[FD] SSD Advisory – GitStack Unauthenticated Remote Code Execution

SSD Advisory – GitStack Unauthenticated Remote Code Execution Write-up: https://blogs.securiteam.com/index.php/archives/3557 Vulnerability Summary The following advisory describes an unauthenticated action that allows a remote attacker to add a user to GitStack and then used to trigger an unauth

[FD] beVX Security Conference - Call For Papers / Workshops

engineering *Trainers benefits* Three nights of accommodation Flight (Up to 2,000$ USD - Coach) Trainers fee - 10,000$ USD Speakers party *Submission* 1 day training - must be in English E-mail for submission: s...@beyondsecurity.com -- Thanks Maor Shwartz Beyond Security GPG Key ID

[FD] SSD Advisory – D-Link DSL-6850U Multiple Vulnerabilities

a BusyBox shell -- Thanks Maor Shwartz Beyond Security GPG Key ID: 6D273779F52A9FC2 ___ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/

[FD] SSD Advisory – Trustwave SWG Unauthorized Access

SSD Advisory – Trustwave SWG Unauthorized Access https://blogs.securiteam.com/index.php/archives/3550 Vulnerability Summary The following advisory describes an unauthorized access vulnerability that allows an unauthenticated user to add their own SSH key to a remote Trustwave SWG version 11.8.0.2

[FD] SSD Advisory – ZTE ZXDSL Configuration Reset

Successful exploitation of this vulnerability enables a remote unauthenticated user to restart the configuration of the device. -- Thanks Maor Shwartz Beyond Security GPG Key ID: 6D273779F52A9FC2 SSD Advisory – ZTE ZXDSL Configuration Reset.pdf Description: Adobe PDF document

[FD] SSD Advisory – HPE Baseline Smart Gig SFP 24 Switch Pre-authentication Stored XSS

determined that the product is out of support life. It’s been this way for several years. We hoped we could communicate something to customers about the product, but this switch is truly not supported in that way either.” -- Thanks Maor Shwartz Beyond Security GPG Key ID: 93CC36E2DE7FF514 SSD Advisory

[FD] SSD Advisory – Microsoft Office SMB Information Disclosure

e PoC requires a user to disable their security, specifically the Protected View, stating that they trust the source. As such, this email thread has been closed and will no longer be monitored.” -- Thanks Maor Shwartz Beyond Security GPG Key ID: 93CC36E2DE7FF514 SSD Advisory – Microsoft Office S

[FD] SSD Advisory – FiberHome Directory Traversal

eported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor response We tried to contact FiberHome since September 6 2017, repeated attempts to establish contact went unanswered. At this time there is no solution or workaround for the vulnerability. -- Thanks Maor Sh

[FD] SSD Advisory – ZTE uSmartView DLL Hijacking

tacker can place the pcacli.dll and cause command execution as the current user (usually admin). -- Thanks Maor Shwartz Beyond Security GPG Key ID: 93CC36E2DE7FF514 ___ Sent through the Full Disclosure mailing list https://nmap.org/mailman/li

[FD] SSD Advisory – Vacron NVR Remote Command Execution

. -- Thanks Maor Shwartz Beyond Security GPG Key ID: 93CC36E2DE7FF514 SSD Advisory – Vacron NVR Remote Command Execution – SecuriTeam Blogs.pdf Description: Adobe PDF document ___ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo

[FD] SSD Advisory – Tiandy IP cameras Sensitive Information Disclosure

Security’s SecuriTeam Secure Disclosure program. Vendor response We tried to contact Tiandy starting from August 16 2017, repeated attempts to establish contact went unanswered. At this time there is no solution or workaround for this vulnerability. -- Thanks Maor Shwartz Beyond Security GPG Key ID

[FD] SSD Advisory – Horde Groupware Unauthorized File Download

users, you also need to exactly know the file name and path that you want to download. Finally, this only works on certain backends, where Horde alone is responsible for authentication, i.e. it won’t work with backends that require explicit authentication.” -- Thanks Maor Shwartz Beyond Security GPG

