|
|
Colapse all |
Post message
ChromeOS / ChromeBooks Persist Certain Network Settings in Guest Mode 2017-04-09 Nightwatch Cybersecurity Research (research nightwatchcybersecurity com) Foscam All networked devices, multiple Design Errors. SSL bypass. 2017-04-09 nick m mckenna gmail com Two issues in one that nullify SSL in foscam devices: All Foscam networked cameras use the same SSL private key that is hard coded into the downloadable firmware. This is easily extracted using a utility like binwalk and would allow an attacker to MITM any Foscam device. One devices SSL keys are val [ more ] [ reply ] [slackware-security] libtiff (SSA:2017-098-01) 2017-04-08 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libtiff (SSA:2017-098-01) New libtiff packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/libtiff- [ more ] [ reply ] [security bulletin] HPESBGN03733 rev.1 - HPE Universal CMDB using Apache Struts, Remote Code Execution 2017-04-07 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn 03733en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbgn03733en_us Version: 1 HP [ more ] [ reply ] [CVE-2016-6805] Arbitrary File Read due to eXternal Xml Entity attack in Apache Ignite 2017-04-07 Denis Magda (dmagda apache org) [CVE-2016-6805] Arbitrary File Read due to eXternal Xml Entity attack in Apache Ignite Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Ignite 1.0.0-RC3 to 1.8 Description: Apache Ignite uses an update notifier component to update the users about new project r [ more ] [ reply ] D-Link DWR-116 - CVE-2017-6190 - Arbitrary File Download 2017-04-07 patrykgnt gmail com # Title: D-Link DWR-116 Arbitrary File Download # Vendor: D-Link (www.dlink.com) # Affected model(s): DWR-116 / DWR-116A1 # Tested on: V1.01(EU), V1.00(CP)b10, V1.05(AU) # CVE: CVE-2017-6190 # Date: 04.07.2016 # Author: Patryk Bogdan (@patryk_bogdan) Description: D-Link DWR-116 with firmware before [ more ] [ reply ] SEC Consult SA-20170407-0 :: Server-Side Request Forgery in MyBB forum 2017-04-07 SEC Consult Vulnerability Lab (research sec-consult com) Apple Music Android Application - MITM SSL Certificate Vulnerability (CVE-2017-2387) 2017-04-06 David Coomber (davidcoomber infosec gmail com) Apple Music Android Application - MITM SSL Certificate Vulnerability (CVE-2017-2387) -- http://www.info-sec.ca/advisories/Apple-Music.html Overview "Listen to all the music you want, anytime." (https://play.google.com/store/apps/details?id=com.apple.android.music) Issue The Apple Music Android [ more ] [ reply ] Trend Micro Enterprise Mobile Security Android Application - MITM SSL Certificate Vulnerability (CVE-2016-9319) 2017-04-06 David Coomber (davidcoomber infosec gmail com) Trend Micro Enterprise Mobile Security Android Application - MITM SSL Certificate Vulnerability (CVE-2016-9319) -- http://www.info-sec.ca/advisories/Trend-Micro-Enterprise-Mobile-Security .html Overview "Trend Micro Mobile Security is the client app for Trend Microâ??s enterprise mobility platform. [ more ] [ reply ] Spiceworks 7.5 TFTP Improper Access Control File Overwrite / Upload 2017-04-06 apparitionsec gmail com (hyp3rlinx) [+] Credits: John Page AKA HYP3RLINX [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/SPICEWORKS-IMPROPER-ACCESS-CO NTROL-FILE-OVERWRITE.txt [+] ISR: APPARITIONSEC Vendor: ================== www.spiceworks.com Product: ================= S [ more ] [ reply ] [security bulletin] HPESBGN03727 rev.1 - HPE Business Process Monitor, Remote Unauthorized Access to Data 2017-04-04 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn 03727en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbgn03727en_us Version: 1 HP [ more ] [ reply ] DefenseCode ThunderScan SAST Advisory: Apache Tomcat Directory/Path Traversal 2017-04-04 DefenseCode (defensecode defensecode com) [SECURITY] [DSA 3826-1] tryton-server security update 2017-04-04 Salvatore Bonaccorso (carnil debian org) AST-2017-001: Buffer overflow in CDR's set user 2017-04-04 Asterisk Security Team (security asterisk org) The password for the project protection of the Schneider Modicon TM221CE16R is hard-coded and cannot be changed. 