Hack Talk
Oh my God! They killed Kenny! Home | Gitweb | Status | IRC

Tue, 25 Apr 2017 14:16:47 +0200

[slackware-security] mozilla-firefox (SSA:2017-114-01)
    25 Apr 2017 | 13:11 from Bugtraq

Posted by Slackware Security Team on Apr 25

[slackware-security] mozilla-firefox (SSA:2017-114-01)

New mozilla-firefox packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-52.1.0esr-i586-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...

[SECURITY] [DSA 3833-1] libav security update
    25 Apr 2017 | 12:57 from Bugtraq

Posted by Moritz Muehlenhoff on Apr 25

-------------------------------------------------------------------------
Debian Security Advisory DSA-3833-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
April 24, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libav
CVE ID : CVE-2016-9821 CVE-2016-9822

Several...

KL-001-2017-009 : Solarwinds LEM Database Listener with Hardcoded Credentials
    25 Apr 2017 | 12:48 from Bugtraq

Posted by KoreLogic Disclosures on Apr 25

KL-001-2017-009 : Solarwinds LEM Database Listener with Hardcoded Credentials

Title: Solarwinds LEM Database Listener with Hardcoded Credentials
Advisory ID: KL-001-2017-009
Publication Date: 2017.04.24
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-009.txt

1. Vulnerability Details

Affected Vendor: Solarwinds
Affected Product: Log and Event Manager Virtual Appliance
Affected Version: v6.3.1...

KL-001-2017-008 : Solarwinds LEM Management Shell Arbitrary File Read
    25 Apr 2017 | 12:38 from Bugtraq

Posted by KoreLogic Disclosures on Apr 25

KL-001-2017-008 : Solarwinds LEM Management Shell Arbitrary File Read

Title: Solarwinds LEM Management Shell Arbitrary File Read
Advisory ID: KL-001-2017-008
Publication Date: 2017.04.24
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-008.txt

1. Vulnerability Details

Affected Vendor: Solarwinds
Affected Product: Log and Event Manager Virtual Appliance
Affected Version: v6.3.1
Platform: Embedded...

KL-001-2017-007 : Solarwinds LEM Management Shell Escape via Command Injection
    25 Apr 2017 | 12:27 from Bugtraq

Posted by KoreLogic Disclosures on Apr 25

KL-001-2017-007 : Solarwinds LEM Management Shell Escape via Command Injection

Title: Solarwinds LEM Management Shell Escape via Command Injection
Advisory ID: KL-001-2017-007
Publication Date: 2017.04.24
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-007.txt

1. Vulnerability Details

Affected Vendor: Solarwinds
Affected Product: Log and Event Manager Virtual Appliance
Affected Version: v6.3.1...

KL-001-2017-006 : Solarwinds LEM Privilege Escalation via Sudo Script Abuse
    25 Apr 2017 | 12:18 from Bugtraq

Posted by KoreLogic Disclosures on Apr 25

KL-001-2017-006 : Solarwinds LEM Privilege Escalation via Sudo Script Abuse

Title: Solarwinds LEM Privilege Escalation via Sudo Script Abuse
Advisory ID: KL-001-2017-006
Publication Date: 2017.04.24
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-006.txt

1. Vulnerability Details

Affected Vendor: Solarwinds
Affected Product: Log and Event Manager Virtual Appliance
Affected Version: v6.3.1...

KL-001-2017-005 : Solarwinds LEM Privilege Escalation via Controlled Sudo Path
    25 Apr 2017 | 12:07 from Bugtraq

Posted by KoreLogic Disclosures on Apr 25

KL-001-2017-005 : Solarwinds LEM Privilege Escalation via Controlled Sudo Path

Title: Solarwinds LEM Privilege Escalation via Controlled Sudo Path
Advisory ID: KL-001-2017-005
Publication Date: 2017.04.24
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-005.txt

1. Vulnerability Details

Affected Vendor: Solarwinds
Affected Product: Log and Event Manager Virtual Appliance
Affected Version: v6.3.1...

CVE-2017-7221. OpenText Documentum Content Server: arbitrary code execution in dm_bp_transition.ebs docbase method
    25 Apr 2017 | 11:57 from Bugtraq

Posted by Andrey B. Panfilov on Apr 25

CVE Identifier: CVE-2017-7221
Vendor: OpenText
Affected products: OpenText Documentum Content Server (all versions)
Researcher: Andrey B. Panfilov
Severity Rating: CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Fix: not available
PoC: https://gist.github.com/andreybpanfilov/0a4fdfad561e59317a720e702b0fec44

Description:

Initially this vulnerability was discovered in 2013 and was tracked by CERT/CC as VRF#HUFPRMOP
(...

Re: CVE-2017-7692: Squirrelmail 1.4.22 Remote Code Execution
    25 Apr 2017 | 11:46 from Bugtraq

Posted by Dawid Golunski on Apr 25

Hi Filippo,

I received a reply from MITRE regarding which CVE to use in this
situation. Here is the reply I received:

'CVE-2017-7692 is now correct.

