Hack Talk
Because life and the Internet are mutually exclusive Home | Gitweb | Status | IRC

Fri, 29 Apr 2016 15:59:54 +0200

[SECURITY] [DSA 3561-1] subversion security update
    29 Apr 2016 | 15:44 from Bugtraq

Posted by Salvatore Bonaccorso on Apr 29

-------------------------------------------------------------------------
Debian Security Advisory DSA-3561-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
April 29, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : subversion
CVE ID : CVE-2016-2167 CVE-2016-2168...

SQL Injection in GLPI
    29 Apr 2016 | 12:54 from Bugtraq

Posted by High-Tech Bridge Security Research on Apr 29

Advisory ID: HTB23301
Product: GLPI
Vendor: INDEPNET
Vulnerable Version(s): 0.90.2 and probably prior
Tested Version: 0.90.2
Advisory Publication: April 8, 2016 [without technical details]
Vendor Notification: April 8, 2016
Vendor Patch: April 11, 2016
Public Disclosure: April 29, 2016
Vulnerability Type: SQL Injection [CWE-89]
Risk Level: High
CVSSv3 Base Score: 7.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L]
Solution Status: Fixed by...

Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability
    29 Apr 2016 | 12:43 from Bugtraq

Posted by Vulnerability Lab on Apr 29

Document Title:
===============
Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1839

Release Date:
=============
2016-04-29

Vulnerability Laboratory ID (VL-ID):
====================================
1839

Common Vulnerability Scoring System:
====================================
3.3

Product & Service Introduction:...

Mozilla doesn't care for upstream security fixes, and doesn't bother to send own security fixes upstream
    29 Apr 2016 | 08:34 from Bugtraq

Posted by Stefan Kanthak on Apr 28

Hi @ll

despite better knowledge and MULTIPLE bug/vulnerability reports
(see <https://bugzilla.mozilla.org/show_bug.cgi?id=811557>,
<https://bugzilla.mozilla.org/show_bug.cgi?id=809373>,
<https://bugzilla.mozilla.org/show_bug.cgi?id=579593>, ...)
Mozilla continues to ship Firefox and Thunderbird for Windows with
a vulnerable executable installer.

Proof of concept/demonstration:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1. visit <...

[security bulletin] HPSBUX03583 SSRT110084 rev.1 - HP-UX BIND Service running Named, Remote Denial of Service (DoS)
    29 Apr 2016 | 08:24 from Bugtraq

Posted by security-alert on Apr 28

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05087821

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05087821
Version: 1

HPSBUX03583 SSRT110084 rev.1 - HP-UX BIND Service running Named, Remote
Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...

Friday Free Software Directory IRC meetup: April 29th
    28 Apr 2016 | 22:20 from FSF's blog

Join the FSF and friends every Friday to help improve the Free Software Directory by adding new entries and updating existing ones.


CVE-2016-3078: php: integer overflow in ZipArchive::getFrom*
    28 Apr 2016 | 14:35 from Bugtraq

Posted by Hans Jerry Illikainen on Apr 28

Details
=======

An integer wrap may occur in PHP 7.x before version 7.0.6 when reading
zip files with the getFromIndex() and getFromName() methods of
ZipArchive, resulting in a heap overflow.

php-7.0.5/ext/zip/php_zip.c
,----
| 2679 static void php_zip_get_from(INTERNAL_FUNCTION_PARAMETERS, int type) /* {{{ */
| 2680 {
| ....
| 2684 struct zip_stat sb;
| ....
| 2689 zend_long len = 0;
| ....
| 2692 zend_string *buffer;
| ....
| 2702...

[SECURITY] [DSA 3560-1] php5 security update
    28 Apr 2016 | 07:54 from Bugtraq

Posted by Salvatore Bonaccorso on Apr 27

-------------------------------------------------------------------------
Debian Security Advisory DSA-3560-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
April 27, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : php5
CVE ID : CVE-2015-8865 CVE-2016-4070...

CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS
    28 Apr 2016 | 07:47 from Bugtraq

Posted by Tony Homer on Apr 27

CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS

Severity:
High

Vendor:
The Apache Software Foundation

Versions Affected:
cordova-ios 3.9.1 and below

Description:
Apache Cordova iOS contains 2 methods to bypass the URL access
restrictions provided by the whitelist. An attacker can use any of the
2 methods to load malicious resources in an app that uses a whitelist
to only load trusted resources.

