC validation trust anchor required for the upcoming Root Zone KSK Rollover and refreshes the list of root hints.
Tags:

14:46
Ubuntu Security Notice USN-3715-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 3715-1 - This update adds the latest DNSSEC validation trust anchor required for the upcoming Root Zone KSK Rollover and refreshes the list of root hints.
Tags:

14:46
Ubuntu Security Notice USN-3715-1
» ‎ Packet Storm Security Misc. Files

Ubuntu Security Notice 3715-1 - This update adds the latest DNSSEC validation trust anchor required for the upcoming Root Zone KSK Rollover and refreshes the list of root hints.
Tags:

14:45
Red Hat Security Advisory 2018-2187-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2018-2187-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include out-of-bounds access.
Tags:

14:45
Red Hat Security Advisory 2018-2187-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2018-2187-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include out-of-bounds access.
Tags:

14:45
Red Hat Security Advisory 2018-2187-01
» ‎ Packet Storm Security Misc. Files

Red Hat Security Advisory 2018-2187-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include out-of-bounds access.
Tags:

14:45
Red Hat Security Advisory 2018-2184-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2018-2184-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security fix: ansible: Failed tasks do not honour no_log option allowing for secrets to be disclosed in logs Issues addressed include an information leakage vulnerability.
Tags:

14:45
Red Hat Security Advisory 2018-2184-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2018-2184-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security fix: ansible: Failed tasks do not honour no_log option allowing for secrets to be disclosed in logs Issues addressed include an information leakage vulnerability.
Tags:

14:45
Red Hat Security Advisory 2018-2184-01
» ‎ Packet Storm Security Misc. Files

Red Hat Security Advisory 2018-2184-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security fix: ansible: Failed tasks do not honour no_log option allowing for secrets to be disclosed in logs Issues addressed include an information leakage vulnerability.
Tags:

14:45
Slackware Security Advisory - bind Updates
» ‎ Packet Storm Security Advisories

Slackware Security Advisory - New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
Tags:

14:45
Slackware Security Advisory - bind Updates
» ‎ Packet Storm Security Recent Files

Slackware Security Advisory - New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
Tags:

14:45
Slackware Security Advisory - bind Updates
» ‎ Packet Storm Security Misc. Files

Slackware Security Advisory - New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
Tags:

14:44
Slackware Security Advisory - curl Updates
» ‎ Packet Storm Security Advisories

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
Tags:

14:44
Slackware Security Advisory - curl Updates
» ‎ Packet Storm Security Recent Files

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
Tags:

14:44
Slackware Security Advisory - curl Updates
» ‎ Packet Storm Security Misc. Files

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
Tags:

14:44
Microsoft Edge Chakra JIT BoundFunction::NewInstance Bug
» ‎ Packet Storm Security Exploits

Microsoft Edge Chakra JIT suffers from a bug. BoundFunction::NewInstance is used to handle calls to a bound function. The method first allocates a new argument array and copies the prepended arguments and others into the new argument array and calls the actual function. The problem is, it doesn't care about the CallFlags_NewTarget flag which indicates that there's an extra argument (new.target) at the end of the argument array. So the size of the new argument array created with the CallFlags_NewTarget flag will be always 1 less then required, this leads to an out-of-bounds read.
Tags:

14:44
Microsoft Edge Chakra JIT BoundFunction::NewInstance Bug
» ‎ Packet Storm Security Recent Files

Microsoft Edge Chakra JIT suffers from a bug. BoundFunction::NewInstance is used to handle calls to a bound function. The method first allocates a new argument array and copies the prepended arguments and others into the new argument array and calls the actual function. The problem is, it doesn't care about the CallFlags_NewTarget flag which indicates that there's an extra argument (new.target) at the end of the argument array. So the size of the new argument array created with the CallFlags_NewTarget flag will be always 1 less then required, this leads to an out-of-bounds read.
Tags:

14:44
Microsoft Edge Chakra JIT BoundFunction::NewInstance Bug
» ‎ Packet Storm Security Misc. Files

Microsoft Edge Chakra JIT suffers from a bug. BoundFunction::NewInstance is used to handle calls to a bound function. The method first allocates a new argument array and copies the prepended arguments and others into the new argument array and calls the actual function. The problem is, it doesn't care about the CallFlags_NewTarget flag which indicates that there's an extra argument (new.target) at the end of the argument array. So the size of the new argument array created with the CallFlags_NewTarget flag will be always 1 less then required, this leads to an out-of-bounds read.
Tags:

14:43
Linux Kernel Local Privilege Escalation
» ‎ Packet Storm Security Exploits

Linux kernels prior to version 4.13.9 (Ubuntu 16.04/Fedora 27) local privilege escalation exploit.
Tags:

14:43
Linux Kernel Local Privilege Escalation
» ‎ Packet Storm Security Recent Files

Linux kernels prior to version 4.13.9 (Ubuntu 16.04/Fedora 27) local privilege escalation exploit.
Tags:

14:43
Linux Kernel Local Privilege Escalation
» ‎ Packet Storm Security Misc. Files

Linux kernels prior to version 4.13.9 (Ubuntu 16.04/Fedora 27) local privilege escalation exploit.
Tags:

14:41
Dicoogle PACS 2.5.0 Directory Traversal
» ‎ Packet Storm Security Exploits

Dicoogle PACS version 2.5.0 suffers from a directory traversal vulnerability.
Tags:

14:41
Dicoogle PACS 2.5.0 Directory Traversal
» ‎ Packet Storm Security Recent Files

Dicoogle PACS version 2.5.0 suffers from a directory traversal vulnerability.
Tags:

14:41
Dicoogle PACS 2.5.0 Directory Traversal
» ‎ Packet Storm Security Misc. Files