2017-04-04 Ralf Spenneberg (info os-t de) OpenSource Security Ralf Spenneberg Am Bahnhof 3-5 48565 Steinfurt info (at) os-s (dot) net [email concealed] OS-S Security Advisory 2017-02 Date: April 4th, 2017 Authors: Simon Heming, Maik Brüggemann, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 10 Affected Device: Schneider SoMachine Basic 1.4 SP1, Schne [ more ] [ reply ] OS-S-2017-01: The password for the application protection of the Schneider Modicon TM221CE16R can be retrieved without authentication. Subsequently the application may be arbitrarily downloaded, uploaded and modified. CVSS 10. 2017-04-04 Ralf Spenneberg (info os-t de) OpenSource Security Ralf Spenneberg Am Bahnhof 3-5 48565 Steinfurt info (at) os-s (dot) net [email concealed] OS-S Security Advisory 2017-01 Date: April 4th, 2017 Authors: Simon Heming, Maik Brüggemann, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 10 Affected Device: Schneider Modicon TM221CE16R, Firmware 1. [ more ] [ reply ] Moodle URL Manipulation Remote Account Information Disclosure 2017-04-04 Patrick Webster (patrick osisecurity com au) https://www.osisecurity.com.au/moodle-url-manipulation-remote-account-in formation-disclosure.html Date: 04-Apr-2017 Product: Moodle Versions affected: 2.4.10, 2.5.6, 2.6.3, 2.7 and earlier. Vulnerability: Information disclosure. Example: /user/edit.php?id= reveals account owner name 1. Log in [ more ] [ reply ] iPlatinum iOneView Multiple Parameter Reflected XSS 2017-04-04 Patrick Webster (patrick osisecurity com au) https://www.osisecurity.com.au/iplatinum-ioneview-multiple-parameter-ref lected-xss.html Date: 04-Apr-2017 Product: iPlatinum iOneView Versions affected: Unknown. Vulnerabilities: 1) Cross-site scripting: http://[target]/ioneview/admin/main.pl?cmd=<script>alert(document.cookie )</script> http:// [ more ] [ reply ] Kaseya information disclosure vulnerability 2017-04-04 Patrick Webster (patrick osisecurity com au) https://www.osisecurity.com.au/kaseya-information-disclosure-vulnerabili ty.html Date: 04-Apr-2017 Product: Kaseya VSA Versions affected: 9.02.00.04 Vulnerability: Installations of Kaseya contain the following installation page: https://[target]/install/kaseya.html When the product is installed [ more ] [ reply ] AcoraCMS browser redirect and Cross-site scripting vulnerabilities 2017-04-04 Patrick Webster (patrick osisecurity com au) https://www.osisecurity.com.au/acoracms-browser-redirect-and-cross-site- scripting-vulnerabilities.html Date: 04-Apr-2017 Product: AcoraCMS Versions affected: 7.0.0.6 (known bugs from 6.0.6 are still present http://www.digitalsec.net/stuff/explt+advs/CM3.AcoraCMS.v6.txt). Vulnerabilities: 1) Arbi [ more ] [ reply ] SmartJobBoard - Cross-site scripting, personal information disclosure and PHPMailer package 2017-04-04 Patrick Webster (patrick osisecurity com au) https://www.osisecurity.com.au/smartjobboard---cross-site-scripting-pers onal-information-disclosure-and-phpmailer-package.html Date: 04-Apr-2017 Product: SmartJobBoard Versions affected: v5.0.9 and below. Vulnerability: 1) Cross-site scripting vulnerabilities in the following locations and para [ more ] [ reply ] SilverStripe CMS - Path Disclosure 2017-04-04 Patrick Webster (patrick osisecurity com au) https://www.osisecurity.com.au/silverstripe-cms---path-disclosure.html