Upgrade path:
Developers...

Re: [ERPSCAN-16-005] SAP HANA hdbxsengine JSON – DoS vulnerability
    28 Apr 2016 | 07:40 from Bugtraq

Posted by Mahmut Firuz Dumlupinar - Vendor on Apr 27



CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS
    28 Apr 2016 | 07:31 from Bugtraq

Posted by Tony Homer on Apr 27

CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS

Severity:
High

Vendor:
The Apache Software Foundation

Versions Affected:
cordova-ios 3.9.1 and below

Description:
Apache Cordova iOS contains 2 methods to bypass the URL access
restrictions provided by the whitelist. An attacker can use any of the
2 methods to load malicious resources in an app that uses a whitelist
to only load trusted resources.

Upgrade path:
Developers...

CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS
    28 Apr 2016 | 07:23 from Bugtraq

Posted by Tony Homer on Apr 27

CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS

Severity:
High

Vendor:
The Apache Software Foundation

Versions Affected:
cordova-ios 3.9.1 and below

Description:
An arbitrary plugin can be executed when a user clicks on a link.

Upgrade path:
Developers who are concerned about this issue should install version
4.0.0 or higher of the cordova-ios platform.

Credit:
This issue was discovered by Muneaki Nishimura...

[SECURITY] [DSA 3559-1] iceweasel security update
    27 Apr 2016 | 20:32 from Bugtraq

Posted by Moritz Muehlenhoff on Apr 27

-------------------------------------------------------------------------
Debian Security Advisory DSA-3559-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
April 27, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : iceweasel
CVE ID : CVE-2016-2805 CVE-2016-2807...

EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection
    27 Apr 2016 | 17:30 from Bugtraq

Posted by Securify B.V. on Apr 27

------------------------------------------------------------------------
EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection
------------------------------------------------------------------------
Han Sahin, November 2014

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
It was discovered that EMC M&R (Watch4net) does not...

Oracle Discoverer Viewer BI - Open Redirect Vulnerability
    27 Apr 2016 | 14:55 from Bugtraq

Posted by Vulnerability Lab on Apr 27

Document Title:
===============
Oracle Discoverer Viewer BI - Open Redirect Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1667

Oracle ID: S0666670

Release Date:
=============
2016-04-26

Vulnerability Laboratory ID (VL-ID):
====================================
1667

Common Vulnerability Scoring System:
====================================
2.8

Product & Service Introduction:...

[slackware-security] mozilla-firefox (SSA:2016-117-01)
    27 Apr 2016 | 10:31 from Bugtraq

Posted by Slackware Security Team on Apr 27

[slackware-security] mozilla-firefox (SSA:2016-117-01)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-38.8.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...

W3C Invites Implementations of Tracking Compliance and Scope
    26 Apr 2016 | 15:47 from W3C News

The Tracking Protection Working Group invites implementation of the Candidate Recommendation of Tracking Compliance and Scope. Do Not Track is designed to provide users with a simple mechanism to express a preference to allow or limit online tracking. Complying with the user’s preference includes limits on the collection, retention and use of data collected as […]


First Public Working Draft of Payment Request API Specifications
    21 Apr 2016 | 16:19 from W3C News

The Web Payments Working Group has published First Public Working Drafts of the following specifications. These are the first of a suite of specifications to make payments on the Web easier and more secure. Payment Request API, which describes a web API to allow merchants (i.e., web sites selling physical or digital goods) to easily […]


TTML Profiles for Internet Media Subtitles and Captions 1.0 (IMSC1) is a W3C Recommendation
    21 Apr 2016 | 16:13 from W3C News

The Timed Text Working Group has published a W3C Recommendation of TTML Profiles for Internet Media Subtitles and Captions 1.0 (IMSC1). This document specifies two profiles of TTML1: a text-only profile and an image-only profile. These profiles are intended to be used across subtitle and caption delivery applications worldwide, thereby simplifying interoperability, consistent rendering and […]


Friday Free Software Directory IRC meetup: April 22nd
    20 Apr 2016 | 17:10 from FSF's blog

Join the FSF and friends every Friday to help improve the Free Software Directory by adding new entries and updating existing ones.