Posted by Agostino Panico on Mar 23Good morning everyone,
I would like to invite everyone is interested @BSidesMilano 9th June, we
will open the registration process on eventbrite the 12th of April.
We are still looking for speakers, the cfp will end the 30th of April and
we are looking for cutting edge and innovative presentation, if you want to
share you research and have some good beers and exceptional food ( as usual
in Italy;) ) take a look on the website...
Posted by EMC Product Security Response Center on Mar 22DSA-2018-018: Dell EMC Isilon OneFS Multiple Vulnerabilities
Dell EMC Identifier: DSA-2018-018
CVE Identifier: CVE-2018-1186, CVE-2018-1187, CVE-2018-1188, CVE-2018-1189, CVE-2018-1201, CVE-2018-1202,
CVE-2018-1203, CVE-2018-1204, CVE-2018-1213
Severity Rating: CVSS Base Score: See below for CVSS v3 scores
Dell EMC Isilon OneFS version 18.104.22.168 (CVE-2018-1213 only)
Dell EMC Isilon OneFS versions between...
Posted by Sandro Gauci on Mar 22# Off-by-one heap overflow in Kamailio
- Alfred Farrugia <alfred () enablesecurity com>
- Sandro Gauci <sandro () enablesecurity com>
- Fixed versions: Kamailio v5.1.2, v5.0.6 and v4.4.7
- References: no CVE assigned yet
- Enable Security Advisory: <https://github.com/EnableSecurity/advisories/tree/master/ES2018-05-kamailio-heap-overflow>
- Tested vulnerable versions: 5.1.1, 5.1.0, 5.0.0
Posted by x ksi on Mar 22Hey,
TL;DR: UAF in a "non-release" version of ModSecurity for Nginx.
!RCE|DoS, no need to panic.
Plus some old and even older exploitation vector(s).
* 1. Use-After-Free (UAF)
During one of the engagements my team tested a WAF running in production
Nginx + ModSecurity + OWASP Core Rule Set . In the system logs I
found information about the Nginx worker processes being terminated due to
Posted by x ksi on Mar 22Hey,
The Path Traversal vulnerability was found in the component of the Bomgar
Remote Support Portal (RSP) . The affected component is a JavaStart.jar
applet that is hosted at https://TARGET/api/content/JavaStart.jar on the
vulnerable RSP deployments. The JavaStart version 52970 and prior were
confirmed to be vulnerable.
Analysis of the applet revealed that App.class suffers from a Path
Traversal vulnerability. The vulnerable class makes a...
Posted by x ksi on Mar 22Hey,
The Local Privilege Escalation vulnerability was found in the Kaseya
Virtual System Administrator (VSA)  agent "AgentMon.exe". The agent is a
Windows service that periodically executes various programs with “NT
In the Kaseya's default configuration, Windows users who belong to the
“Authenticated Users” group can modify files residing in the working and
temporary directories e.g.:
Posted by Michał Kędzior on Mar 22Affected Software: LDAP Account Manager (6.2)
Pentester: Michał Kędzior <michal[dot]kedzior147[at]gmail[dot]com>
CVE: CVE-2018-8763, CVE-2018-8764
1. Cross-site scripting (reflected) CVE-2018-8763 :
Reflected Cross Site Scripting vulnerability has been found during the
Posted by psy on Mar 22Hi FD,
I am glad to present a new release of this tool:
"UFONet - is a tool designed to launch Layer 7 (HTTP/Web Abuse) DDoS &
See these links for more info:
- CWE-601:Open Redirect 
- OWASP:URL Redirector Abuse 
Main options are:
* DDoS + DoS
* Clean code
* Documentation with examples
* Web/GUI Interface
* Proxy to connect to...
Posted by EMC Product Security Response Center on Mar 18DSA-2018-037: Dell EMC NetWorker Buffer Overflow Vulnerability
Dell EMC Identifier: DSA-2018-037
CVE Identifier: CVE-2018-1218
Severity Rating: CVSS v3 Base Score 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Dell EMC NetWorker versions prior to 22.214.171.124
Dell EMC NetWorker versions prior to 126.96.36.199
Dell EMC NetWorker 9.0.x
Dell EMC NetWorker versions prior to 188.8.131.52
Dell EMC NetWorker requires an...