[FD] SSD Advisory – NEXXT Authentication Bypass

tried to contact NEXXT since August 17 2017, repeated attempts to establish contact went unanswered. At this time there is no solution or workaround for these vulnerabilities. -- Thanks Maor Shwartz Beyond Security GPG Key ID: 93CC36E2DE7FF514 SSD Advisory – NEXXT Authentication Bypass – SecuriTeam

[FD] SSD Advisory – Polycom Memory Disclosure

bility “We discovered that the vulnerability you reported is not only present in SoundStation IP phones but also in several other products that use UCS software like VVX phones and Trio phones. As a result we fixed 5 streams of code instead of just one.” CVE: CVE-2017-12857 -- Thanks Maor Shwartz Beyon

[FD] Hack2Win – Code Blue 3rd Edition

is not allowed to anyone working for one of the vendors, or is involved in development of the above devices. -- Thanks Maor Shwartz Beyond Security GPG Key ID: 93CC36E2DE7FF514 ___ Sent through the Full Disclosure mailing list https://nmap.org/mailman

[FD] SSD Advisory – Geneko Routers Unauthenticated Path Traversal

on the 7th of June 2017. We have no further updates from Geneko regarding the availability of a patch or a workaround for the vulnerability. -- Thanks Maor Shwartz GPG Key ID: 93CC36E2DE7FF514 SSD Advisory – Geneko Routers Unauthenticated Path Traversal – SecuriTeam Blogs.pdf Description: Adobe

[FD] SSD Advisory – EMC IsilonSD Edge Command Injection

received from them was on the 30th of May 2017. We have no further updates from EMC regarding the availability of a patch or a workaround for the vulnerability. -- Thanks Maor Shwartz GPG Key ID: 93CC36E2DE7FF514 SSD Advisory – EMC IsilonSD Edge Command Injection – SecuriTeam Blogs.pdf

[FD] SSD Advisory – Odoo CRM Code Execution

. Vendor response Odoo has done a private disclosure for the issue we reported, and the patch was merged in all supported branches. The full public disclosure will be available at https://github.com/odoo/odoo/issues/17898. The full write-up is attached -- Thanks Maor Shwartz GPG Key ID

[FD] https://blogs.securiteam.com/index.php/archives/3171

/ Due to the complexity and the use of screenshots of the vulnerability we recommend you to read the full article on our blog - https://blogs.securiteam.com/index.php/archives/3171 -- -- Thanks Maor Shwartz GPG Key ID: 93CC36E2DE7FF514 ___ Sent through

[FD] SSD Advisory – Serviio Media Server Multiple Vulnerabilities

31 32 33 34 35 36 37 38 39 private Map createWindowsRuntimeEnvironmentVariables() { HashMap newEnv = new HashMap(); newEnv.putAll(System.getenv()); ProcessExecutorParameter[] -- -- Thanks Maor Shwartz GPG Key ID: 93CC36E2DE7FF514

[FD] SSD Advisory – HPE OpenCall Media Platform (OCMP) Multiple Vulnerabilities

Link: https://blogs.securiteam.com/index.php/archives/3087 SSD Advisory – HPE OpenCall Media Platform (OCMP) Multiple Vulnerabilities Want to get paid for a vulnerability similar to this one? Contact us at: s...@beyondsecurity.com Vulnerabilities Summary The following advisory describes Reflecte

[FD] SSD Advisory – Ubuntu LightDM Guest Account Local Privilege Escalation

echo "[!] run me from /var/tmp/kodek" exit fi stage1local.sh × 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 #!/bin/bash if [ "${PWD}" == "/var/tmp/kodek" ]; then /usr/bin/killall -9 /var/tmp/boc >/dev/null 2>&1 /usr/bin/killall -9 boc >/dev/null 2

[FD] SSD Advisory – Horde Groupware Webmail Multiple Remote Code Execution Vulnerabilities

do the same with attack_touch.eml (in the end of this blog) file (import it and click on the new mail) and check /tmp folder: attack_touch.eml Date: Fri, 04 Nov 2016 16:04:19 + Message-ID: <20161104160419.horde.hpyobg_3-4qs-nuzwuje...@ubvm.mydomain.com> From: Donald Trump To: someu...@m