Dicoogle PACS version 2.5.0 suffers from a directory traversal vulnerability.
Tags:

14:40
Ticketmaster Breach Part Of Massive Card Skimming Campaign
» ‎ Packet Storm Security Headlines

Ticketmaster Breach Part Of Massive Card Skimming Campaign
Tags: headlinehackerprivacybankdata lossfraud
14:40
Hackers Are Selling Backdoors Into PCs For $10
» ‎ Packet Storm Security Headlines

Hackers Are Selling Backdoors Into PCs For $10
Tags: headlinehackerfraudbackdoor
14:40
Cambridge Analytica Staff Set Up New Firm
» ‎ Packet Storm Security Headlines

Cambridge Analytica Staff Set Up New Firm
Tags: headlinegovernmentprivacydata lossfraudcyberwarfacebook
14:40
Stolen Sensitive Drone Files Sold On Dark Web
» ‎ Packet Storm Security Headlines

Stolen Sensitive Drone Files Sold On Dark Web
Tags: headlinehackergovernmentdata losscyberwar

14:04
Microsoft Edge Chakra JIT Out-Of-Bounds Reads/Writes
» ‎ Packet Storm Security Exploits

Microsoft Edge Chakra JIT suffers from multiple out of bounds reads and writes.
Tags:

14:04
Microsoft Edge Chakra JIT Out-Of-Bounds Reads/Writes
» ‎ Packet Storm Security Recent Files

Microsoft Edge Chakra JIT suffers from multiple out of bounds reads and writes.
Tags:

14:04
Microsoft Edge Chakra JIT Out-Of-Bounds Reads/Writes
» ‎ Packet Storm Security Misc. Files

Microsoft Edge Chakra JIT suffers from multiple out of bounds reads and writes.
Tags:

13:22
#0daytoday #Microsoft Edge Chakra JIT - Type Confusion with Hoisted SetConcatStrMultiItemBE Instruc [#0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #Microsoft Edge Chakra JIT - Type Confusion with Hoisted SetConcatStrMultiItemBE Instruc [#0day #Exploit]
Tags:
13:21
#0daytoday #Microsoft Edge Chakra JIT - BoundFunction::NewInstance Out-of-Bounds Read Exploit [#0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #Microsoft Edge Chakra JIT - BoundFunction::NewInstance Out-of-Bounds Read Exploit [#0day #Exploit]
Tags:
13:17
#0daytoday #Microsoft Edge Chakra JIT - Out-of-Bounds Reads/Writes Exploit [dos #exploits #0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #Microsoft Edge Chakra JIT - Out-of-Bounds Reads/Writes Exploit [dos #exploits #0day #Exploit]
Tags:

13:11
Chrome V8 KeyAccumulator Bug
» ‎ Packet Storm Security Exploits

Chrome V8 suffers from a bug in KeyAccumulator that can cause a crash.
Tags:

13:11
Chrome V8 KeyAccumulator Bug
» ‎ Packet Storm Security Recent Files

Chrome V8 suffers from a bug in KeyAccumulator that can cause a crash.
Tags:

13:11
Chrome V8 KeyAccumulator Bug
» ‎ Packet Storm Security Misc. Files

Chrome V8 suffers from a bug in KeyAccumulator that can cause a crash.
Tags:

13:00
Hacked LCD Shutter Glasses See The Light
» ‎ Hack a Day

It’s always a little sad to see a big consumer technology fail. But of course, the upside for us hacker types is that the resulting fire sale is often an excellent source for hardware that might otherwise be difficult to come by. The most recent arrival to the Island of Unwanted Consumer Tech is 3D TV. There was a brief period of time when the TV manufacturers had nearly convinced people that sitting in their living room wearing big dorky electronic glasses was a workable solution, but in the end we know how it really turned out.

Those same dorky …read more

Tags: home entertainment hacks

12:27
HackRF Circuit Board - New Universal Case for Devs & Pentesters
» ‎ Full Disclosure

Posted by Vulnerability Lab on Jul 12
Document Title:
===============
HackRF Circuit Board - New Universal Case for Devs & Pentesters

References:
===========
https://www.vulnerability-lab.com/get_content.php?id=2134

Download: https://www.vulnerability-lab.com/resources/documents/2134.rar

Vulnerability Magazine:
https://www.vulnerability-db.com/?q=articles/2018/07/11/new-hackrf-case-devs-pentesters-released-abs-pla

Release Date:
=============
2018-07-11

Vulnerability...

Tags:

11:30
Air Quality Readings at a Glance
» ‎ Hack a Day

Since the industrial age, air pollution has increasingly become a problem on society’s radar. Outside of concerns about global warming and greenhouse gases, particulate emissions can be highly hazardous to human health. Over time, various organizations have set up measuring systems to check and report the particulate pollution level in cities around the world – but what if you could get an immediate idea on the pollution in your immediate vicinity? Enter less-smog.org.

In an integration sense, it’s a straightforward project. An ESP-12F is used as the brains behind the operation. This then talks to a combination of sensors to …read more

Tags: the hackaday prize
10:01
The Bad Old Days of Telephone Answering Machines
» ‎ Hack a Day

Telephone answering machines were almost a fad. They were hindered for years by not being allowed to connect to the phone lines. Then a mix of cell phones and the phone company offering voicemail made the machines all but obsolete. Unless you are really young, you probably had one at some point though. Some had digital outgoing messages and a tape to record. Some had two tapes. But did you ever have one that didn’t connect to the phone line at all? Remember, there was a time when they couldn’t. My family had one of these growing up and after …read more

Tags: hackaday Columns

9:06
SEC Consult SA-20180712-0 :: Remote Code Execution & Local File Disclosure in Zeta Producer Desktop CMS
» ‎ Full Disclosure

Posted by SEC Consult Vulnerability Lab on Jul 12
<<< application/pkcs7-signature; name="smime.p7s": Unrecognized >>>

Tags:

8:30
Dual Sensor Echo Locator Gives High Accuracy at Low Cost
» ‎ Hack a Day

Infrared certainly has its uses, but if you’re trying to locate objects, ultrasonic detection is far superior. It’s contact-less, undetectable to the human ear, and it isn’t affected by smoke, dust, ambient light, or Silly String.

