Security News

CyberDanube Security Research 20240604-0 | Multiple Vulnerabilities in utnserver Pro/ProMAX/INU-100

Full Disclosure - 9 June, 2024 - 02:39

Posted by Thomas Weber via Fulldisclosure on Jun 09

CyberDanube Security Research 20240604-0
-------------------------------------------------------------------------------
title| Multiple Vulnerabilities
product| SEH utnserver Pro/ProMAX / INU-100
vulnerable version| 20.1.22
fixed version| 20.1.28
CVE number| CVE-2024-5420, CVE-2024-5421, CVE-2024-5422
impact| High
homepage| https://www.seh-technology.com/...

SEC Consult SA-20240606-0 :: Multiple critical vulnerabilities in Kiuwan SAST on-premise (KOP) & cloud/SaaS & Kiuwan Local Analyzer (KLA)

Full Disclosure - 9 June, 2024 - 02:39

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 09

SEC Consult Vulnerability Lab Security Advisory < 20240606-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: Kiuwan SAST on-premise (KOP) & cloud/SaaS
Kiuwan Local Analyzer (KLA)
vulnerable version: Kiuwan SAST <2.8.2402.3
Kiuwan Local Analyzer <master.1808.p685.q13371...

Blind SQL Injection - fengofficev3.11.1.2

Full Disclosure - 9 June, 2024 - 02:39

Posted by Andrey Stoykov on Jun 09

# Exploit Title: FengOffice - Blind SQL Injection
# Date: 06/2024
# Exploit Author: Andrey Stoykov
# Version: 3.11.1.2
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/05/friday-fun-pentest-series-6.html

Steps to Reproduce:

1. Login to application
2. Click on "Workspaces"
3. Copy full URL
4. Paste the HTTP GET request into text file
5. Set the injection point to be in the "dim" parameter...

Trojan.Win32.DarkGateLoader (multi variants) / Arbitrary Code Execution

Full Disclosure - 9 June, 2024 - 02:39

Posted by malvuln on Jun 09

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/afe012ed0d96abfe869b9e26ea375824.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Trojan.Win32.DarkGateLoader (multi variants)
Vulnerability: Arbitrary Code Execution
Description: Multiple variants of this malware look for and execute
x32-bit "urlmon.dll" PE file in its current directory. Therefore, we
can...

SQL Injection Vulnerability in Boelter Blue System Management (version 1.3)

Full Disclosure - 9 June, 2024 - 02:39

Posted by InfoSec-DB via Fulldisclosure on Jun 09

Exploit Title: SQL Injection Vulnerability in Boelter Blue System Management (version 1.3)
Google Dork: inurl:"Powered by Boelter Blue"
Date: 2024-06-04
Exploit Author: CBKB (DeadlyData, R4d1x)
Vendor Homepage: https://www.boelterblue.com
Software Link: https://play.google.com/store/apps/details?id=com.anchor5digital.anchor5adminapp&hl=en_US
Version: 1.3
Tested on: Linux Debian 9 (stretch), Apache 2.4.25, MySQL >= 5.0.12
CVE:...

GDB Dances and the Moon

Daily Dave - 8 June, 2024 - 10:39

Posted by Dave Aitel via Dailydave on Jun 08

People occasionally read my blogposts
<https://cybersecpolitics.blogspot.com/2024/04/what-open-source-projects-are.html>on
Jia Tan
<https://cybersecpolitics.blogspot.com/2024/04/the-open-source-problem.html>and
then ask me about open source development in general, and you can only, in
your darkest heart of hearts (your only heart) laugh.

The other day I was contributing to a project that I am one of several
developers on. In...

Re: What a failure of Secure by Design looks like: Web Browsers

Daily Dave - 4 June, 2024 - 14:36

Posted by Tom Ritter via Dailydave on Jun 04

Speaking about (but not for - this is just how I interpreted it) Firefox -
mostly sausage making and org pains. Fennec (the old mobile architecture)
supported extensions, although I don't remember to what extent/how well. In
2016 it got WebExtension support - before that it was supporting extensions
in the old style of "Just let them do whatever they want in the browser,
I'm sure it will be fine.[0]" And in late 2017 we...

Re: What a failure of Secure by Design looks like: Web Browsers

Daily Dave - 4 June, 2024 - 09:35

Posted by Andre Gironda via Dailydave on Jun 04

The problem of ads or things-in things is in a poor state. It's bad on
every stack, every ecosystem. Ads or SEO poisoning bubbled up this
crimeware-to ransomware via "Bing AI Chat" --
https://www.bleepingcomputer.com/news/security/bing-chat-responses-infiltrated-by-ads-pushing-malware/
Try asking your AI buddy a download link for Advanced IP Scanner

and there's been other strange stories such as this one --...

Re: What a failure of Secure by Design looks like: Web Browsers

Daily Dave - 3 June, 2024 - 22:26

Posted by Michal Zalewski via Dailydave on Jun 03

The security argument is fairly good in the sense that the extension
security model is broken. It's not even about ad blockers: far too many
extensions request overly broad permissions and then either do sneaky
things (e.g., "monetizing" users by stealing browsing histories) or put
users at risk. It doesn't help that if you pop a developer's account, you
can essentially deploy a backdoored extension to all users...