CVE-2017-5181 is no longer a valid ID number according to our
http://cve.mitre.org/cve/cna/CNA_Rules_v1.1.pdf policy. We fully
recognize that you made an earlier report of the discovery, but we
need to use the CVE ID number that first appears in a public
disclosure. '

So I can confirm...

[slackware-security] ntp (SSA:2017-112-02)
    25 Apr 2017 | 11:32 from Bugtraq

Posted by Slackware Security Team on Apr 25

[slackware-security] ntp (SSA:2017-112-02)

New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/ntp-4.2.8p10-i586-1_slack14.2.txz: Upgraded.
In addition to bug fixes and enhancements, this release fixes security
issues of medium and low severity:
Denial of Service via...

[slackware-security] mozilla-firefox (SSA:2017-112-01)
    25 Apr 2017 | 11:21 from Bugtraq

Posted by Slackware Security Team on Apr 25

[slackware-security] mozilla-firefox (SSA:2017-112-01)

New mozilla-firefox packages are available for Slackware 14.1 to
fix security and stability issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-45.9.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
Also, switching back to the 45.x ESR branch due to instabilty of the...

[slackware-security] proftpd (SSA:2017-112-03)
    25 Apr 2017 | 11:07 from Bugtraq

Posted by Slackware Security Team on Apr 25

[slackware-security] proftpd (SSA:2017-112-03)

New proftpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/proftpd-1.3.5e-i586-1_slack14.2.txz: Upgraded.
This release fixes a security issue:
AllowChrootSymlinks off does not check entire DefaultRoot path for symlinks.
For...

Authentication bypass vulnerability in Western Digital My Cloud allows escalation to admin privileges
    25 Apr 2017 | 09:21 from Bugtraq

Posted by Securify B.V. on Apr 25

------------------------------------------------------------------------
Authentication bypass vulnerability in Western Digital My Cloud allows
escalation to admin privileges
------------------------------------------------------------------------
Remco Vermeulen, April 2017

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
It was discovered...

CVE-2017-5887: Starscream library before 2.0.4 SSL pinning not applied for websocket handshake
    25 Apr 2017 | 09:13 from Bugtraq

Posted by Security Advisories on Apr 25

Product: Starscream websocket library
Severity: LOW
CVE Reference: CVE-2017-5887
Type: SSL Pinning bypass

Abstract
--------

WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning
bypass because pinning occurs in the stream function (this is too
late; pinning should occur in the initStreamsWithData function).

Description
-----------

The open-source Starscream library provides a SWIFT implementation of
the websocket framework. It...

Get your GNU on at the GNU Hackers' Meeting in Hessen, Germany
    24 Apr 2017 | 17:46 from FSF's blog

Do you hack on GNU packages—or are you just interested in GNU? Now is the time to register for the GNU Hackers' Meeting in Hessen, Germany, August 24-27, 2017.


CVE-2017-7192: Starscream library before 2.0.4 allows SSL pinning bypass
    21 Apr 2017 | 15:21 from Bugtraq

Posted by Security Advisories on Apr 21

Product: Starscream websocket library
Severity: LOW
CVE Reference: CVE-2017-7192
Type: SSL Pinning bypass / Information disclosure

Abstract
--------

WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning
bypass because of incorrect management of the certValidated variable
(it can be set to true but cannot be set to false).

Description
-----------

The open-source Starscream library provides a SWIFT implementation of
the websocket...

[HITB-Announce] HITB GSEC 2017 CFP Closes April 30th
    19 Apr 2017 | 23:22 from Penetration Testing

Posted by Hafez Kamal on Apr 19

FINAL CALL!

CFP for the 3nd annual Hack In The Box GSEC conference in Singapore
closes on the 30th of April!

Call for Papers: http://gsec.hitb.org/cfp/
Event Website: http://gsec.hitb.org/sg2017/

HITB GSEC is a 2-day deep knowledge security conference where attendees
get to vote on the final agenda of talks and and to meet with the
speakers they voted for.

We are looking for 60-minute, offensive and defensive focused
deep-knowledge...

Friday Free Software Directory IRC meetup: April 21st starting at 12:00 p.m. EDT/16:00 UTC
    19 Apr 2017 | 21:25 from FSF's blog

Join the FSF and friends Friday, April 21st, from 12:00 p.m. to 3 p.m. EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory, with this week's theme of working on table top games in the Directory.


Free Software Directory meeting recap for April 14th, 2017
    18 Apr 2017 | 21:52 from FSF's blog

Check out the great work our volunteers accomplished at the last Free Software Directory meeting.


QB4ST: RDF Data Cube extensions for spatio-temporal components Note Published
    18 Apr 2017 | 19:50 from W3C News

The Spatial Data on the Web Working Group has published a Group Note of QB4ST: RDF Data Cube extensions for spatio-temporal components. This document describes an extension to the existing RDF Data Cube ontology to support specification of key metadata required to interpret spatio-temporal data. The RDF Data Cube defines CodedProperties, which relate to a […]