OS-S Security Advisory 2016-02

Date: January 1st, 2016
Updated: January 1st, 2016
Authors: Oguzhan Cicek, Hendrik Schwartke, Ralf Spenneberg
CVE: Not yet assigned
CVSS: 6.2 (AV:L/AC:L/Au:S/C:C/I:C/A:N)
Title: Weak authentication in NXP Hitag S transponder allows an attacker to
read, write and clo

[ more ]  [ reply ]

OS-S Security Advisory 2016-03

Date: January 1st, 2016
Updated: January 1st, 2016
Authors: Oguzhan Cicek, Hendrik Schwartke, Ralf Spenneberg
CVE: Not yet assigned
CVSS: 6.2 (AV:L/AC:L/Au:S/C:C/I:C/A:N)
Title: Insufficient Integrity Protection in Winkhaus Bluesmart locking systems
using Hitag S
Se

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3431-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 01, 2016

[ more ]  [ reply ]

OS-S Security Advisory 2016-01

Date: January 1st, 2016
Updated: January 1st, 2016
Authors: Hendrik Schwartke, Ralf Spenneberg
CVE: Not yet assigned
CVSS: 6.2 (AV:L/AC:L/Au:S/C:C/I:C/A:N)
Title: Insufficient integrity checks in Uhlmann & Zacher Clex prime locking
systems using 125 kHz EM4450 trans

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3432-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 01, 2016

[ more ]  [ reply ]

package main

/*
************************************************************************
**
* Exploit Title: Joomla 1.5.x to 3.4.5 Object Injection Exploit
* Exploit Author: Khashayar Fereidani ( http://fereidani.com )
* Version: 1.5.x to 3.4.5
* CVE : CVE-2015-8562
*********************************

[ more ]  [ reply ]

Hi @ll,

TrendMicro_MAX_10.0_US-en_Downloader.exe (available from
<http://trial.trendmicro.com/US/TM/2016/TrendMicro_MAX_10.0_US-en_Downlo
ader.exe>)
loads and executes ProfAPI.dll and UXTheme.dll (and other DLLs
too) eventually found in the directory it is started from
(the "application directory").

[ more ]  [ reply ]

[+] Credits: hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/FTPSHELL-v5.24-BUFFER-OVERFLO
W.txt

Vendor:
================================
www.ftpshell.com

Product:
================================
FTPShell Client version 5.24

FTPShell c

[ more ]  [ reply ]

#2015-012 Ganeti multiple issues

Description:

Ganeti, an open source virtualization manager, suffers from multiple issues in
its RESTful control interface (RAPI).

The distributed replicated storage (DRBD) secret is leaked by the RAPI
interface when job results are requested. Leveraging on the kno

[ more ]  [ reply ]

------------------------------------------------------------------------

WebKitGTK+ Security Advisory WSA-2015-0002
------------------------------------------------------------------------

Date reported : December 28, 2015
Advisory ID : WSA-2015-0002
Adviso

[ more ]  [ reply ]

Details
=======

Product: libtiff
Affected Versions: <= 4.0.6
Vulnerability Type: Heap Overflow
Security Risk: High
Vendor URL: http://www.libtiff.org/
CVE ID: CVE-2015-8668
Credit: riusksk of Tencent Security Platform Department

Introduction
============

libtiff v4.0.6 bmp2tiff function PackBit

[ more ]  [ reply ]

`_TIFFVGetField()' in libtiff-4.0.6 may write field data for certain
extension tags to invalid or possibly arbitrary memory.

Each tag has a `field_passcount' variable in their TIFFField struct:

tiff-4.0.6/libtiff/tif_dir.h #276..289:
,----
| struct _TIFFField {
| uint32 field_tag;

[ more ]  [ reply ]

[+] Credits: hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/ACCESSDIVER-BUFFER-OVERFLOW.t
xt

Vendor:
==============
M. Jean Fages
www.accessdiver.com
circa 1998-2006

Product:
=============================
AccessDiver V4.301 build 5888

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2015-357-01)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3430-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
December 23, 2015

[ more ]  [ reply ]

Hi @ll,

F-Secure's online virus scanner F-SecureOnlineScanner.exe, available
via <https://www.f-secure.com/en/web/home_global/online-scanner>,
loads and executes several rogue/bogus DLLs (UXTheme.dll, HNetCfg.dll,
RASAdHlp.dll, SetupAPI.dll, ClbCatQ.dll, XPSP2Res.dll, CryptNet.dll,
OLEAcc.dll etc.)

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] blueman (SSA:2015-356-01)

New blueman packages are available for Slackware 13.37, 14.0, 14.1,
and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/pa

[ more ]  [ reply ]

Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:

* Unfiltered HTML injected into a dependency graph could be used to
create a cross-site scripting attack.

* Some web browsers

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-179: EMC Secure Remote Services Virtual Edition Path Traversal Vulnerability

EMC Identifier: ESA-2015-179

CVE Identifier: CVE-2015-6852

Severity Rating: CVSS v2 Base Score: 5.5 (AV:A/AC:L/Au:S/C:C/I:N/A:N)

Affected products:

EMC

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-174: EMC VPLEX Undocumented Account Vulnerability

EMC Identifier: ESA-2015-174

CVE Identifier: CVE-2015-6850

Severity Rating: CVSS Base Score 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C)

Affected Products

EMC Software: EMC VPLEX GeoSynchrony

[ more ]  [ reply ]

Document Title:
===============
Aeris Calandar v2.1 - Buffer Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1656

Release Date:
=============
2015-12-01

Vulnerability Laboratory ID (VL-ID):
===================================

[ more ]  [ reply ]

Document Title:
===============
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1657

Release Date:
=============
2015-11-26

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]

Document Title:
===============
Switch v4.68 - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1649

Release Date:
=============
2015-11-23

Vulnerability Laboratory ID (VL-ID):
====================================
1649

[ more ]  [ reply ]

Document Title:
===============
Lithium Forum - (previewImages) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1520

Release Date:
=============
2015-12-18

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]

Document Title:
===============
Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1655

Release Date:
=============
2015-12-07

Vulnerability Laboratory ID (VL-ID):
==================

[ more ]  [ reply ]

Document Title:
===============
Western Union CN Bug Bounty #6 - Client Side Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1657

Release Date:
=============
2015-12-14

Vulnerability Laboratory ID (VL-ID):
===

[ more ]  [ reply ]

Document Title:
===============
DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability

References (Source):
====================
http://vulnerability-lab.com/get_content.php?id=1360

Tracking ID: 15943

Release Date:
=============
2015-12-18

Vulnerability Laboratory ID (VL-ID):
==========

[ more ]  [ reply ]

Advisory: Symfony PHP Framework: Session Fixation In "Remember Me" Login
Functionality

A session fixation vulnerability within the Symfony web application
framework's "Remember Me" login functionality allows an attacker to
impersonate the victim towards the web application if the session

[ more ]  [ reply ]

Hi @ll,

the executable installer [°]['] (rather: the 7-Zip based executable
self-extractor [²]) of Rapid7's (better known for their flagship
Metasploit) ScanNowUPnP.exe loads and executes several rogue/bogus
DLLs eventually found in the directory it is started from (the
"application directory"), co

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04779492

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04779492
Version: 1

HPSBHF03419 r

[ more ]  [ reply ]