Date: 04-Apr-2017 Product: SilverStripe CMS Versions affected: 3.1.9 and below. Vulnerability: Path disclosure. Example URL: http://[target]/dev/build/ Path reported: /home/[target]/public_html/framework/dev/DebugView.php h [ more ] [ reply ] Tweek!DM Document Management Authentication bypass, SQL injection 2017-04-04 Patrick Webster (patrick osisecurity com au) https://www.osisecurity.com.au/tweekdm-document-management-authenticatio n-bypass-sql-injection-vulnerabilities.html Date: 04-Apr-2017 Product: Tweek!DM Document Management Versions affected: Unknown Vulnerabilities: 1) Authentication bypass - the software sends a 301 Location redirect back to th [ more ] [ reply ] Computer Associates API Gateway CRLF Response Splitting, Directory Traversal vulnerabilities 2017-04-04 Patrick Webster (patrick osisecurity com au) https://www.osisecurity.com.au/computer-associates-api-gateway-crlf-resp onse-splitting-directory-traversal-vulnerabilities.html Date: 04-Apr-2017 Product: Computer Associates (Layer7) API Gateway Versions affected: v7, v8, v9 Vulnerabilities: 1) CRLF Response Splitting https://[target]:8443/te [ more ] [ reply ] CVE-2017-7185 - Mongoose OS - Use-after-free / Denial of Service 2017-04-04 Advisories (advisories compass-security com) ############################################################# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/en/research/advisories/ # ############################################################# # # Product: Mongoose OS # Vendor: Cesanta # CVE ID: CVE-2017-7185 # CSNC ID: CSNC-20 [ more ] [ reply ] Lantern CMS Path Disclosure, SQL Injection, Reflected XSS 2017-04-04 Patrick Webster (patrick osisecurity com au) https://www.osisecurity.com.au/lantern-cms-path-disclosure-sql-injection -reflected-xss.html Date: 04-Apr-2017 Product: LanternCMS Versions affected: Unknown Vulnerabilities: 1) Path disclosure By requesting a site with an invalid intSiteI or numRedirectCount: http://[target]/www/default.asp?int [ more ] [ reply ] Manhattan Software IWMS (Integrated Workplace Management System) XML External Entity (XXE) Injection File Disclosure 2017-04-04 Patrick Webster (patrick osisecurity com au) https://www.osisecurity.com.au/manhattan-software-iwms-integrated-workpl ace-management-system-xml-external-entity-xxe-injection-file-disclosure. html Date: 04-Apr-2017 Product: Trimble / Manhattan Software IWMS (integrated workplace management system) Versions affected: 9.x Vulnerability: XML Ext [ more ] [ reply ] AirWatch Self Service Portal Username Parameter LDAP Injection 2017-04-04 Patrick Webster (patrick osisecurity com au) https://www.osisecurity.com.au/airwatch-self-service-portal-username-par ameter-ldap-injection.html Date: 04-Apr-2017 Product: AirWatch Self Service MDM Versions affected: v6.1.x v6.4.x Vulnerability: LDAP injection Example: https://[target]/DeviceManagement/ URL accepts the following POST param [ more ] [ reply ] Avaya Radvision SCOPIA Desktop dlg_loginownerid.jsp ownerid SQL Injection 2017-04-04 Patrick Webster (patrick osisecurity com au) https://www.osisecurity.com.au/avaya-radvision-scopia-desktop-dlg_logino wneridjsp-ownerid-sql-injection.html Date: 04-Apr-2017 Product: Avaya Radvision SCOPIA Desktop Versions affected: v7.7.000.042 released in 2011 (confirmed) v8.2.101.046 relased in 2013 (confirmed) Vulnerability: Blind SQL in [ more ] [ reply ] |
|
Privacy Statement |
https://wwws.nightwatchcybersecurity.com/2017/04/09/advisory-chromeos-ch
romebooks-persist-certain-network-settings-in-guest-mode/]
SUMMARY
Certain network settings in ChromeOS / ChromeBooks persists between
reboots when set in guest mode. These issues have been re
[ more ] [ reply ]