Category Archives: Full Disclosure

Full Disclosure

Aleph Research: Attacking Nexus 9 with Malicious Headphones (CVE-2017-0510)

Posted by Roee Hay on Mar 14

Title:
Attacking Nexus 9 with Malicious Headphones

Identifier:
CVE-2017-0510

Severity:
Critical

Product:
Google Nexus 9

Vulnerable Version:
Android 7.1.1 N4F26Q and below

Mitigation:
Upgrade to build N4F26T (March 2017 Security patches).

Technical Details:
Nexus 9 (running build N4F26Q and below) allows unauthorized access to the FIQ debugger via its headphones jack, which
has the following impact:
1. It enables sensitive information…

CVE-2017-6805 MobaXterm Personal Edition v9.4 Directory Traversal File Disclosure

Posted by hyp3rlinx on Mar 14

[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/MOBAXTERM-TFTP-
PATH-TRAVERSAL-REMOTE-FILE-ACCESS.txt
[+] ISR: ApparitionSec

Vendor:
=====================
mobaxterm.mobatek.net

Product:
===============================
MobaXterm Personal Edition v9.4

Enhanced terminal for Windows with X11 server, tabbed SSH client, network
tools and much more.

Vulnerability…

KL-001-2017-004 : WatchGuard XTMv User Management Cross-Site Request Forgery

Posted by KoreLogic Disclosures on Mar 10

KL-001-2017-004 : WatchGuard XTMv User Management Cross-Site Request Forgery

Title: WatchGuard XTMv User Management Cross-Site Request Forgery
Advisory ID: KL-001-2017-004
Publication Date: 2017.03.10
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-004.txt

1. Vulnerability Details

Affected Vendor: WatchGuard
Affected Product: XTMv
Affected Version: v11.12 Build 516911
Platform: Embedded Linux…

DAVOSET v.1.3

Posted by MustLive on Mar 10

Hello participants of Mailing List.

Since announcement of DAVOSET in 2010 and after making its public release in
2013, I’ve made next update of the software. At 9th of March DAVOSET v.1.3
was released – DDoS attacks via other sites execution tool
(http://websecurity.com.ua/davoset/). On the anniversary of cyberwar
(http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2017-March/010839.html).

Video demonstration of DAVOSET:…

CVE-2017-6550: Kinsey Infor-Lawson – Multiple SQL Injections

Posted by Michael Benich on Mar 10

Summary: Kinsey’s Infor-Lawson application (formerly ESBUS) is vulnerable to SQL injection in at least two parameters:
————————————————————————
Vendor: Kinsey
————————————————————————
Software Link:
[](https://c4b.epson-biz.com/modules/community/index.php?content_id=50)http://www.kinsey.com/infor-lawson.html

Hardwear.io Call For Papers 2017 is open!

Posted by Yuliya Pliavaka on Mar 10

Dear Hackers and Security Gurus!

Greetings from hardwear.io Conference 2017!

We’re glad to announce that *hardwear.io <http://hardwear.io>* *2017 Call
For Papers* is now open! We are seeking innovative research on hardware
security. If you have done interesting research on attacks or mitigation on
any Hardware and want to showcase it to the security community, just submit
your research paper. Please find all the relevant details for the…

Multiple vulnerabilities discovered in dnaLIMS DNA sequencing web-application

Posted by Nicholas von Pechmann on Mar 10

Title: Multiple vulnerabilities discovered in dnaLIMS DNA sequencing
web-application
Advisory URL:
https://www.shorebreaksecurity.com/blog/product-security-advisory-psa0002-dnalims/
Date published: Mar 08, 2017
Vendor: dnaTools, Inc.
CVE IDs: [2017-6526, 2017-6527, 2017-6528, 2017-6529]
USCERT VU: 929263

Vulnerability Summaries
1) Improperly protected web shell [CVE-2017-6526]
dnaLIMS requires authentication to view cgi-bin/dna/sysAdmin.cgi,…

CVE-2017-6466 – Remote Code Execution under SYSTEM via MITM in F-Secure AV

Posted by Martin Kolárik on Mar 10

CVE-2017-6466 – Remote Code Execution under SYSTEM via MITM in F-Secure AV
————————————————————————–

Summary
——-
Title: Remote Code Execution under SYSTEM via MITM in F-Secure AV
CVE: CVE-2016-9892
Vendor: F-Secure
Product: All products that include the software updater component
(https://www.f-secure.com/en/web/business_global/software-updater)
Publication Date: 2017-03-08
Fix: Not available…

Bypassing Authentication on iball Baton Routers

Posted by Indrajith AN on Mar 10

Title:
====
iball Baton 150M Wireless router – Authentication Bypass

Credit:
======
Name: Indrajith.A.N
Website: https://www.indrajithan.com

CVE Details:
=========
CVE-2017-6558

Date:
====
07-03-2017

Vendor:
======
iball Envisioning the tremendous potential for innovative products required
by the ever evolving users in computing and digital world, iBall was
launched in September 2001 and which is one of the leading networking
company…