Posted by Carlo Di Dato on Nov 25

http://shinnai.altervista.org/exploits/SH-0025-20161123.html

———————————————————————
UCanCode multiple vulnerabilities

Url: http://www.hmi-software.com/
http://www.ucancode.net/index.htm
http://www.ucancode.net/bbs/zhuce/login.htm

Description: Form vendor’s web page “UCanCode Software is a Market
Leading provider of HMI & SCADA, CAD, UML, GIS, Vector Graphics…

Posted by VMware Security Response Center on Nov 25

​​—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

– —————————————————————————
– —
VMware Security Advisory

Advisory ID: VMSA-2016-0022
Severity: Important
Synopsis: VMware product updates address information disclosure
vulnerabilities
Issue date: 2016-11-22
Updated on: 2016-11-22 (Initial Advisory)
CVE number: CVE-2016-7458, CVE-2016-7459,…

Posted by Matthias Deeg on Nov 25

Advisory ID: SYSS-2016-064
Product: M2B GSM Wireless Alarm System
Manufacturer: Multi Kon Trade
Affected Version(s): Unspecified
Tested Version(s): Unspecified
Vulnerability Type: Improper Restriction of Excessive Authentication
Attempts (CWE-307)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2016-07-05
Solution Date: –
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory:…

Posted by Matthias Deeg on Nov 25

Advisory ID: SYSS-2016-066
Product: M2B GSM Wireless Alarm System
Manufacturer: Multi Kon Trade
Affected Version(s): Unspecified
Tested Version(s): Unspecified
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-07-05
Solution Date: –
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory: Gerhard Klostermeier, SySS GmbH…

Posted by Matthias Deeg on Nov 25

Advisory ID: SYSS-2016-071
Product: Smart GSM Alarm SA 2500 Kit
Manufacturer: Blaupunkt
Affected Version(s): v1.0
Tested Version(s): v1.0
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-07-14
Solution Date: –
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory: Matthias Deeg (SySS GmbH)…

Posted by Matthias Deeg on Nov 25

Advisory ID: SYSS-2016-072
Product: Protect 9061
Manufacturer: Olympia
Affected Version(s): Article No. 5943 rev.03
Tested Version(s): Article No. 5943 rev.03
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Fixed
Manufacturer Notification: 2016-07-21
Solution Date: 2016-11-14
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory: Matthias Deeg (SySS GmbH)…

Posted by Matthias Deeg on Nov 25

Advisory ID: SYSS-2016-106
Product: EASY HOME Alarmanlagen-Set
Manufacturer: monolith GmbH
Affected Version(s): Model No. MAS-S01-09
Tested Version(s): Model No. MAS-S01-09
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-09-26
Solution Date: –
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory: Matthias Deeg (SySS GmbH)…

Posted by Matthias Deeg on Nov 25

Advisory ID: SYSS-2016-107
Product: EASY HOME Alarmanlagen-Set
Manufacturer: monolith GmbH
Affected Version(s): Model No. MAS-S01-09
Tested Version(s): Model No. MAS-S01-09
Vulnerability Type: Cryptographic Issues (CWE-310)
Risk Level: Low
Solution Status: Open
Manufacturer Notification: 2016-10-05
Solution Date: –
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory: Gerhard Klostermeier (SySS GmbH)…

Posted by Agazzini Maurizio on Nov 25

Security Advisory @ Mediaservice.net Srl
(#05, 23/11/2016) Data Security Division

Title: Red Hat JBoss EAP deserialization of untrusted data
Application: JBoss EAP 5.2.X and prior versions
Description: The application server deserializes untrusted data via
the JMX Invoker Servlet. This can lead to a DoS via
resource exhaustion and potentially remote code…

Posted by Curesec Research Team (CRT) on Nov 25

Content Table

1. Introduction
2. The Firmware
3. The Android Application
4. The Problems
5. Conclusion
6. Appendix
6.1. Excursion Dalvik
6.2 Control script

1. Introduction

The HS-110 is a Smart Plug meaning it is capable of being controlled with
commands via a network. TP-Link released a mobile application called “Kasa for
Mobile” for Android and iOS devices to control the Smart Plug. The
possibilities range from simple tasks like…