Full Disclosure
Posted by Timothy D. Morgan on Feb 21
Overview
Recently, an vulnerability in Java’s FTP URL handling code has been published which allows for protocol stream
injection. It has been shown[1] that this flaw could be used to leverage existing XXE or SSRF vulnerabilities to send
unauthorized email from Java applications via the SMTP protocol. While technically interesting, the full impact of this
protocol stream injection has not been fully accounted for in existing public…
Posted by Ian Ling on Feb 21
[+] Credits: Ian Ling
[+] Website: iancaling.com
[+] Source: http://blog.iancaling.com/post/155127766533
Vendor:
=================
https://www.siklu.com/
Product:
======================
-Siklu EtherHaul (EH-*)
Vulnerability Details:
=====================
Siklu EtherHaul devices are vulnerable to an unauthenticated remote command
execution (RCE) vulnerability. This vulnerability allows an attacker to
execute commands and retrieve information…
Posted by cfpmontreal2017 on Feb 21
+
-6)) + +
+
+ + +
+
__u/__
. – ., _ ‘
‘
▀▄ ▄▀
+…
Posted by Kroppoloe on Feb 21
# Exploit Title: NETGEAR Firmware DGN2200v1/v2/v3/v4 NON-ADMIN AUTHENTICATED RCE
# Date: 2017-02-18
# Exploit Author: SivertPL
# Vendor Homepage: http://netgear.com/
# Software Link:
http://www.downloads.netgear.com/files/GDC/DGN2200/DGN2200%20Firmware%20Version%201.0.0.20%20-%20Initial%20Release%20(NA).zip
# Version: 10.0.0.20 (initial) – 10.0.0.50 (latest, still 0-day!)
# Tested on: DGN2200v1,v2,v3,v4
There’s a pretty nice command…
Posted by Apple Product Security on Feb 21
APPLE-SA-2017-02-21-2 Logic Pro X 10.3.1
Logic Pro X 10.3.1 is now available and addresses the following:
Projects
Available for: OS X Yosemite v10.10 or later (64 bit)
Impact: Opening a maliciously crafted GarageBand Project file may
lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2017-2374: Tyler Bohan of Cisco Talos
Installation note:
Logic Pro X may be obtained…
Posted by Apple Product Security on Feb 21
APPLE-SA-2017-02-21-1 GarageBand 10.1.6
GarageBand 10.1.6 is now available and addresses the following:
Projects
Available for: OS X Yosemite v10.10 or later
Impact: Opening a maliciously crafted GarageBand Project file may
lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2017-2374: Tyler Bohan of Cisco Talos
Installation note:
GarageBand may be obtained from the Mac…
Posted by hyp3rlinx on Feb 21
[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/PHPSHELL-v2.4-CROSS-SITE-SCRIPTING.txt
[+] ISR: ApparitionSec
Vendor:
==========
sourceforge.net/projects/phpshell/
phpshell.sourceforge.net/
Product:
=============
PHPShell v2.4
Vulnerability Type:
====================
Cross Site Scripting
CVE Reference:
==============
N/A
Security Issue:
================…
Posted by hyp3rlinx on Feb 21
[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/PHPSHELL-v2.4-SESSION-FIXATION.txt
[+] ISR: ApparitionSec
Vendor:
==================================
sourceforge.net/projects/phpshell/
phpshell.sourceforge.net/
Product:
==============
PHPShell v2.4
Vulnerability Type:
===================
Session Fixation
CVE Reference:
==============
N/A
Security Issue:…
Posted by hyp3rlinx on Feb 21
[+] Credits: John Page AKA Hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/SAWMILL-PASS-THE-HASH-AUTHENTICATION-BYPASS.txt
[+] ISR: ApparitionSec
Vendor:
===============
www.sawmill.net
Product:
========================
Sawmill Enterprise v8.7.9
sawmill8.7.9.4_x86_windows.exe
hash: b7ec7bc98c42c4908dfc50450b4521d0
Sawmill is a powerful heirarchical log analysis tool that runs on every…
Posted by Vulnerability Lab on Feb 20
Document Title:
===============
Album Lock v4.0 iOS – Directory Traversal Vulnerability
References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2033
Release Date:
=============
2017-02-20
Vulnerability Laboratory ID (VL-ID):
====================================
2033
Common Vulnerability Scoring System:
====================================
7.2
Product & Service Introduction:…