Posted by Reindl Harald on May 17

Am 13.05.2016 um 17:30 schrieb Rio Sherri:

>
> sprintf (cmd, “/usr/bin/clamscan –no-summary %s”, argv[1]);
> The argv[1] parameter is passed unsanitized to a sprintf function
> which sends the formatted output to the cmd variable,
> which is later passed as a parameter to a run_cmd function on line 14

i don’t think so because the temp-files of mod-security to inspect
uploads are not controlled by the client…

Posted by Sebastian on May 17

Hey all,

I don’t think “pop up a full featured window on the client” is your
everyday phishing attack. This is easily exploited even for experienced
users, since this is definitely not what you’d expect to originate from
Skype (and for example Steam tends to annoy you with login popups
sometimes, i.e. when changing your IP).

So yes, we don’t need your average phishing attack, but this is surely a
vulnerability and…

Posted by Nick Boyce on May 17

Just karma whoring here, since I noticed the announcement and figured
the news needs to spread. Cisco Talis discovered a number of bugs in
7zip versions prior to 16.00, some of which lead to arbitrary code
execution when processing certain malformed archives:

http://www.zdnet.com/article/severe-7-zip-vulnerabilities-cause-top-security-software-tools-patch-panic/#ftag=RSSbaffb68…

Posted by Nick Boyce on May 17

[mods: feel free to merge this with my previous post if it hasn’t hit
the list yet]

I should add dates: the 7zip V16.00 release is dated 10.May.2016, and
the Cisco Talis blog post is dated 11.May.2016.

Also affected versions are all below 16.00, not just 15.00 and prior.

Nick

Posted by Abraham Aranguren on May 17

Dear Full Disclosure friends,

We are pleased to let you know that OWASP OWTF 2.0a “Tikka Masala” has
been released!
Dedicated to the courage and hard work shown by all OWASP OWTF
contributors, especially the Indian ones!, the mentors, everybody that
gave us cool ideas, etc. to make this amazing release happen, to all of
you, thank you!

Some links:
– Handy redirect: http://owtf.org/
(takes you to:…

Posted by Karn Ganeshen on May 17

[ICS] Meteocontrol WEB’log Multiple Vulnerabilities

*About MeteoControl WEB’log*

Meteocontrol is a Germany-based company that maintains offices in several
countries around the world, including the US, China, Italy, Spain, France,
Switzerland, and Israel.

The affected products, WEB’log, are web-based SCADA systems that provide
functions to manage energy and power configurations in different connected
(energy/industrial) devices….

Posted by Etnies on May 17

Title: WSO2 SOA Enablement Server – Reflected Cross-Site Scripting
Authors: Jakub Pałaczyński, Łukasz Juszczyk
Date: 08. April 2016

Affected Software:
=============

WSO2 SOA Enablement Server for Java/6.6 build SSJ-6.6-20090827-1616
Probably other versions are also vulnerable.

Proof of Concept:
============

PoC works only in IE browser – path is reflected in the response and needs
to be long enough to bypass IE’s 404 page…

Posted by Apple Product Security on May 17

APPLE-SA-2016-05-16-1 tvOS 9.2.1

tvOS 9.2.1 is now available and addresses the following:

CFNetwork Proxies
Available for: Apple TV (4th generation)
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An information leak existed in the handling of HTTP and
HTTPS requests. This issue was addressed through improved URL
handling.
CVE-ID
CVE-2016-1801 : Alex Chapman and Paul Stone of…

Posted by Apple Product Security on May 17

APPLE-SA-2016-05-16-2 iOS 9.3.2

iOS 9.3.2 is now available and addresses the following:

Accessibility
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to determine kernel memory layout
Description: A buffer overflow was addressed through improved size
validation.
CVE-ID
CVE-2016-1790 : Rapelly Akhil

CFNetwork Proxies
Available for: iPhone 4s and later,
iPod touch…