Posted by Brandon Perry on Aug 16

I actually ended up finding this vuln in a different vector (in the profileIdx2 parameter)….

Posted by 1n3 on Aug 16

Which version of Zabbix? 3.0.3?

-1N3

Posted by Brandon Perry on Aug 16

Right, it’s the same vuln, just in different places. It was fixed in 3.0.4.

Posted by Reggie Dodd on Aug 16

[TITLE]
Taser Axon Dock (Body-Worn Camera Docking Station) v3.1 – Authentication
Bypass

[CREDITS & AUTHORS]
Reginald Dodd
https://www.linkedin.com/in/reginalddodd

[VENDOR & PRODUCT]
Taser International Inc.
Axon Dock – Body-Worn Camera Docking Station
https://www.axon.io/products/dock

[SUMMARY]
The Axon Dock is the camera docking station component of Taser’s body-worn
camera system. It charges body-worn cameras and automatically…

Posted by Sebastian Michel on Aug 16

Hey Guys,

im not sure if this is a new point. But i´m thinking about a possible security hole by design
which exists at maybe many (german) cable providers.

German cable providers like Unitymedia/Kabel Deutschland provides u a Fritzbox or any other
Cable-Router for internet access. As you know, this routers have a mac-address on every
Interface like on wifi, ethernet and so on.

By default, the Wifi-SSID is public available. The SSID gives you…

Posted by Stefan Kanthak on Aug 16

Hi @ll,

JRT.exe (see <https://en.malwarebytes.com/junkwareremovaltool/>)

1. is vulnerable to DLL hijacking:
see <https://cwe.mitre.org/data/definitions/426.html>
and <https://cwe.mitre.org/data/definitions/427.html> for
these WELL-KNOWN and WELL-DOCUMENTED beginner’s errors;

2. creates an unsafe directory “%TEMP%jrt”:
see <https://cwe.mitre.org/data/definitions/377.html>
and <…

Posted by crashenator on Aug 16

CERT ID – VU#520504 (pending since 2015)
Product – php-gettext
Company – Danilo Segan
Name – php-gettext php code execution
Versions – <1.0.12
Patched – 11/11/2015
Ref: https://launchpad.net/php-gettext/trunk/1.0.12
Vulnerability – “code injection into the ngettext family of calls:
evaluating the plural form formula can execute arbitrary code if number
is passed unsanitized from the untrusted user.”
Description –
In 1.0.11 and…

Posted by Andrew Klaus on Aug 16

### Device Details
Vendor: Actiontec (Telus Branded, but may work on others)
Model: T2200H (but likely affecting other similar models of theirs)
Affected Firmware: T2200H-31.128L.03
Device Manual:
http://static.telus.com/common/cms/files/internet/telus_t2200h_user_manual.pdf

Reported: November 2015
Status: Fixed on newly pushed firmware version
CVE: Not needed since update is pushed by the provider.

The Telus Actiontec T2200H is Telus’…