Posted by Nightwatch Cybersecurity Research on Nov 08

[Original at:
https://wwws.nightwatchcybersecurity.com/2016/11/07/crashing-android-devices-with-large-pac-files-cve-2016-6723/]

Summary

Android devices can be crashed forcing a halt and then a soft reboot
by downloading a large proxy auto config (PAC) file when adjusting the
Android networking settings. This can also be exploited by an MITM
attacker that can intercept and replace the PAC file. However, the bug
is mitigated by multiple factors…

Posted by Sanehdeep Singh on Nov 08

Overview
========

* Title : Cross Site Scripting Vulnerability In Verint Impact 360
* Author: Sanehdeep Singh
* Plugin Homepage: http://www.verint.com
* Severity: Medium
* Version Affected: 11.1
* Version patched: Patches available. Contact Vendor

Description
===========

About the Product
=================
Verint Impact 360 is a quality monitoring/call recording, workforce
management, performance management, and eLearning help optimize…

Posted by Pedro Ribeiro on Nov 08

tl;dr

A stack bof in several Dlink routers, which can be exploited by an
unauthenticated attacker in the LAN. There is no patch as Dlink did not
respond to CERT’s requests. As usual, a Metasploit module is in the
queue (see [9] below) and should hopefully be integrated soon.

The interesting thing about this vulnerability is that it affects both
ARM and MIPS devices, so exploitation is slightly different for each type.

Link to CERT’s…

Posted by Egidio Romano on Nov 07

—————————————————————
Piwik <= 2.16.0 (saveLayout) PHP Object Injection Vulnerability
—————————————————————

[-] Software Link:

https://piwik.org/

[-] Affected Versions:

Version 2.16.0 and prior versions.

[-] Vulnerability Description:

The vulnerability can be triggered through the saveLayout() method
defined in /plugins/Dashboard/Controller.php:

210….

Posted by Berend-Jan Wever on Nov 07

Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I’ve not released before. This is the fifth
entry in that series.

The below information is available in more detail on my blog at
http://blog.skylined.nl/20161107001.html. There you can find a repro
that triggered this issue in addition to the information below as well
as a Proof-of-Concept exploit.

Follow me on http://twitter.com/berendjanwever…

Posted by Román Ramírez on Nov 07

Hello all:

We have opened the Call for Papers for our upcoming event in Madrid, Spain.
RootedCON is the biggest security event in Spain and one of the biggest of
Europe.

Here you can find attached the text for the CFP (EN, for english speakers,
ES, for spanish ones), and you if you prefer to access directly to the
form, here you can find it:

In English:
https://www.rootedcon.com/cfp/cfp2017-en/

In Spanish:…

Posted by Felix Matei on Nov 07

Dear Community

By comparing the advisory of NextCloud and OwnCloud I figured out that OwnCloud has multiple not patched
vulnerabilities.

You can see list here it seems all patches missing from latest Nextcloud 10.0.1 release in OwnCloud:
https://nextcloud.com/security/advisories. This seems to include XSS vulns and more.

An example exploit for one of the vulns would look like that:
http://demo.owncloud.org/index.php/apps/gallery/#…

Posted by Klaus Tichmann on Nov 07

Advisory ID: SYSS-2016-085
Product: AOS
Manufacturer: Aruba Networks
Affected Version(s): 6.3.1.19
Tested Version(s): 6.3.1.19 on an RAP-3 router
Vulnerability Type: Improper Authentication
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2016-09-06
Solution Date: —
Public Disclosure: 2016-11-07
CVE Reference: Not yet assigned
Author of Advisory: Klaus Tichmann, SySS GmbH…

Posted by Vulnerability Lab on Nov 07

Document Title:
===============
Intel(R) HD Graphics 10 – Unquoted Path Privilege Escalation

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1981

Release Date:
=============
2016-11-02

Vulnerability Laboratory ID (VL-ID):
====================================
1981

Common Vulnerability Scoring System:
====================================
4.3

Product & Service Introduction:…

Posted by Vulnerability Lab on Nov 07

Document Title:
===============
Schoolhos CMS v2.29 – (kelas) Data Siswa SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1931

Release Date:
=============
2016-11-07

Vulnerability Laboratory ID (VL-ID):
====================================
1931

Common Vulnerability Scoring System:
====================================
6.7

Product & Service Introduction:…