Posted by Hanz Jenson on Aug 12
While auditing the Teamspeak 3 server I’ve discovered several 0-day
vulnerabilities which I’ll describe in detail in this advisory. They exist in
the newest version of the server, version 3.0.13.
I found 10 vulnerabilities. Some of these are critical and allow remote code
execution. For the average user, that means that these vulnerabilities can be
exploited by a malicious attacker in order to take over any Teamspeak server,
not only…
Posted by Ddanchev on Aug 12
Hi, everyone,
As, of, today, my, blog – http://ddanchev.blogspot.com is going, private, and, I, decided, to, let, everyone, know, on,
how, to, request, access, to, continue, to, maintain, access, to, the, blog.
[http://ddanchev.blogspot.com/2016/08/ddanchevs-blog-going-private-request.html](http://ddanchev.blogspot.de/2016/08/ddanchevs-blog-going-private-request.html)
Looking forward to receiving your response.
Let me know.
Thanks,
Dancho
Posted by dxw Security on Aug 12
Details
================
Software: Advanced Custom Fields: Table Field
Version: 1.1.12
Homepage: https://wordpress.org/plugins/advanced-custom-fields-table-field/
Advisory report:
https://security.dxw.com/advisories/xss-in-advanced-custom-fields-table-field-could-allow-authenticated-users-to-do-almost-anything-an-admin-user-can/
CVE: Awaiting assignment
CVSS: 4.9 (Medium; AV:N/AC:M/Au:S/C:P/I:P/A:N)
Description
================
Stored XSS in…
Posted by Pedro Ribeiro on Aug 12
tl;dr
RCE, file download, weak encryption and user impersonation, all of which
can be exploited by an unauthenticated attacker in WebNMS Framework 5.2
and 5.2 SP1.
A special thanks to Beyond Security and their SSD program, which helped
disclose the vulnerabilities. See their advisory at
https://blogs.securiteam.com/index.php/archives/2712
My full advisory can be seen below, and a copy can be obtained at the
github repo…
Posted by Dawid Golunski on Aug 12
vBulletin
CVE-2016-6483
vBulletin software is affected by a SSRF vulnerability that allows
unauthenticated remote attackers to access internal services (such as mail
servers, memcached, couchDB, zabbix etc.) running on the server
hosting vBulletin as well as services on other servers on the local
network that are accessible from the target.
The following versions are affected:
vBulletin <= 5.2.2
vBulletin <= 4.2.3
vBulletin <=…
Zabbix version 3.0.3 suffers from a remote SQL injection vulnerability.
ColoradoFTP version 1.3 Prime Edition (Build 8) suffers from a directory traversal vulnerability.
Posted by Stefan Kanthak on Aug 12
Hi @ll,
the “Windows 10 Upgrade Assistant” Windows10Upgrade*.exe,
available via <http://go.microsoft.com/fwlink/?LinkId=822783> on
<https://www.microsoft.com/en-us/accessibility/windows10upgrade>,
via <http://go.microsoft.com/fwlink/?LinkId=821403> on
<https://support.microsoft.com/en-us/help/12387/windows-10-update-history>,
and on <https://www.microsoft.com/en-us/software-download/windows10>,
1. is…
Posted by Stefan Kanthak on Aug 12
Hi @ll,
several of Microsoft’s Sysinternals utilities extract executables
to %TEMP% and run them from there; the extracted executables are
vulnerable to DLL hijacking, allowing arbitrary code execution in
every user account and escalation of privilege in “protected
administrator” accounts [*].
* CoreInfo.exe:
extracts on x64 an embedded CoreInfo64.exe to %TEMP% which loads
%TEMP%VERSION.DLL (on Windows Vista and newer)…
QuickerBB version 0.7.0 suffers from a cross site scripting vulnerability.