Hack Talk
:(){ :|:& };: Home | Gitweb | Status | IRC

Sun, 14 Feb 2016 08:58:28 +0100

You did it! The fundraiser was a success -- are you ready for what's next?
    12 Feb 2016 | 20:50 from FSF's blog

You did it: thanks to your generous support, the Free Software Foundation raised $452,000 in its winter fundraiser. Thank you.


Encryption: probably better than a box of chocolates
    12 Feb 2016 | 16:50 from FSF's blog

Roses are red, violets are blue; I use free software to encrypt my online communication and you can too.


HD Video Player v2.5 iOS - Multiple Web Vulnerabilities
    12 Feb 2016 | 12:13 from Bugtraq

Posted by Vulnerability Lab on Feb 12

Document Title:
===============
HD Video Player v2.5 iOS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1719

Release Date:
=============
2016-02-11

Vulnerability Laboratory ID (VL-ID):
====================================
1719

Common Vulnerability Scoring System:
====================================
7.3

Product & Service Introduction:...

CVE-2015-0061 and CVE-2015-0063 (MS16-009/MS16-011)
    12 Feb 2016 | 10:36 from Bugtraq

Posted by Berend-Jan Wever on Feb 12

Hello everyone,

I've recently released examples on twitter of how to trigger two
security vulnerabilities in Microsoft Internet Explorer. These issue
were discovered last year and reported to Microsoft through ZDI.
Microsoft release security updates to address these issues last Tuesday.

CVE-2016-0061:
https://twitter.com/berendjanwever/status/697819335574843394

CVE-2016-0063:
https://twitter.com/berendjanwever/status/697818121835581441...

[slackware-security] mozilla-firefox (SSA:2016-042-01)
    12 Feb 2016 | 07:18 from Bugtraq

Posted by Slackware Security Team on Feb 11

[slackware-security] mozilla-firefox (SSA:2016-042-01)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-38.6.1esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...

[SECURITY] [DSA 3473-1] nginx security update
    12 Feb 2016 | 07:12 from Bugtraq

Posted by Salvatore Bonaccorso on Feb 11

-------------------------------------------------------------------------
Debian Security Advisory DSA-3473-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 11, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : nginx
CVE ID : CVE-2016-0742 CVE-2016-0746...

Re: [oss-security] HTTPS Only (Open Source, Python)
    12 Feb 2016 | 07:02 from Bugtraq

Posted by P J P on Feb 11

+-- On Thu, 11 Feb 2016, David Leo wrote --+
| If browser tries to access HTTP address,
| you will have three options:
| try HTTPS,
| Google Cache,
| or copy-and-paste the address.
|
| There is no option to "temporarily bypass HTTPS Only".
| You can always do that in another browser.
|
| Project Home Page:
| https://httpsonly.github.io/

Browsers too are moving there:
->...

Re: OLE DB Provider for Oracle multiple DLL side loading vulnerabilities
    12 Feb 2016 | 06:55 from Bugtraq

Posted by Securify B.V. on Feb 11

Hi Stefan,

Thank you for your insight and you are absolutely right. If I can force
*any* application in loading the affected object, that application may
be subject to DLL hijacking. Office is just an attack vector here.

The point is that a DOCX is somewhat trusted (if we ignore the whole
macro thing). If I can trick someone to open a malicious VBS/JS/HTA it
is basically game over.

In case of a DOCX I can put it on a network share. If a...

Duplicator Wordpress Plugin - Source Code And Database Dump Via CSRF Vulnerability
    11 Feb 2016 | 07:28 from Bugtraq

Posted by Ratio Sec on Feb 10

-----------------------------------------------------------------------------------------------
RatioSec Research Security Advisory RS-2016-002
-----------------------------------------------------------------------------------------------

Duplicator Wordpress Plugin Code And Database Dump Via CSRF Vulnerability
-----------------------------------------------------------------------------------------------

Product: Duplicator WordPress Plugin...

Re: [FD] [CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox
    11 Feb 2016 | 07:21 from Bugtraq

Posted by Jason Hellenthal on Feb 10

In 2019 you say huh. Damn future tellers !!! I need to get one of those !!!