If you have one ultrasonic sensor and a microcontroller, you can detect plenty of useful things, like the water level in a rain barrel or the distance traveled by a tablet along a rail. If you have two sensors and a microcontroller, you can pinpoint any object within a defined range using trigonometry.

[lingib]’s dual sensor echo locator uses two HY-SRF05s, but the cheap …read more

Tags: arduino hacks

8:18
[security bulletin] MFSBGN03811 rev.1 - Fortify Software Security Center (SSC), Multiple vulnerabilities
» ‎ Bugtraq

Posted by cyber-psrt on Jul 12
Note: the current version of the following document is available here:
https://softwaresupport.hpe.com/document/-/facetsearch/document/KM03201085

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM03201085
Version: 1

MFSBGN03811 rev.1 - Fortify Software Security Center (SSC), Multiple
vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2018-07-12
Last Updated:...

Tags:

7:44
Lenovo SU 5.07 Buffer Overflow
» ‎ Packet Storm Security Advisories

Lenovo SU version 5.07 suffers from a buffer overflow vulnerability that allows for code execution.
Tags:

7:44
Lenovo SU 5.07 Buffer Overflow
» ‎ Packet Storm Security Recent Files

Lenovo SU version 5.07 suffers from a buffer overflow vulnerability that allows for code execution.
Tags:

7:44
Lenovo SU 5.07 Buffer Overflow
» ‎ Packet Storm Security Misc. Files

Lenovo SU version 5.07 suffers from a buffer overflow vulnerability that allows for code execution.
Tags:

7:32
#0daytoday #Linux #Kernel #LinuxKernel 4.13.9 (#Ubuntu 16.04/#Fedora 27) - Local Privilege Escalati [#0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #Linux #Kernel #LinuxKernel 4.13.9 (#Ubuntu 16.04/#Fedora 27) - Local Privilege Escalati [#0day #Exploit]
Tags:
7:32
#0daytoday #Linux Kernel < 4.13.9 (Ubuntu 16.04/Fedora 27) - Local Privilege Escalation [#0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #Linux Kernel < 4.13.9 (Ubuntu 16.04/Fedora 27) - Local Privilege Escalation [#0day #Exploit]
Tags:

7:01
It’s All In The Libs – Building A Plugin System Using Dynamic Loading
» ‎ Hack a Day

Shared libraries are our best friends to extend the functionality of C programs without reinventing the wheel. They offer a collection of exported functions, variables, and other symbols that we can use inside our own program as if the content of the shared library was a direct part of our code. The usual way to use such libraries is to simply link against them at compile time, and let the linker resolve all external symbols and make sure everything is in place when creating our executable file. Whenever we then run our executable, the loader, a part of the operating …read more

Tags: hackaday Columns
4:00
You Can Now Buy a Practical Gauss Gun
» ‎ Hack a Day

Occasionally we come across a piece of information which reminds us that, while flying cars are still nowhere to be found, we’re definitely living in the future. Usually it’s about some new application of artificial intelligence, or maybe another success in the rapidly developing field of private spaceflight. But sometimes it’s when you look at a website and say to yourself: “Oh cool, they have 1.5kW electromagnetic accelerators in stock.”

Arcflash Labs, a partnership between [David Wirth] and [Jason Murray], have put their EMG-01A Gauss gun up for sale for anyone who’s brave enough and willing to put down $1,000 …read more

Tags: weapons hacks

2:57
Barracuda ADC v5.x - Multiple Persistent Vulnerabilities
» ‎ Bugtraq

Posted by Vulnerability Lab on Jul 12
Document Title:
===============
Barracuda ADC v5.x - Multiple Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1424

Release Date:
=============
2018-07-12

Vulnerability Laboratory ID (VL-ID):
====================================
1424

Common Vulnerability Scoring System:
====================================
3.8

Vulnerability Class:
====================
Cross Site...

Tags:
2:54
Lenovo SU v5.07 - Buffer Overflow & Arbitrary Code Execution Vulnerability
» ‎ Bugtraq

Posted by Vulnerability Lab on Jul 12
Document Title:
===============
Lenovo SU v5.07 - Buffer Overflow & Code Execution Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2131

Lenovo Security ID: LEN-19625

https://nvd.nist.gov/vuln/detail/CVE-2018-9063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9063

Acknowledgements: https://support.lenovo.com/us/fr/solutions/len-19625

News & Press References:...

Tags:

2:32
Barracuda ADC v5.x - Multiple Persistent Vulnerabilities
» ‎ Full Disclosure

Posted by Vulnerability Lab on Jul 12
Document Title:
===============
Barracuda ADC v5.x - Multiple Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1424

Release Date:
=============
2018-07-12

Vulnerability Laboratory ID (VL-ID):
====================================
1424

Common Vulnerability Scoring System:
====================================
3.8

Vulnerability Class:
====================
Cross Site...

Tags:

2:13
[slackware-security] curl (SSA:2018-192-02)
» ‎ Bugtraq

Posted by Slackware Security Team on Jul 12
[slackware-security] curl (SSA:2018-192-02)

New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/curl-7.61.0-i586-1_slack14.2.txz: Upgraded.
This update fixes a buffer overflow in SMTP send.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0500
(*...