Re: What a failure of Secure by Design looks like: Web Browsers

Daily Dave - 3 June, 2024 - 22:18

Posted by Dave Aitel via Dailydave on Jun 03

[image: image.png]
So on one hand, a net completely controlled by Facebook and Apple and every
other walled off application "garden" would be a terrible thing. And yet,
did we not get just that in a manner of speaking? How healthy would we say
the net is right now?

Also, I find the security argument against extensions
<...

CyberDanube Security Research 20240528-0 | Multiple Vulnerabilities in ORing IAP-420

Full Disclosure - 29 May, 2024 - 22:05

Posted by Thomas Weber via Fulldisclosure on May 29

CyberDanube Security Research 20240528-0
-------------------------------------------------------------------------------
title| Multiple Vulnerabilities
product| ORing IAP-420
vulnerable version| 2.01e
fixed version| -
CVE number| CVE-2024-5410, CVE-2024-5411
impact| High
homepage| https://oringnet.com/
found| 2024-01-19
by| T. Weber...

HNS-2024-06 - HN Security Advisory - Multiple vulnerabilities in Eclipse ThreadX

Full Disclosure - 29 May, 2024 - 22:05

Posted by Marco Ivaldi on May 29

Hi,

Please find attached a security advisory that describes multiple
vulnerabilities we discovered in Eclipse ThreadX (aka Azure RTOS).

* Title: Multiple vulnerabilities in Eclipse ThreadX
* OS: Eclipse ThreadX < 6.4.0
* Author: Marco Ivaldi <marco.ivaldi () hnsecurity it>
* Date: 2024-05-28
* CVE IDs and severity:
* CVE-2024-2214 - High - 7.0 - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-2212 - High - 7.3 -...

SEC Consult SA-20240527-0 :: Multiple vulnerabilities in HAWKI didactic interface

Full Disclosure - 27 May, 2024 - 21:50

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 27

SEC Consult Vulnerability Lab Security Advisory < 20240527-0 >
=======================================================================
title: Multiple vulnerabilities
product: HAWKI (Interaction Design Team at the University of Applied
Sciences and Arts in Hildesheim/Germany)
vulnerable version: 1.0.0-beta.1, versions before commit 146967f
    fixed version: Github commit 146967f...

SEC Consult SA-20240524-0 :: Exposed Serial Shell on multiple PLCs in Siemens CP-XXXX Series

Full Disclosure - 27 May, 2024 - 21:50

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 27

SEC Consult Vulnerability Lab Security Advisory < 20240524-0 >
=======================================================================
title: Exposed Serial Shell on multiple PLCs
product: Siemens CP-XXXX Series (CP-2014, CP-2016, CP-2017, CP-2019, CP-5014)
vulnerable version: All hardware revisions
fixed version: Hardware is EOL, no fix
CVE number: -
impact: Low...

SEC Consult SA-20240522-0 :: Broken access control & API Information Exposure in 4BRO App

Full Disclosure - 23 May, 2024 - 12:35

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 23

SEC Consult Vulnerability Lab Security Advisory < 20240522-0 >
=======================================================================
title: Broken access control & API Information Exposure
product: 4BRO App
vulnerable version: before 2024-04-17
fixed version: 2024-04-17
CVE number: -
impact: Critical
homepage: https://www.4bro.de
found: 2023-05-07...

[CFP] Security BSides Ljubljana 0x7E8 | September 27, 2024

Full Disclosure - 23 May, 2024 - 12:34

Posted by Andraz Sraka on May 23

MMMMMMMMMMMMMMMMNmddmNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMN..-..--+MMNy:...-.-/yNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMy..ymd-.:Mm::-:osyo-..-mMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MM:..---.:dM/..+NNyyMN/..:MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
Mm../dds.-oy.-.dMh--mMds++MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
My:::::/ydMmo..-hMMMmo//omMs/+Mm+++++shNMN+//+//+oMNy+///ohM
MMMs//yMNo+hMh---m:-:hy+sMN..+Mo..os+.-:Ny--ossssdN-.:yyo+mM...

asterisk release 20.8.1

Full Disclosure - 20 May, 2024 - 21:49

Posted by Asterisk Development Team via Fulldisclosure on May 20

The Asterisk Development Team would like to announce security release
Asterisk 20.8.1.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/20.8.1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 20.8.1

## Change Log for Release asterisk-20.8.1

### Links:

- [Full ChangeLog](...

asterisk release 21.3.1

Full Disclosure - 20 May, 2024 - 21:49

Posted by Asterisk Development Team via Fulldisclosure on May 20

The Asterisk Development Team would like to announce security release
Asterisk 21.3.1.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/21.3.1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 21.3.1

## Change Log for Release asterisk-21.3.1

### Links:

- [Full ChangeLog](...

asterisk release 18.23.1

Full Disclosure - 20 May, 2024 - 21:49

Posted by Asterisk Development Team via Fulldisclosure on May 20

The Asterisk Development Team would like to announce security release
Asterisk 18.23.1.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/18.23.1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 18.23.1

## Change Log for Release asterisk-18.23.1

### Links:

- [Full ChangeLog](...

CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package

Full Disclosure - 20 May, 2024 - 21:48

Posted by Andrea Intilangelo on May 20

CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package

Use CVE-2024-34058.

Additional info:

NethServer is an Open Source operating system for the Linux enthusiast, designed for small offices and medium
enterprises. From their website: "It's simple, secure and flexible" and "ready to deliver your messages, to protect
your network with the built-in firewall, share your files and much more,...
Syndicate content