Full Disclosure

Syndicate content
A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.
Updated: 13 hours 27 min ago

APPLE-SA-10-28-2024-6 watchOS 11.1

28 October, 2024 - 20:54

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-6 watchOS 11.1

watchOS 11.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121565.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: Apple Watch Series 6 and later
Impact: An attacker with physical access to a locked device may be able
to...

APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1

28 October, 2024 - 20:54

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1

macOS Ventura 13.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121568.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

App Support
Available for: macOS Ventura
Impact: A malicious app may be able to run arbitrary shortcuts without
user...

APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1

28 October, 2024 - 20:54

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1

macOS Sonoma 14.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121570.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

App Support
Available for: macOS Sonoma
Impact: A malicious app may be able to run arbitrary shortcuts without
user...

APPLE-SA-10-28-2024-3 macOS Sequoia 15.1

28 October, 2024 - 20:54

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-3 macOS Sequoia 15.1

macOS Sequoia 15.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121564.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Apache
Impact: Multiple issues existed in Apache
Description: This is a vulnerability in open source code and Apple...

APPLE-SA-10-28-2024-2 iOS 17.7.1 and iPadOS 17.7.1

28 October, 2024 - 20:54

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-2 iOS 17.7.1 and iPadOS 17.7.1

iOS 17.7.1 and iPadOS 17.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121567.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
2nd generation...

APPLE-SA-10-28-2024-1 iOS 18.1 and iPadOS 18.1

28 October, 2024 - 20:54

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-1 iOS 18.1 and iPadOS 18.1

iOS 18.1 and iPadOS 18.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121563.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: iPhone XS and later
Impact: An attacker with physical access to a locked device...

Open Redirect / Reflected XSS - booked-schedulerv2.8.5

28 October, 2024 - 20:53

Posted by Andrey Stoykov on Oct 28

# Exploit Title: Open Redirect / Reflected XSS - booked-schedulerv2.8.5
# Date: 10/2024
# Exploit Author: Andrey Stoykov
# Version: 2.8.5
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/10/friday-fun-pentest-series-13-reflected.html
https://msecureltd.blogspot.com/2024/10/friday-fun-pentest-series-12-open.html

Open Redirect:

Steps to Reproduce:

1. Login and intercept HTTP request with a proxy such as Burpsuite or ZAP
2....

SEC Consult SA-20241024-0 :: Unauthenticated Path Traversal Vulnerability in Lawo AG - vsm LTC Time Sync (vTimeSync) (CVE-2024-6049)

24 October, 2024 - 22:33

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 24

SEC Consult Vulnerability Lab Security Advisory < 20241024-0 >
=======================================================================
title: Unauthenticated Path Traversal Vulnerability
product: Lawo AG - vsm LTC Time Sync (vTimeSync)
vulnerable version: <4.5.6.0
    fixed version: 4.5.6.0
       CVE number: CVE-2024-6049
           impact: high
homepage:...

[RESEARCH] DTLS 'ClientHello' Race Conditions in WebRTC Implementations

24 October, 2024 - 22:33

Posted by Sandro Gauci via Fulldisclosure on Oct 24

Dear Full Disclosure community,

We've released a white paper detailing a critical vulnerability affecting multiple WebRTC implementations: "DTLS
'ClientHello' Race Conditions in WebRTC Implementations".

White paper: https://www.enablesecurity.com/research/webrtc-hello-race-conditions-paper.pdf

Key points:

1. Vulnerability: Failure to properly verify the origin of DTLS "ClientHello" messages in WebRTC...

Adversary3 updated with 700 malware and C2 panel vulnerabilities

24 October, 2024 - 22:32

Posted by malvuln on Oct 24

Adversary3 malware vulnerability intel tool for third-party attackers
living off malware (LOM), updated with 700 malware and C2 panel
vulnerabilities

https://github.com/malvuln/Adversary3

Thanks,
malvuln

SEC Consult SA-20241015-0 :: Multiple Vulnerabilities in Rittal IoT Interface & CMC III Processing Unit (CVE-2024-47943, CVE-2024-47944, CVE-2024-47945)

20 October, 2024 - 21:43

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 20

No message preview for long message of 359314 bytes.

CVE-2024-48939: Unauthorized enabling of API in Paxton Net2 software

20 October, 2024 - 21:42

Posted by Jeroen Hermans via Fulldisclosure on Oct 20

CloudAware Security Advisory

CVE-2024-48939: Unauthorized enabling of API in Paxton Net2 software

========================================================================
Summary
========================================================================
Bypass of Paxton Net2 API license. Possible leaking of PII and access to
admin functionality.
No physical access to computer running Paxton Net2 is required....