Tags:
2:12
[slackware-security] bind (SSA:2018-192-01)
» ‎ Bugtraq

Posted by Slackware Security Team on Jul 12
[slackware-security] bind (SSA:2018-192-01)

New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/bind-9.10.8-i586-1_slack14.2.txz: Upgraded.
This update fixes security issues:
Fixed a bug where extraordinarily large zone transfers caused several
problems, with possible outcomes including...

Tags:

2:11
Lenovo SU v5.07 - Buffer Overflow & Arbitrary Code Execution Vulnerability
» ‎ Full Disclosure

Posted by Vulnerability Lab on Jul 12
Document Title:
===============
Lenovo SU v5.07 - Buffer Overflow & Code Execution Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2131

Lenovo Security ID: LEN-19625

https://nvd.nist.gov/vuln/detail/CVE-2018-9063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9063

Acknowledgements: https://support.lenovo.com/us/fr/solutions/len-19625

News & Press References:...

Tags:

2:06
[CORE-2018-0006] - QNAP Qcenter Virtual Appliance Multiple Vulnerabilities
» ‎ Bugtraq

Posted by Core Security Advisories Team on Jul 12
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

QNAP Qcenter Virtual Appliance Multiple Vulnerabilities

1. *Advisory Information*

Title: QNAP Qcenter Virtual Appliance Multiple Vulnerabilities
Advisory ID: CORE-2018-0006
Advisory URL:
http://www.coresecurity.com/advisories/qnap-qcenter-multiple-vulnerabilities
Date published: 2018-07-11
Date of last update: 2018-07-11
Vendors contacted: QNAP
Release mode: Coordinated...

Tags:

1:32
#0daytoday #MonstraCMS Authenticated Arbitrary File Upload Exploit CVE-2017-18048 [remote #exploits #0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #MonstraCMS Authenticated Arbitrary File Upload Exploit CVE-2017-18048 [remote #exploits #0day #Exploit]
Tags:
1:32
#0daytoday #Monstra CMS Authenticated Arbitrary File Upload Exploit CVE-2017-18048 [remote #exploits #0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #Monstra CMS Authenticated Arbitrary File Upload Exploit CVE-2017-18048 [remote #exploits #0day #Exploit]
Tags:
1:14
#0daytoday #WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution Vulnerabilities [#0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution Vulnerabilities [#0day #Exploit]
Tags:
1:12
#0daytoday #Dicoogle PACS 2.5.0 - Directory Traversal Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #Dicoogle PACS 2.5.0 - Directory Traversal Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]
Tags:

1:00
Old Laptop? Mobile x86 Game System!
» ‎ Hack a Day

Between smartphones and tablets, computing is becoming increasingly mobile in nature. It used to be that everyone had a desktop computer, then laptops became the norm, and now many people don’t have anything beyond their mobile device. Unless you’re the kind of person who actually needs the power and versatility offered by a “real” computer, mobile devices are simply a more convenient option to browse the web and consume content.

But what if your needs are somewhere in the middle? You want an x86 computer and full operating system, but you also want something that’s more mobile than a tablet? …read more

Tags: computer hacks

0:02
DSA-2018-084: RSA Identity Governance and Lifecycle Multiple Vulnerabilities
» ‎ Full Disclosure

Posted by Dell EMC Product Security Response Center on Jul 12
DSA-2018-084: RSA Identity Governance and Lifecycle Multiple Vulnerabilities

Dell EMC Identifier: DSA-2018-084

CVE Identifier: CVE-2018-1245, CVE-2018-1255

Severity Rating: CVSS v3 Base Score: See below for CVSs v3 scores.

Severity: Critical

Affected Products:
RSA Identity Governance and Lifecycle version 7.0.1, all patch levels (all deployments)
RSA Identity Governance and Lifecycle version 7.0.2, all patch levels (all deployments)
RSA...

Tags:

0:00
Vuln: Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
Tags:
0:00
Vuln: F5 BIG-IP APM Client CVE-2018-5529 Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

F5 BIG-IP APM Client CVE-2018-5529 Local Privilege Escalation Vulnerability
Tags:
0:00
Vuln: Eaton 9000X Drive CVE-2018-8847 Stack Based Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Eaton 9000X Drive CVE-2018-8847 Stack Based Buffer Overflow Vulnerability
Tags:
0:00
Vuln: Oracle July 2018 Critical Patch Update Multiple Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Oracle July 2018 Critical Patch Update Multiple Vulnerabilities
Tags:
0:00
Vuln: VMware Tools HGFS CVE-2018-6969 Local Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

VMware Tools HGFS CVE-2018-6969 Local Information Disclosure Vulnerability
Tags:

July 11, 2018
22:00
Shoehorning A Slick Spotify Remote Into An ESP8266
» ‎ Hack a Day

In 2017 Spotify finally deprecated their public vanilla C SDK library, libspotify, and officially replaced it with dedicated SDKs for iOS and Android and this new-fangled web thing we’ve all heard so much about. This is probably great for their maintainability but makes writing a native application for a Linux or a hardware device significantly harder, at least without an application process and NDA. Or is it? Instead of using that boring slab of glass and metal in their pocket [Dani] wanted to build a handy “now playing” display and remote control interface but was constrained by the aforementioned SDK …read more

Tags: Hardware
19:00
Diode Recovery Time Explained
» ‎ Hack a Day

There are at least two phases to learning about electronics. In the first phase, you learn about how components are supposed to work. In the second phase, you learn about how they really work. Wires have resistance and inductance. Adjacent wires have capacitance. Capacitors leak. Inductors have resistance. All of these things matter. [Learnelectronics] has a recent video that explores recovery time for a diode — a phase two conversation.

