Full Disclosure
Posted by Abraham Aranguren on May 17
Dear Full Disclosure friends,
We are pleased to let you know that OWASP OWTF 2.0a “Tikka Masala” has
been released!
Dedicated to the courage and hard work shown by all OWASP OWTF
contributors, especially the Indian ones!, the mentors, everybody that
gave us cool ideas, etc. to make this amazing release happen, to all of
you, thank you!
Some links:
– Handy redirect: http://owtf.org/
(takes you to:…
Posted by Nick Boyce on May 17
[mods: feel free to merge this with my previous post if it hasn’t hit
the list yet]
I should add dates: the 7zip V16.00 release is dated 10.May.2016, and
the Cisco Talis blog post is dated 11.May.2016.
Also affected versions are all below 16.00, not just 15.00 and prior.
Nick
Posted by Nick Boyce on May 17
Just karma whoring here, since I noticed the announcement and figured
the news needs to spread. Cisco Talis discovered a number of bugs in
7zip versions prior to 16.00, some of which lead to arbitrary code
execution when processing certain malformed archives:
Posted by Sebastian on May 17
Hey all,
I don’t think “pop up a full featured window on the client” is your
everyday phishing attack. This is easily exploited even for experienced
users, since this is definitely not what you’d expect to originate from
Skype (and for example Steam tends to annoy you with login popups
sometimes, i.e. when changing your IP).
So yes, we don’t need your average phishing attack, but this is surely a
vulnerability and…
Posted by Reindl Harald on May 17
Am 13.05.2016 um 17:30 schrieb Rio Sherri:
>
> sprintf (cmd, “/usr/bin/clamscan –no-summary %s”, argv[1]);
> The argv[1] parameter is passed unsanitized to a sprintf function
> which sends the formatted output to the cmd variable,
> which is later passed as a parameter to a run_cmd function on line 14
i don’t think so because the temp-files of mod-security to inspect
uploads are not controlled by the client…
Posted by Apple Product Security on May 17
APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update
2016-003
OS X El Capitan 10.11.5 and Security Update 2016-003 is now available
and addresses the following:
AMD
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1792 : beist and ABH of BoB
AMD…
Posted by Apple Product Security on May 17
APPLE-SA-2016-05-16-3 watchOS 2.2.1
watchOS 2.2.1 is now available and addresses the following:
CommonCrypto
Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition,
and Apple Watch Hermes
Impact: A malicious application may be able to leak sensitive user
information
Description: An issue existed in the handling of return values in
CCCrypt. This issue was addressed through improved key length
management.
CVE-ID
CVE-2016-1802 :…
Posted by Apple Product Security on May 17
APPLE-SA-2016-05-16-2 iOS 9.3.2
iOS 9.3.2 is now available and addresses the following:
Accessibility
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to determine kernel memory layout
Description: A buffer overflow was addressed through improved size
validation.
CVE-ID
CVE-2016-1790 : Rapelly Akhil
CFNetwork Proxies
Available for: iPhone 4s and later,
iPod touch…
Posted by Apple Product Security on May 17
APPLE-SA-2016-05-16-1 tvOS 9.2.1
tvOS 9.2.1 is now available and addresses the following:
CFNetwork Proxies
Available for: Apple TV (4th generation)
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An information leak existed in the handling of HTTP and
HTTPS requests. This issue was addressed through improved URL
handling.
CVE-ID
CVE-2016-1801 : Alex Chapman and Paul Stone of…
Posted by Apple Product Security on May 17
APPLE-SA-2016-05-16-6 iTunes 12.4
iTunes 12.4 is now available and addresses the following:
iTunes
Available for: Windows 7 and later
Impact: Running the iTunes installer in an untrusted directory may
have resulted in arbitrary code execution
Description: A dynamic library loading issue existed in iTunes
setup. This was addressed through improved path searching.
CVE-ID
CVE-2016-1742 : Stefan Kanthak and
YoKo Kho (yokoacc) of MII – Consulting…