Re: OLE DB Provider for Oracle multiple DLL side loading vulnerabilities
    11 Feb 2016 | 07:13 from Bugtraq

Posted by Securify B.V. on Feb 10

------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
Microsoft released MS16-014 that fixes this vulnerability.

MapsUpdateTask Task DLL side loading vulnerability
    11 Feb 2016 | 07:07 from Bugtraq

Posted by Securify B.V. on Feb 10

------------------------------------------------------------------------
MapsUpdateTask Task DLL side loading vulnerability
------------------------------------------------------------------------
Yorick Koster, November 2015

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A DLL side loading vulnerability was found in the MapsUpdateTask...

BDA MPEG2 Transport Information Filter DLL side loading vulnerability
    11 Feb 2016 | 06:59 from Bugtraq

Posted by Securify B.V. on Feb 10

------------------------------------------------------------------------
BDA MPEG2 Transport Information Filter DLL side loading vulnerability
------------------------------------------------------------------------
Yorick Koster, September 2015

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A DLL side loading vulnerability was found in...

NPS Datastore server DLL side loading vulnerability
    11 Feb 2016 | 06:52 from Bugtraq

Posted by Securify B.V. on Feb 10

------------------------------------------------------------------------
NPS Datastore server DLL side loading vulnerability
------------------------------------------------------------------------
Yorick Koster, September 2015

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A DLL side loading vulnerability was found in the NPS Datastore...

Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability
    10 Feb 2016 | 18:56 from Bugtraq

Posted by Cisco Systems Product Security Incident Response Team on Feb 10

Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability

Advisory ID: cisco-sa-20160210-asa-ike

Revision 1.0

For Public Release 2016 February 10 16:00 GMT (UTC)

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software
could allow an unauthenticated, remote...

Remote Code Execution in Exponent
    10 Feb 2016 | 14:38 from Bugtraq

Posted by High-Tech Bridge Security Research on Feb 10

Advisory ID: HTB23290
Product: Exponent
Vendor: http://www.exponentcms.org/
Vulnerable Version(s): 2.3.7 and probably prior
Tested Version: 2.3.7
Advisory Publication: January 13, 2016 [without technical details]
Vendor Notification: January 13, 2016
Vendor Patch: January 23, 2016
Public Disclosure: February 3, 2016
Vulnerability Type: Code Injection [CWE-94]
CVE Reference: CVE-2016-2242
Risk Level: Critical
CVSSv3 Base Score: 10...

Apache Sling Framework v2.3.6 - Information Disclosure Vulnerability
    10 Feb 2016 | 14:30 from Bugtraq

Posted by Vulnerability Lab on Feb 10

Document Title:
===============
Apache Sling Framework v2.3.6 - Information Disclosure Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1536

Adobe Bulletin: https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0956

Vulnerability Magazine:...

Confused by license compatibility? A new article by Richard Stallman may help
    09 Feb 2016 | 19:00 from FSF's blog

Richard Stallman published a new licensing guide on gnu.org regarding license compatibility and relicensing.


Arachni Framework v1.4 & WebUI v0.5.10 have been released (Web Application Security Scanner)
    09 Feb 2016 | 04:31 from Penetration Testing

Posted by Tasos Laskos on Feb 08

Hey folks,

There's a new version of Arachni, a modular and high-performance Web Application Security Scanner Framework.

The highlights of this release are:

* Massive performance improvements (approx. 5 times faster browser operations,
much reduced less RAM and CPU usage).
* Significantly improved coverage via better support for JS effects and event delegation tracking.
* Brand new REST API for easy integration.
* Native support for MS...

Newly Fired CEO Of Norse Fires Back At Critics
    05 Feb 2016 | 12:37 from Info Security News

Posted by InfoSec News on Feb 05

http://www.darkreading.com/threat-intelligence/newly-fired-ceo-of-norse-fires-back-at-critics-/d/d-id/1324195

By Jai Vijayan
DarkReading.com
2/4/2016

Critics maintain that Norse Corp. is peddling threat data as threat
intelligence.

A massive and potentially company-ending shakeup at security vendor Norse
Corp. in recent weeks amid controversy over its practices may be a signal
that the threat intelligence industry is finally maturing....