If you haven’t run into recovery time before, it is the amount of time the diode takes to shut off after it is conducting. This manifests itself as a little …read more

Tags: Hardware

17:00
[dos] Microsoft Edge Chakra JIT - BoundFunction::NewInstance Out-of-Bounds Read
» ‎ Exploit-DB

Microsoft Edge Chakra JIT - BoundFunction::NewInstance Out-of-Bounds Read
Tags:
17:00
[dos] Microsoft Edge Chakra JIT - Out-of-Bounds Reads/Writes
» ‎ Exploit-DB

Microsoft Edge Chakra JIT - Out-of-Bounds Reads/Writes
Tags:
17:00
[dos] Microsoft Edge Chakra JIT - Type Confusion with Hoisted SetConcatStrMultiItemBE Instructions
» ‎ Exploit-DB

Microsoft Edge Chakra JIT - Type Confusion with Hoisted SetConcatStrMultiItemBE Instructions
Tags:

16:00
A Graph Plotting Metal Detector
» ‎ Hack a Day

Metal detectors can be a great source of fun, and occasionally even found wealth. They allow the detection of metal objects at a distance, enabling hidden treasures to be discovered. They’re also highly critical to the work of minesweepers and unexploded ordnance disposal teams. [Andrius] wanted to add such a device to his kit when motorcycling through the woods of Lithuania, and thus decided to undertake a build of his own.

The detector is a thoroughly modern one – fans of the 555 may want to look away now. A Collpits oscillator, built from two transistors, is used to generate …read more

Tags: classic hacks

15:10
QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection
» ‎ Packet Storm Security Exploits

QNAP Qcenter Virtual Appliance versions 1.6.1056 (20170825) and 1.6.1075 (20171123) suffer from information disclosure and command injection vulnerabilities.
Tags:

15:10
QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection
» ‎ Packet Storm Security Recent Files

QNAP Qcenter Virtual Appliance versions 1.6.1056 (20170825) and 1.6.1075 (20171123) suffer from information disclosure and command injection vulnerabilities.
Tags:

15:10
QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection
» ‎ Packet Storm Security Misc. Files

QNAP Qcenter Virtual Appliance versions 1.6.1056 (20170825) and 1.6.1075 (20171123) suffer from information disclosure and command injection vulnerabilities.
Tags:

15:09
Red Hat Security Advisory 2018-2181-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2018-2181-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a bypass vulnerability.
Tags:

15:09
Red Hat Security Advisory 2018-2181-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2018-2181-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a bypass vulnerability.
Tags:

15:09
Red Hat Security Advisory 2018-2181-01
» ‎ Packet Storm Security Misc. Files

Red Hat Security Advisory 2018-2181-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a bypass vulnerability.
Tags:

15:09
Red Hat Security Advisory 2018-2180-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2018-2180-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a bypass vulnerability.
Tags:

15:09
Red Hat Security Advisory 2018-2180-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2018-2180-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a bypass vulnerability.
Tags:

15:09
Red Hat Security Advisory 2018-2180-01
» ‎ Packet Storm Security Misc. Files

Red Hat Security Advisory 2018-2180-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a bypass vulnerability.
Tags:

15:09
Red Hat Security Advisory 2018-2179-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2018-2179-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a replay attack.
Tags:
15:08
Red Hat Security Advisory 2018-2177-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2018-2177-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a replay attack.
Tags:
15:07
Ubuntu Security Notice USN-3713-1
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 3713-1 - It was discovered that CUPS incorrectly handled certain print jobs with invalid usernames. A remote attacker could possibly use this issue to cause CUPS to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 17.10 and Ubuntu 18.04 LTS. Dan Bastone discovered that the CUPS dnssd backend incorrectly handled certain environment variables. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
Tags:
15:07
Red Hat Security Advisory 2018-2175-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2018-2175-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 30.0.0.134. Issues addressed include code execution and information leakage vulnerabilities.
Tags:
15:07
Ubuntu Security Notice USN-3712-2
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 3712-2 - USN-3712-1 fixed a vulnerability in libpng. This update provides the corresponding update for Ubuntu 12.04 ESM. Patrick Keshishian discovered that libpng incorrectly handled certain PNG files. An attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
Tags:
15:06
Red Hat Security Advisory 2018-2171-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2018-2171-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
Tags:
15:06
Red Hat Security Advisory 2018-2172-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2018-2172-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and denial of service vulnerabilities.
Tags:
15:06
Ubuntu Security Notice USN-3712-1
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 3712-1 - Patrick Keshishian discovered that libpng incorrectly handled certain PNG files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Thuan Pham discovered that libpng incorrectly handled certain PNG files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 17.10 and Ubuntu 18.04 LTS. Various other issues were also addressed.
Tags:

13:00
Building A Gasometer To Store Wood Gas And Other Bio-Fuels
» ‎ Hack a Day

Old solutions are often so elegant and effective that they keep coming back. The gasometer, or gas holder, is one such example. Now [NightHawkInLight] has built one for storing the wood gas he’s been experimenting with, and it’s pretty neat to watch it rise and fall as he first adds gas and then burns it off. The mechanism couldn’t be simpler.

For those who, like us, are hearing about this low tech for the first time, gasometers are a means of safely storing gas stemming from the 1700s when gas was king and electricity was little more than a gentleman …read more

Tags: chemistry hacks
11:30
Robotic Muscles from Fishing Line and Nichrome
» ‎ Hack a Day

Did you know that under the right conditions, nylon can be used as a type of artificial muscle? We certainly didn’t until we came across [Brandon T. Wood]’s Material Linear-Actuator for Robotics entry for the 2018 Hackaday Prize.

When [Brandon] first learned about Nylon Linear Material Actuators (NLMAs), he became determined to find a repeatable and practical method of making and experimenting with them. This is how it works: hyper-wound coils of nylon, when heated, will contract along their length while expanding in width. Upon cooling, they return to their original shape.

[Brandon] has been busy mainly with the kind …read more

Tags: the hackaday prize
10:01
ERRF 18: Slice Engineering Shows off the Mosquito
» ‎ Hack a Day

With few exceptions, it seemed like every 3D printer at the first inaugural East Coast RepRap Festival (ERRF) was using a hotend built by E3D. There’s nothing inherently wrong with that; E3D makes solid open source products, and they deserve all the success they can get. But that being said, competition drives innovation, so we’re particularly interested anytime we see a new hotend that isn’t just an E3D V6 clone.

The Mosquito from Slice Enginerring is definitely no E3D clone. In fact, it doesn’t look much like any 3D printer hotend you’ve ever seen before. Tiny and spindly, the look …read more

Tags: printer hacks

9:30
[CORE-2018-0006] - QNAP Qcenter Virtual Appliance Multiple Vulnerabilities
» ‎ Full Disclosure

Posted by Core Security Advisories Team on Jul 11
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

QNAP Qcenter Virtual Appliance Multiple Vulnerabilities

1. *Advisory Information*

Title: QNAP Qcenter Virtual Appliance Multiple Vulnerabilities
Advisory ID: CORE-2018-0006
Advisory URL:
http://www.coresecurity.com/advisories/qnap-qcenter-multiple-vulnerabilities
Date published: 2018-07-11
Date of last update: 2018-07-11
Vendors contacted: QNAP
Release mode: Coordinated...

Tags:

9:00
Friday Hack Chat: Hacking Voice Assistants
» ‎ Hack a Day

The future of consumer electronics is electronic voice assistants, at least that’s what the manufacturers are telling us. Everything from Alexas to Google Homes to Siris are invading our lives, and if predictions hold, your next new car might just have a voice assistant in it. It’s just a good thing we have enough samples of Majel Barrett’s voice for a quality virtual assistant.

For this week’s Hack Chat, we’re going to be talking all about voice interfaces. There are hundreds of Alexa and Google Home hacks around, but this is just the tip of the iceberg. What else can …read more

Tags: hackaday Columns

8:56
#0daytoday #IBM #QRadar SIEM - Unauthenticated Remote Code Execution Exploit [remote #exploits #0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #IBM #QRadar SIEM - Unauthenticated Remote Code Execution Exploit [remote #exploits #0day #Exploit]
Tags:
8:56
#0daytoday #IBM QRadar SIEM - Unauthenticated Remote Code Execution Exploit [remote #exploits #0day #Exploit]
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

#0daytoday #IBM QRadar SIEM - Unauthenticated Remote Code Execution Exploit [remote #exploits #0day #Exploit]
Tags:

8:36
Debian Security Advisory 4243-1
» ‎ Packet Storm Security Advisories

Debian Linux Security Advisory 4243-1 - Several vulnerabilities were discovered in CUPS, the Common UNIX Printing System.
Tags:

8:36
Debian Security Advisory 4243-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 4243-1 - Several vulnerabilities were discovered in CUPS, the Common UNIX Printing System.
Tags:

8:36
Debian Security Advisory 4243-1
» ‎ Packet Storm Security Misc. Files

Debian Linux Security Advisory 4243-1 - Several vulnerabilities were discovered in CUPS, the Common UNIX Printing System.
Tags:

8:36
Ubuntu Security Notice USN-3711-1
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 3711-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
Tags:

8:36
Ubuntu Security Notice USN-3711-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 3711-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
Tags:

8:36
Ubuntu Security Notice USN-3711-1
» ‎ Packet Storm Security Misc. Files

Ubuntu Security Notice 3711-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
Tags:

8:36
Ubuntu Security Notice USN-3710-1
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 3710-1 - Peter Wu discovered that curl incorrectly handled certain SMTP buffers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.
Tags:

8:36
Ubuntu Security Notice USN-3710-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 3710-1 - Peter Wu discovered that curl incorrectly handled certain SMTP buffers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.
Tags:

8:36
Ubuntu Security Notice USN-3710-1
» ‎ Packet Storm Security Misc. Files

Ubuntu Security Notice 3710-1 - Peter Wu discovered that curl incorrectly handled certain SMTP buffers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.
Tags:

8:31
ASUS WRT-AC66U 3.x Cross Site Scripting
» ‎ Packet Storm Security Exploits

ASUS WRT-AC66U version 3.x suffers from a cross site scripting vulnerability.
Tags:

8:31
ASUS WRT-AC66U 3.x Cross Site Scripting
» ‎ Packet Storm Security Recent Files

ASUS WRT-AC66U version 3.x suffers from a cross site scripting vulnerability.
Tags:

8:31
ASUS WRT-AC66U 3.x Cross Site Scripting
» ‎ Packet Storm Security Misc. Files

ASUS WRT-AC66U version 3.x suffers from a cross site scripting vulnerability.
Tags:

8:30
AT&T Bizcircle Cross Site Scripting
» ‎ Packet Storm Security Exploits

AT&T Bizcircle suffered from a persistent cross site scripting vulnerability.
Tags:

8:30
AT&T Bizcircle Cross Site Scripting
» ‎ Packet Storm Security Recent Files

AT&T Bizcircle suffered from a persistent cross site scripting vulnerability.
Tags:

8:30
AT&T Bizcircle Cross Site Scripting
» ‎ Packet Storm Security Misc. Files

AT&T Bizcircle suffered from a persistent cross site scripting vulnerability.
Tags:

8:28
Intel System CU 14.0 / 14.1 Buffer Overflow
» ‎ Packet Storm Security Advisories