Posted by (RS) Tyler Schroder on Mar 18Abine Blur Password Manager Insecure Permissions
Module: Blur Web Extension
Credits: RS Tyler Schroder
Affects: 7.8.242* BEFORE 7.8.2428
CVE ID: CVE-2018-7213
Abine Blur is a password management suite combined with online anonymity
tools designed to help consumers remain anonymous in the digital era.
II. Problem Description
The Password Manager Extension in Abine Blur 7.8.242* before...
Posted by Prajwal Panchmahalkar on Mar 18___ ___ __ _______
/ _ \ / _ \ \ \ / / _ _|
___| | | | ___| | | |_ __ ______ \ V / | |
/ __| | | |/ __| | | | ' _ \ |______| > < | |
| (__| |_| | (__| |_| | | | | / . \ _ | |_
\___|\___/ \___|\___/|_| |_| /_ / \_ \_____|...
Posted by nicolas.buzy-debat on Mar 18Product: Site Editor Wordpress Plugin - https://wordpress.org/plugins/site-editor/
Vendor: Site Editor
Tested version: 1.1.1
CVE ID: CVE-2018-7422
** CVE description **
A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to
retrieve arbitrary files via the ajax_path parameter to
** Technical details **
Posted by Sydream Labs on Mar 18# [CVE-2018-5233] Grav CMS admin plugin Reflected Cross Site Scripting
Grav CMS is a flat-file CMS using Markdown files for content management
It has been elected "Best Open Source CMS of 2016" by [CMS
The application does not always filter user input correctly,...
Posted by Core Security Advisories Team on Mar 15Core Security - Corelabs Advisory
MikroTik RouterOS SMB Buffer Overflow
1. **Advisory Information**
Title: MikroTik RouterOS SMB Buffer Overflow
Advisory ID: CORE-2018-0003
Date published: 2018-03-15
Date of last update: 2018-03-01
Vendors contacted: MikroTik
Release mode: Coordinated release
SEC Consult SA-20180314-0 :: Arbitrary Shortcode Execution & Local File Inclusion in WooCommerce Products Filter (PluginUs.Net)
Posted by SEC Consult Vulnerability Lab on Mar 14SEC Consult Vulnerability Lab Security Advisory < 20180314-0 >
title: Arbitrary Shortcode Execution & Local File Inclusion
product: WOOF - WooCommerce Products Filter (PluginUs.Net)
vulnerable version: 1.1.9
fixed version: 2.2.0
CVE number: (requested but not yet received)
Posted by Yuliya Pliavaka on Mar 13Greetings from hardwear.io!
We would like to share few exciting updates that you can expect from
hardwear.io in 2018!
First of all, we are very proud to announce that hardwear.io is going to
hold its first Security Training in Berlin!
Dates: 26 – 27 April 2018
Venue: Novotel Am Tiergarten, Berlin, Germany
Hardware Security Trainings:
- Practical IOT Hacking by Aseem Jakhar
- Low-Level Hardware Reversing by Javier-Vazquez Vidal &...
Posted by hyp3rlinx on Mar 13[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] ISR: Apparition Security
DEWESoft X3 SP1 (64-bit) installer - X3
Remote Internal Command Access
Posted by Manuel Garcia Cardenas on Mar 13=============================================
MGC ALERT 2018-002
- Original release date: February 12, 2018
- Last revised: March 12, 2018
- Discovered by: Manuel García Cárdenas
- Severity: 7,1/10 (CVSS Base Score)
- CVE-ID: CVE-2018-7474
SQL Injection in Textpattern <= 4.6.2
Textpattern is a free and...
Posted by Alex BALAN on Mar 13Hello,
Allow me to fix this for you:
01/25/2018 - We replied notifying you that we’ve opened a ticked with the relevant team
01/26/2018 - We asked for a working PoC
01/31/2018 - You replied with a theoretical “PoC” (no code, just a few steps which didn’t really help, sadly)
02/01/2018 - We replied asking for a script, a piece of code, a video, anything that backs up your claim since we
didn’t reproduce it based on the steps you...
Posted by Vulnerability Lab on Mar 13Title: PayPal Inc Increases Bug Bounty Payments in 2018 up to 30.000$
#bugbounty #security #research #infosec