Full Disclosure

A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.

Posted by SEC Consult Vulnerability Lab on Aug 22

You owe me € 10

Posted by SEC Consult Vulnerability Lab on Aug 21

SEC Consult Vulnerability Lab Security Advisory < 20190821-0 >
=======================================================================
title: Unauthenticated sensitive information leakage
product: Zoho Corporation ManageEngine ServiceDesk Plus
vulnerable version: v10 <10509
fixed version: v10 >=10509
CVE number: CVE-2019-15045, CVE-2019-15046
impact: Critical
homepage:…

No cON Name 2019 Congress CFP

16 August 2019, 5:18 pm

Posted by sqlsec— via Fulldisclosure on Aug 16

No cON Name 2019 Congress
Call For Papers https://www.noconname.org/call-for-papers/
INTRODUCTIONThe organization has opened CFP. Our goal is to get highly  qualifiedrequests  for both, speaker
opportunities, as well as workshops, to show in  oneof  the most  respected hacker conferences in  Barcelona and Spain,
NcN (No cONName).We will be accepting exclusively technical  presentations, proof of concept for,private 
investigations …

Posted by Apple Product Security via Fulldisclosure on Aug 16

APPLE-SA-2019-08-13-5 SwiftNIO HTTP/2 1.5.0

SwiftNIO HTTP/2 1.5.0 is now available and addresses the following:

SwiftNIO HTTP/2
Available for: SwiftNIO HTTP/2 1.0.0 through 1.4.0 on
macOS Sierra 10.12 and later and Ubuntu 14.04 and later
Impact: A HTTP/2 server may consume unbounded amounts of memory when
receiving certain traffic patterns and eventually suffer resource
exhaustion
Description: This issue was addressed with improved buffer size…

Posted by Apple Product Security via Fulldisclosure on Aug 16

APPLE-SA-2019-8-13-4 Additional information for
APPLE-SA-2019-7-22-5 tvOS 12.4

tvOS 12.4 addresses the following:

Bluetooth
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic (Key Negotiation of Bluetooth – KNOB)
Description: An input validation issue existed in Bluetooth. This
issue was addressed with improved input validation.
CVE-2019-9506: Daniele…

Posted by Apple Product Security via Fulldisclosure on Aug 16

APPLE-SA-2019-8-13-3 Additional information for
APPLE-SA-2019-7-22-4 watchOS 5.3

watchOS 5.3 addresses the following:

Bluetooth
Available for: Apple Watch Series 1 and later
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic (Key Negotiation of Bluetooth – KNOB)
Description: An input validation issue existed in Bluetooth. This
issue was addressed with improved input validation.
CVE-2019-9506: Daniele…

Posted by Apple Product Security via Fulldisclosure on Aug 16

APPLE-SA-2019-8-13-2 Additional information for
APPLE-SA-2019-7-22-1 iOS 12.4

iOS 12.4 addresses the following:

Bluetooth
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic (Key Negotiation of Bluetooth – KNOB)
Description: An input validation issue existed in Bluetooth. This
issue was addressed with…

Posted by Apple Product Security via Fulldisclosure on Aug 16

APPLE-SA-2019-8-13-1 Additional information for
APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update
2019-004 High Sierra, Security Update 2019-004 Sierra

macOS Mojave 10.14.6, Security Update 2019-004 High Sierra,
Security Update 2019-004 Sierra address the
following:

AppleGraphicsControl
Available for: macOS Mojave 10.14.5
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with…

Posted by Open-Xchange GmbH via Fulldisclosure on Aug 16

Dear subscribers,

we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs (appsuite, dovecot, powerdns) at HackerOne.

Yours sincerely,
Martin Heiland, Open-Xchange GmbH

Product: OX Guard
Vendor: OX Software GmbH

Internal reference: 65132 (Bug ID)
Vulnerability type: Cross-Site Scripting (CWE-80)
Vulnerable version:…

Posted by Open-Xchange GmbH via Fulldisclosure on Aug 16

Dear subscribers,

we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs (appsuite, dovecot, powerdns) at HackerOne.

Yours sincerely,
Martin Heiland, Open-Xchange GmbH

Product: OX App Suite
Vendor: OX Software GmbH

Internal reference: 64680 (Bug ID)
Vulnerability type: Content Spoofing (CWE-451)
Vulnerable version:…

Posted by John Doe on Aug 13

So generally when you create a docker container, you specify what network
you want to create it on right? Well due to historical reasons if you don't
the container is created on the default "bridge0" network.

This network doesn't have service discovery in the proper sense. To have
containers talk to each other by name you need to "link" them, in the
legacy docker sense. But in fact it's possible for any…

Posted by Vulnerability Lab on Aug 13

Document Title:
===============
TortoiseSVN v1.12.1 – Remote Code Execution Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2188

Product:
https://osdn.net/projects/tortoisesvn/storage/1.12.1/Application/TortoiseSVN-1.12.1.28628-x64-svn-1.12.2.msi/

Ticket: https://groups.google.com/forum/#!forum/tortoisesvn

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14422

CVE-ID:…

Posted by Tim Schughart on Aug 09

Hello together,

as many of you already know some german banks are sharing the same hoster.

Via google dorking it is possible to determine some customers of one of those hosters (Fiducia & GAD IT AG).

The hoster uses a GET parameter called „bankid“ to identify its customers.

For example:
https://mobilebanking.gad.de/inm/mobilgad////ptlweb/WebPortal?
<https://mobilebanking.gad.de/inm/mobilgad////ptlweb/WebPortal?bankid=8008

Dlink-CVE-2019-13101

9 August 2019, 10:32 pm

Posted by Devendra Solanki on Aug 09

A remote vulnerability was discovered on D-Link DIR-600M Wireless N 150
Home Router in multiple respective firmware versions.
The vulnerability provides unauthenticated remote access to the router's
WAN configuration page i.e. "wan.htm", which leads to
disclosure of sensitive user information including but not limited to
PPPoE, DNS configuration etc, also allowing to change
the configuration settings as well.

A Nmap nse script to…

Posted by Axel Rengstorf on Aug 09

BlueBox Security
http://www.bluebox-security.de/ security(at)bluebox-security.de
bbs-2019.001.txt 08-August-2019