The Spiceworks TFTP Server, as distributed with Spiceworks Inventory 7.5, allows remote attackers to access the Spiceworks dataconfigurations directory by leveraging the unauthenticated nature of the TFTP service for all clients who can reach UDP port 69, as demonstrated by a WRQ (aka Write request) operation for a configuration file or an executable file.
Monthly Archives: April 2017
CVE-2017-7565
Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041.
CSRF/stored XSS in WordPress Firewall 2 allows unauthenticated attackers to do almost anything an admin can (WordPress plugin)
Posted by dxw Security on Apr 06
Details
================
Software: WordPress Firewall 2
Version: 1.3
Homepage: https://wordpress.org/plugins/wordpress-firewall-2/
Advisory report:
https://security.dxw.com/advisories/csrfstored-xss-in-wordpress-firewall-2-allows-unauthenticated-attackers-to-do-almost-anything-an-admin-can/
CVE: Awaiting assignment
CVSS: 5.8 (Medium; AV:N/AC:M/Au:N/C:P/I:P/A:N)
Description
================
CSRF/stored XSS in WordPress Firewall 2 allows…
APPLE-SA-2017-04-04-1 Apple Music 2.0 for Android
Posted by Apple Product Security on Apr 06
APPLE-SA-2017-04-04-1 Apple Music 2.0 for Android
Apple Music 2.0 for Android is now available and addresses the
following:
Apple Music
Available for: Android version 4.3 or later
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: A certificate validation issue existed in Apple Music
for Android. This issue was addressed through improved certificate
validation.
CVE-2017-2387: David…
Apple Music Android Application – MITM SSL Certificate Vulnerability (CVE-2017-2387)
Posted by David Coomber on Apr 06
Apple Music Android Application – MITM SSL Certificate Vulnerability
(CVE-2017-2387)
QNAP QTS multiple RCE vulnerabilities (CVE-2017-6361, CVE-2017-6360, CVE-2017-6359)
Posted by Harry Sintonen on Apr 06
QNAP QTS multiple RCE vulnerabilities
=====================================
The latest version of this advisory is available at:
https://sintonen.fi/advisories/qnap-qts-multiple-rce-vulnerabilities.txt
Overview
——–
QNAP QTS firmware contains multiple Command Injection (CWE-77)
vulnerabilities that can be exploited to gain remote command execution
on the devices.
Description
———–
QNAP QTS web user interface CGI binaries include…
Spiceworks 7.5 TFTP Improper Access Control File Overwrite / Upload
Posted by hyp3rlinx on Apr 06
[+] Credits: John Page AKA HYP3RLINX
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/SPICEWORKS-IMPROPER-ACCESS-CONTROL-FILE-OVERWRITE.txt
[+] ISR: APPARITIONSEC
Vendor:
==================
www.spiceworks.com
Product:
=================
Spiceworks – 7.5
Provides network inventory and monitoring of all the devices on the network
by discovering IP-addressable devices.
It can be configured to provide…
samba-4.4.13-1.fc24
Fix a nss_wins crash
—-
Security fix for CVE-2017-2619
CVE-2017-7192
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect management of the certValidated variable (it can be set to true but cannot be set to false).
CVE-2017-6968
GMV Checker ATM Security prior to 5.0.18 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka PT-2017-03.