Intel System CU versions 14.0 and 14.1 suffer from a buffer overflow vulnerability.
Tags:

8:28
Intel System CU 14.0 / 14.1 Buffer Overflow
» ‎ Packet Storm Security Recent Files

Intel System CU versions 14.0 and 14.1 suffer from a buffer overflow vulnerability.
Tags:

8:28
Intel System CU 14.0 / 14.1 Buffer Overflow
» ‎ Packet Storm Security Misc. Files

Intel System CU versions 14.0 and 14.1 suffer from a buffer overflow vulnerability.
Tags:

8:27
Secutech DSL WR RIS 330 Cross Site Scripting
» ‎ Packet Storm Security Exploits

Secutech DSL WR RIS 330 suffers from bypass and cross site scripting vulnerabilities.
Tags:

8:27
Secutech DSL WR RIS 330 Cross Site Scripting
» ‎ Packet Storm Security Recent Files

Secutech DSL WR RIS 330 suffers from bypass and cross site scripting vulnerabilities.
Tags:

8:27
Secutech DSL WR RIS 330 Cross Site Scripting
» ‎ Packet Storm Security Misc. Files

Secutech DSL WR RIS 330 suffers from bypass and cross site scripting vulnerabilities.
Tags:

8:24
WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution
» ‎ Packet Storm Security Exploits

WAGO e!DISPLAY 7300T WP 4.3 480x272 PIO1 version FW 01 - 01.01.10(01) suffer from code execution, cross site scripting, weak permission, and remote file upload vulnerabilities.
Tags:

8:24
WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution
» ‎ Packet Storm Security Recent Files

WAGO e!DISPLAY 7300T WP 4.3 480x272 PIO1 version FW 01 - 01.01.10(01) suffer from code execution, cross site scripting, weak permission, and remote file upload vulnerabilities.
Tags:

8:24
WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution
» ‎ Packet Storm Security Misc. Files

WAGO e!DISPLAY 7300T WP 4.3 480x272 PIO1 version FW 01 - 01.01.10(01) suffer from code execution, cross site scripting, weak permission, and remote file upload vulnerabilities.
Tags:

8:23
Slackware Security Advisory - mozilla-thunderbird Updates
» ‎ Packet Storm Security Advisories

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix bugs and security issues.
Tags:

8:23
Slackware Security Advisory - mozilla-thunderbird Updates
» ‎ Packet Storm Security Recent Files

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix bugs and security issues.
Tags:

8:23
Slackware Security Advisory - mozilla-thunderbird Updates
» ‎ Packet Storm Security Misc. Files

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix bugs and security issues.
Tags:

8:20
Rikki Don't Lose That Bluetooth Device
» ‎ Packet Storm Security Recent Files

In this article, the authors want to present an example of exploiting a trust relationship between two technical devices that can put the confidentiality of sensitive data or the integrity of a computer system at risk. This trust relationship they exploit exists between two Bluetooth devices: On the one side a computer system you want to remain secure and you don't want to be compromised, for example your laptop, or your smartphone, and on the other side a Bluetooth device you usually do not consider worth protecting with special diligence as it simply is an output device of a specific kind and does not persistently store any of your valuable data locally, for example headphones.
Tags:

8:20
Rikki Don't Lose That Bluetooth Device
» ‎ Packet Storm Security Misc. Files

In this article, the authors want to present an example of exploiting a trust relationship between two technical devices that can put the confidentiality of sensitive data or the integrity of a computer system at risk. This trust relationship they exploit exists between two Bluetooth devices: On the one side a computer system you want to remain secure and you don't want to be compromised, for example your laptop, or your smartphone, and on the other side a Bluetooth device you usually do not consider worth protecting with special diligence as it simply is an output device of a specific kind and does not persistently store any of your valuable data locally, for example headphones.
Tags:

8:20
A Curious Tale Of The Priest, The Broker, The Hacked Newswires, And $100 Million Of Insider Trades
» ‎ Packet Storm Security Headlines

A Curious Tale Of The Priest, The Broker, The Hacked Newswires, And $100 Million Of Insider Trades
Tags: headlinehackerbankrussiafraud
8:20
The Crypto Currencies That Die Before They Have Bloomed
» ‎ Packet Storm Security Headlines

The Crypto Currencies That Die Before They Have Bloomed
Tags: headlinebankfraudcryptography
8:19
Adobe Fixes Over 100 Vulnerabilities In Latest Security Patch Update
» ‎ Packet Storm Security Headlines

Adobe Fixes Over 100 Vulnerabilities In Latest Security Patch Update
Tags: headlineflawadobepatch
8:19
Arch Linux PDF Reader Package Poisoned
» ‎ Packet Storm Security Headlines

Arch Linux PDF Reader Package Poisoned
Tags: headlinemalwarebackdoor

8:00
Hold the Salt and Butter, This Popcorn Is For a Robot
» ‎ Hack a Day

Popcorn! Light and fluffy, it is a fantastically flexible snack. We can have them plain, create a savory snack with some salt and butter, or cover with caramel if you have a sweet tooth. Now Cornell University showed us one more way to enjoy popcorn: use their popping action as the mechanical force in a robot actuator.

It may be unorthodox at first glance, but it makes a lot of sense. We pop corn by heating its water until it turns into steam triggering a rapid expansion of volume. It is not terribly different from our engines burning an air-fuel …read more

Tags: robots hacks

7:46
[SECURITY] [DSA 4243-1] cups security update
» ‎ Bugtraq

Posted by Luciano Bello on Jul 11
-------------------------------------------------------------------------
Debian Security Advisory DSA-4243-1 security () debian org
https://www.debian.org/security/ Luciano Bello
July 11, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : cups
CVE ID : CVE-2017-15400 CVE-2018-4180...

