BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 1 hour 56 min ago

CVE-2017-7192: Starscream library before 2.0.4 allows SSL pinning bypass

April 21, 2017 - 8:21am

Posted by Security Advisories on Apr 21

Product: Starscream websocket library
Severity: LOW
CVE Reference: CVE-2017-7192
Type: SSL Pinning bypass / Information disclosure

Abstract
--------

WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning
bypass because of incorrect management of the certValidated variable
(it can be set to true but cannot be set to false).

Description
-----------

The open-source Starscream library provides a SWIFT implementation of
the websocket...
Categories:

[SECURITY] [DSA 3831-1] firefox-esr security update

April 20, 2017 - 4:22am

Posted by Moritz Muehlenhoff on Apr 20

-------------------------------------------------------------------------
Debian Security Advisory DSA-3831-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
April 20, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : firefox-esr
CVE ID : CVE-2017-5429 CVE-2017-5432...
Categories:

[HITB-Announce] HITB GSEC 2017 CFP Closes April 30th

April 20, 2017 - 4:12am

Posted by Hafez Kamal on Apr 20

FINAL CALL!

CFP for the 3nd annual Hack In The Box GSEC conference in Singapore
closes on the 30th of April!

Call for Papers: http://gsec.hitb.org/cfp/
Event Website: http://gsec.hitb.org/sg2017/

HITB GSEC is a 2-day deep knowledge security conference where attendees
get to vote on the final agenda of talks and and to meet with the
speakers they voted for.

We are looking for 60-minute, offensive and defensive focused
deep-knowledge...
Categories:

October CMS v1.0.412 several vulnerabilities

April 20, 2017 - 4:00am

Posted by Anti Räis on Apr 20

October CMS v1.0.412 several vulnerabilities
############################################

Information
===========

Name: October CMS v1.0.412 (build 412)
Homepage: http://octobercms.com
Vulnerability: several issues, including PHP code execution
Prerequisites: attacker has to be authenticated user with media or asset
management permission
CVE: pending

Credit: Anti Räis
HTML version:...
Categories:

DefenseCode ThunderScan SAST Advisory: Ultimate Form Builder Cross-Site Scripting (XSS) Vulnerability

April 19, 2017 - 9:23am

Posted by DefenseCode on Apr 19

DefenseCode ThunderScan SAST Advisory
Ultimate Form Builder
Cross-Site Scripting (XSS) Vulnerability

Advisory ID: DC-2017-01-027
Software: Ultimate Form Builder WordPress plugin
Software Language: PHP
Version: Various
Vendor Status: Vendor contacted
Release Date: 20170419
Risk: Medium

# Advisory Overview

During the security audit, security vulnerability was discovered in
Ultimate Form Builder...
Categories:

CVE-2017-7220. OpenText Documentum Content Server: privilege evaluation using crafted RPC save-commands.

April 19, 2017 - 9:11am

Posted by Andrey B. Panfilov on Apr 19

CVE Identifier: CVE-2017-7220
Vendor: OpenText
Affected products: OpenText Documentum Content Server (all versions)
Researcher: Andrey B. Panfilov
Severity Rating: CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Fix: not available
PoC:

https://gist.github.com/andreybpanfilov/d8792484e13971982c0719ae59ab8c7c
https://gist.github.com/andreybpanfilov/e0e60ae9d525a34cca04eb4c89a21e04

Description:

Initially this vulnerability was...
Categories:

CVE-2017-7692: Squirrelmail 1.4.22 Remote Code Execution

April 19, 2017 - 8:58am

Posted by Filippo Cavallarin on Apr 19

Advisory ID: SGMA17-001
Title: Squirrelmail Remote Code Execution
Product: Squirrelmail
Version: 1.4.22 and probably prior
Vendor: squirrelmail.org
Type: Command Injection
Risk level: 4 / 5
Credit: filippo.cavallarin () wearesegment com
CVE: CVE-2017-7692
Vendor notification: 2017-04-04
Vendor fix: N/A...
Categories:

[slackware-security] minicom (SSA:2017-108-01)

April 19, 2017 - 8:10am

Posted by Slackware Security Team on Apr 19

[slackware-security] minicom (SSA:2017-108-01)

New minicom packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/minicom-2.7.1-i586-1_slack14.2.txz: Upgraded.
Fix an out of bounds data access that can lead to remote code execution.
This issue was found by Solar Designer of Openwall...
Categories:

CVE-2017-7615 Mantis Bug Tracker v1.3.0 / 2.3.0 Pre-Auth Remote Password Reset

April 18, 2017 - 2:29pm

Posted by hyp3rlinx on Apr 18

[+] Credits: John Page a.k.a hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/MANTIS-BUG-TRACKER-PRE-AUTH-REMOTE-PASSWORD-RESET.txt
[+] ISR: ApparitionSec

Vendor:
================
www.mantisbt.org

Product:
==================
Mantis Bug Tracker
v1.3.0 / 2.3.0

MantisBT is a popular free web-based bug tracking system. It is written in PHP works with MySQL, MS SQL, and PostgreSQL...
Categories:

[CVE-2017-5661] Apache XML Graphics FOP information disclosure vulnerability

April 18, 2017 - 2:19pm

Posted by Simon Steiner on Apr 18

CVE-2017-5661:
Apache XML Graphics FOP information disclosure vulnerability

Severity:
Medium

Vendor:
The Apache Software Foundation

Versions Affected:
FOP 1.0 - 2.1

Description:
Files lying on the filesystem of the server which uses batik can
be revealed to arbitrary users who send maliciously formed SVG
files. The file types that can be shown depend on the user context
in which...
Categories:

[ANNOUNCE] HPACK Bomb Attack vulnerability in ATS - CVE-2016-5396

April 18, 2017 - 2:11pm

Posted by Bryan Call on Apr 18

There is a vulnerability in ATS with the HPACK Bomb Attack that can lead to a DoS. Versions 6.0.0 to 6.2.0 are
affected. Please upgrade to ATS 6.2.1 or 7.0.0.

Downloads:
https://trafficserver.apache.org/downloads

Jira Ticket:
ttps://issues.apache.org/jira/browse/TS-5019

CVE
https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-5396

-Bryan
Categories:

Watchguard Fireware XXE DoS & User Enumeration

April 17, 2017 - 8:07am

Posted by David Fernandez on Apr 17

Watchguard’s Firebox and XTM are a series of enterprise grade network
security appliances providing advanced security services like next
generation firewall, intrusion prevention, malware detection and
blockage and others. Two vulnerabilities were discovered affecting the
XML-RPC interface of the Web UI used to manage Fireware, the operating
system running on Watchguard Firebox and XTM appliances. To exploit
any of the flaws discovered, no...
Categories: