Posted by Sparc Flow on Jan 30

Hello List,

As a way of giving back to the community, I want to share an ebook about pentesting and ethical hacking. You can have
it for free here :
https://www.amazon.com/dp/B01MTDLGQQ

It illustrates a (fictitious) full hacking scenario: from creating a malicious file in a phishing campaign, all the way
to exfiltrating data from a Mainframe (while knocking off some windows domains along the way).
I obviously could not do it without the great…

Posted by Russell Sanford on Jan 30

Critical Start security expert Russell Sanford discovered and reported two critical zero-day vulnerabilities in the
Sophos Web Appliance in December of 2016. The vulnerabilities, documented under CVE-2016-9553, allow the remote
compromise of the appliance’s underlining Linux subsystem. The vulnerabilities have now been patched in the January
2017 4.3.1 release of the appliance line.

Here is a summary of the two vulnerabilities documented…

Posted by Pedro Ribeiro on Jan 30

An update on this post:

MITRE has provided me with CVE numbers.
CVE-2016-10175 for #1 (information disclosure)
CVE-2016-10176 for #2 (improper access control)
CVE-2016-10174 for #3 (stack buffer overflow)

In addition, NETGEAR has recognised the flaw and released beta firmware
that is supposed to fix this vulnerability. This claim was NOT verified.
The beta firmware can be downloaded from:…

Posted by Jens Müller on Jan 30

TL;DR: In the scope of academic research on printer security, various
vulnerabilities in network printers and MFPs have been discovered. This
is advisory 1 of 6 of the `Hacking Printers’ series. Each advisory
discusses multiple issues of the same category. This post is about
manipulating and obtaining documents printed by other users, which can
be accomplished by infecting the printer with PostScript malware. This
vulnerability has…

Posted by Jens Müller on Jan 30

TL;DR: In the scope of academic research on printer security, various
vulnerabilities in network printers and MFPs have been discovered. This
is advisory 2 of 6 of the `Hacking Printers’ series. Each advisory
discusses multiple issues of the same category. This post is about
accessing a printers file system through ordinary PostScript or PJL
based print jobs — since decades a documented feature of both
languages. The attack can be…

Posted by Jens Müller on Jan 30

TL;DR: In the scope of academic research on printer security, various
vulnerabilities in network printers and MFPs have been discovered. This
is advisory 5 of 6 of the `Hacking Printers’ series. Each advisory
discusses multiple issues of the same category. This post is about
resetting a printer to factory defaults through ordinary print jobs,
therefore bypassing all protection mechanisms like user-set passwords.
The attack can be performed…

Posted by Jens Müller on Jan 30

TL;DR: In the scope of academic research on printer security, various
vulnerabilities in network printers and MFPs have been discovered. This
is advisory 4 of 6 of the `Hacking Printers’ series. Each advisory
discusses multiple issues of the same category. This post is about
buffer overflows in the printer’s LPD daemon and PJL interpreter which
leads to denial of service or potentially even to code execution. The
attack can be…

Posted by Simon Bieber on Jan 30

Affected Products
Tested with
OPSI Server 4.0.7.26
OPSI ClientAgent 4.0.7.10-1
(older releases have not been tested)
According to the vendor all server instances that use a python-opsi version lower
than 4.0.7.28-4 are affected

References
https://www.secuvera.de/advisories/secuvera-SA-2017-01.txt (used for updates)
https://sourceforge.net/p/opsi/mailman/message/35609086/ (announcement by vendor
in german…

Posted by Black Arch on Jan 30

Dear list,

We’ve released the new BlackArch Linux ISOs along with many
improvements. They include more than 1620 tools now. The armv6h,
armv7h and aarch64 repositories are filled with about 1550 tools.

A short ChangeLog of the Live-ISOs:

– add 20 new tools
– update blackarch installer to 0.3.2 (bugfixes)
– fix shadow permissions (thx to ldionmarcil)
– fix f*cking ruby tools (wpscan, metasploit, etc.)
– include linux kernel…

Posted by Daniel Busch on Jan 30

________________________________

Hi Folks,

We will have a Security BSides in Hannover again this year, date march 19th.

CFP is open and runs until march 10th ->

Please the website bsideshannover.de for more details !

Kindly note our new Twitter account: @BSides_HN_2017

On behalf of the BSides Hannover Team,

Daniel