Tags:

7:01
Teardown Of USB Fan Reveals Journalists’ Lack Of Opsec
» ‎ Hack a Day

Last month, Singapore hosted a summit between the leaders of North Korea and the United States. Accredited journalists invited to the event were given a press kit containing a bottle of water, various paper goods, and a fan that plugs into a USB port.

Understandably, the computer security crowd on Twitter had a great laugh. You shouldn’t plug random USB devices into a computer, especially if you’re a journalist, especially if you’re in a foreign country, and especially if you’re reporting on the highest profile international summit in recent memory. Doing so is just foolhardy.

This is not a story …read more

Tags: current Events

6:20
AT&T Bizcircle - Persistent Profile Cross Site Scripting Vulnerabilities
» ‎ Bugtraq

Posted by Vulnerability Lab on Jul 11
Document Title:
===============
AT&T Bizcircle - Persistent Profile Cross Site Scripting Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2108

AT&T Reference ID: 1502971499862

Vulnerability Magazine:
https://www.vulnerability-db.com/?q=articles/2018/07/05/att-corporation-lab-uncovers-new-details-about-bizcircle-vulnerabilities

Release Date:
=============
2018-07-05...

Tags:
6:18
Barracuda ADC 5.x - Client Side Cross Site Scripting Vulnerability
» ‎ Bugtraq

Posted by Vulnerability Lab on Jul 11
Document Title:
===============
Barracuda ADC 5.x - Client Side Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1425

Release Date:
=============
2018-07-10

Vulnerability Laboratory ID (VL-ID):
====================================
1425

Common Vulnerability Scoring System:
====================================
3.6

Vulnerability Class:
====================
Cross...

Tags:

6:09
AT&T Bizcircle - Persistent Profile Cross Site Scripting Vulnerabilities
» ‎ Full Disclosure

Posted by Vulnerability Lab on Jul 11
Document Title:
===============
AT&T Bizcircle - Persistent Profile Cross Site Scripting Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2108

AT&T Reference ID: 1502971499862

Vulnerability Magazine:
https://www.vulnerability-db.com/?q=articles/2018/07/05/att-corporation-lab-uncovers-new-details-about-bizcircle-vulnerabilities

Release Date:
=============
2018-07-05...

Tags:

6:08
Barracuda ADC 5.x - Filter Bypass & Persistent Validation Vulnerability
» ‎ Bugtraq

Posted by Vulnerability Lab on Jul 11
Document Title:
===============
Barracuda ADC 5.x - Filter Bypass & Persistent Validation Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1423

Release Date:
=============
2018-07-09

Vulnerability Laboratory ID (VL-ID):
====================================
1423

Common Vulnerability Scoring System:
====================================
3.8

Vulnerability Class:
====================...

Tags:
6:03
ASUS WRT-AC66U 3.x - Cross Site Scripting Vulnerability
» ‎ Bugtraq

Posted by Vulnerability Lab on Jul 11
Document Title:
===============
ASUS WRT-AC66U 3.x - Cross Site Scripting Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1993

Release Date:
=============
2018-06-27

Vulnerability Laboratory ID (VL-ID):
====================================
1993

Common Vulnerability Scoring System:
====================================
3

Vulnerability Class:
====================
Cross Site Scripting...

Tags:

6:03
Barracuda ADC 5.x - Client Side Cross Site Scripting Vulnerability
» ‎ Full Disclosure

Posted by Vulnerability Lab on Jul 11
Document Title:
===============
Barracuda ADC 5.x - Client Side Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1425

Release Date:
=============
2018-07-10

Vulnerability Laboratory ID (VL-ID):
====================================
1425

Common Vulnerability Scoring System:
====================================
3.6

Vulnerability Class:
====================
Cross...

Tags:

6:01
Intel System CU - Buffer Overflow (Denial of Service) Vulnerability
» ‎ Bugtraq

Posted by Vulnerability Lab on Jul 11
Document Title:
===============
Intel System CU - Buffer Overflow (Denial of Service) Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2133

Security ID: INTEL-SA-00134

https://nvd.nist.gov/vuln/detail/CVE-2018-3661
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3661

Acknowledgements:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00134.html...

Tags:

6:00
Barracuda ADC 5.x - Filter Bypass & Persistent Validation Vulnerability
» ‎ Full Disclosure

Posted by Vulnerability Lab on Jul 11
Document Title:
===============
Barracuda ADC 5.x - Filter Bypass & Persistent Validation Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1423

Release Date:
=============
2018-07-09

Vulnerability Laboratory ID (VL-ID):
====================================
1423

Common Vulnerability Scoring System:
====================================
3.8

Vulnerability Class:
====================...

Tags:
5:55
ASUS WRT-AC66U 3.x - Cross Site Scripting Vulnerability
» ‎ Full Disclosure

Posted by Vulnerability Lab on Jul 11
Document Title:
===============
ASUS WRT-AC66U 3.x - Cross Site Scripting Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1993

Release Date:
=============
2018-06-27

Vulnerability Laboratory ID (VL-ID):
====================================
1993

Common Vulnerability Scoring System:
====================================
3

Vulnerability Class:
====================
Cross Site Scripting...

Tags:

Skip to page: 1 2 3 4 ... 810

Feeds

Recent items

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags: headlinemalwarephoneindiafraudapple

Tags: headlineflawgooglepatchchromeintel

Tags: headlineflawpatchcisco

Tags: headlinemalwarecyberwarscada

Tags: printer hacks

Tags:

Tags:

Tags:

Tags: featured

Tags: cnc hacks

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags: home hacks

Tags:

Tags:

Tags: classic hacks

Tags: computer hacks

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags:

Tags: teardown