Full Disclosure
Posted by Onapsis Research on Oct 11
Onapsis Security Advisory ONAPSIS-2016-002: SAP UCON Security Protection bypass
1. Impact on Business
=====================
By exploiting this vulnerability, an attacker could bypass protections implemented in the SAP systems, potentially
executing arbitrary business processes.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/22/2016
– Last Revised: 09/22/2016
– Security Advisory ID:…
Posted by Rob Thomas on Oct 11
The impression I get from Tim Pham’s emails is that the ‘Unify Manager’ is doing some behind-the-scenes tunnelling, and
bringing the Mongo interface from the server to the client (Eg, Mac or Windows device) and you are then able to connect
to localhost (on the client) which tunnels through to the server.
However, after much searching, I am unable to locate this application. Googling insinuates that it is this (unreleased)…
Posted by Rio Sherri on Oct 11
# Title : Billion Router 7700NR4 Remote Root Command Execution
# Date : 06/10/2016
# Author : R-73eN
# Tested on: Billion Router 7700NR4
# Vendor : http://www.billion.com/
# Vulnerability Description:
# This router is a widely used here in Albania. It is given by a telecom
provider to the home and bussiness users.
# The problem is that this router has hardcoded credentials which “can not
be changed” by a normal user. Using these
#…
Posted by Blue Frost Security Research Lab on Oct 11
Posted by Mark Thomas on Oct 11
CVE-2016-6808 Apache Tomcat JK ISAPI Connector buffer overflow
Severity: Moderate
Vendor: The Apache Software Foundation
Versions Affected:
– Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.41
Description
The IIS/ISAPI specific code implements special handling when a virtual
host is present. The virtual host name and the URI are concatenated to
create a virtual host mapping rule. The length checks prior to writing
to the target buffer for this…
Posted by VMware Security Response Center on Oct 06
?—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
– ——————————————————————————
VMware Security Advisory
Advisory ID: VMSA-2016-0015
Severity: Important
Synopsis: VMware Horizon View updates address directory traversal
vulnerability
Issue date: 2016-10-06
Updated on: 2016-10-06 (Initial Advisory)
CVE number: CVE-2016-7087
1. Summary
VMware Horizon…
Posted by Egidio Romano on Oct 06
————————————————————————————
Symantec Web Gateway <= 5.2.2 (new_whitelist.php) OS Command Injection
Vulnerability
————————————————————————————
[-] Software Link:
[-] Affected Versions:
Version 5.1.1.24, 5.2.1.80 and 5.2.2.118. Other versions might be affected.
[-] Vulnerability Description:
The…
Posted by Vulnerability Lab on Oct 06
Document Title:
===============
RealEstate CMS 3.00.50 – Cross Site Scripting Vulnerability
References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1949
Release Date:
=============
2016-10-06
Vulnerability Laboratory ID (VL-ID):
====================================
1949
Common Vulnerability Scoring System:
====================================
3
Product & Service Introduction:…
Posted by KoreLogic Disclosures on Oct 05
KL-001-2016-007 : Cisco Firepower Threat Management Console Remote Command
Execution Leading to Root Access
Title: Cisco Firepower Threat Management Console Remote Command Execution
Leading to Root Access
Advisory ID: KL-001-2016-007
Publication Date: 2016.10.05
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-007.txt
1. Vulnerability Details
Affected Vendor: Cisco
Affected Product: Firepower Threat…
Posted by KoreLogic Disclosures on Oct 05
KL-001-2016-006 : Cisco Firepower Threat Management Console Local File Inclusion
Title: Cisco Firepower Threat Management Console Local File Inclusion
Advisory ID: KL-001-2016-006
Publication Date: 2016.10.05
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-006.txt
1. Vulnerability Details
Affected Vendor: Cisco
Affected Product: Firepower Threat Management Console
Affected Version: Cisco Fire Linux OS…