Category Archives: Full Disclosure

Full Disclosure

ChromeOS / ChromeBooks Persist Certain Network Settings in Guest Mode

Posted by Nightwatch Cybersecurity Research on Apr 11

[Original post can be found here:
https://wwws.nightwatchcybersecurity.com/2017/04/09/advisory-chromeos-chromebooks-persist-certain-network-settings-in-guest-mode/]

SUMMARY

Certain network settings in ChromeOS / ChromeBooks persists between
reboots when set in guest mode. These issues have been reported to the
vendor but will not be fixed since the vendor considers them to be WAI
(Working As Intended). These attacks require physical access to…

[SYSS-2015-036] Password Safe and Repository Enterprise v7.4.4 – Violation of Secure Design Principles (CWE-657)

Posted by Matthias Deeg on Apr 11

Advisory ID: SYSS-2015-036
Product(s): Password Safe and Repository Enterprise
Manufacturer: MATESO GmbH
Affected Version(s): 7.4.4 Build 2247
Tested Version(s): 7.4.4 Build 2247
Vulnerability Type: Credentials Management (CWE-255)
Violation of Secure Design Principles (CWE-657)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2015-07-09
Solution Date: 2016-10-18
Public Disclosure: 2017-04-10
CVE Reference:…

[SYSS-2015-035] Password Safe and Repository Enterprise v7.4.4 – SQL Injection (CWE-89)

Posted by Matthias Deeg on Apr 11

Advisory ID: SYSS-2015-035
Product(s): Password Safe and Repository Enterprise
Manufacturer: MATESO GmbH
Affected Version(s): 7.4.4 Build 2247
Tested Version(s): 7.4.4 Build 2247
Vulnerability Type: Violation of Secure Design Principles (CWE-657)
SQL Injection (CWE-89)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2015-07-09
Solution Date: 2016-10-18
Public Disclosure: 2017-04-10
CVE Reference: Not yet…

SSD Advisory – Horde Groupware Webmail Multiple Remote Code Execution Vulnerabilities

Posted by Maor Shwartz on Apr 11

This is a sample of a clear signed message.

—–BEGIN PGP SIGNATURE—–
Version: 2.6.2

iQCVAwUBMoSCcM4T3nOFCCzVAQF4aAP/eaP2nssHHDTHyPBSjgwyzryguwBd2szF
U5IFy5JfU+PAa6NV6m/UWW8IKczNX2cmaKQNgubwl3w0odFQPUS+nZ9myo5QtRZh
DztuhjzJMEzwtm8KTKBnF/LJ9X05pSQUvoHfLZ/waJdVt4E/xfEs90l8DT1HDdIz
CvynscaD+wA=
=Xb9n
—–END PGP SIGNATURE—–

attack_whoami.eml

Date: Fri, 04 Nov 2016 16:04:19 +0000
Message-ID:…

CVE-2017-7643 Local root privesc in Proxifier for Mac <= 2.18

Posted by Mark Wadham on Apr 11

Proxifier 2.18 (also 2.17 and possibly some earlier version) ships with
a KLoader binary which it installs suid root the first time Proxifier is
run. This binary serves a single purpose which is to load and unload
Proxifier’s kernel extension.

Unfortunately it does this by taking the first parameter passed to it on
the commandline without any sanitisation and feeding it straight into
system().

This means not only can you load any…

CVE Request:XSS Injection in Email MyCode (MyBB <1.8.11)

Posted by Wester 95 on Apr 11

Hi team,

I would like to request one CVE for this vulnerability, thank you!

#################################

Description:
============

product:MyBB
Homepage:https://mybb.com/
vulnerable version:<1.8.11
Severity:High risk

===============

Proof of Concept:

=============

1.post a thread or reply any thread ,write:

[email=2″onmouseover=”alert(document.location)]hover me[/email]

then when user’s mouse hover it,XSS attack…

CVE Request:Directory Traversal in smilie module(MyBB <1.8.11)

Posted by Wester 95 on Apr 11

Hi team,

I would like to request one CVE for this vulnerability, thank you!

#################################

Description:

============

product:MyBB

Homepage:https://mybb.com/

vulnerable version:<1.8.11

Severity:Low risk

===============

Proof of Concept:

=============

vulnerability address:http://127.0.0.1/mybb_1810/Upload/admin/index.php?module=config-smilies&action=add_multiple

vulnerability file…

Moxa MX AOPC-Server v1.5 XML External Entity

Posted by hyp3rlinx on Apr 11

[+] Credits: John Page AKA HYP3RLINX
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MOXA-MX-AOPC-SERVER-v1.5-XML-EXTERNAL-ENTITY.txt
[+] ISR: ApparitionSec

Vendor:
============
www.moxa.com

Product:
=======================
MX-AOPC UA SERVER – 1.5

Moxa’s MX-AOPC UA Suite is the first OPC UA server for industrial
automation supporting both push and pull communication.

Vulnerability Type:…

CVE-2017-7456 MXview v2.8 Denial Of Service

Posted by hyp3rlinx on Apr 11

[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MOXA-MXVIEW-v2.8-DENIAL-OF-SERVICE.txt
[+] ISR: ApparitionSec

Vendor:
============
www.moxa.com

Product:
===========
MXView v2.8

Download:
http://www.moxa.com/product/MXstudio.htm

MXview Industrial Network Management Software.

Auto discovery of network devices and physical connections
Event playback for quick…