Wallabag is an open source RSS reader application, distributed under an MIT license. The project official website is wallabag.org. The vulnerability described in this document affects version 2.2.3 (released on May 18, 2017) through version 2.3.2 (released on January 22, 2018).
News & Events
News in category "Advisories"
Subsonic is an open source web media server that enables the management of media resources such as music or videos. Its official website is www.subsonic.org. The version affected by the identified vulnerabilities is 6.1.1, released May 31, 2017.
CremeCRM is an open source CRM. It allows organizations to manage business data concerning customers, invoices, orders, and products. Its official website is www.cremecrm.com, and source code can be obtained on bitbucket.org/hybrid/. Version 1.6.12 was released on July 28, 2017. A Bishop Fox researcher found several security vulnerabilities in the CRM.
Jirafeau is an open source file sharing web application, distributed under an AGPL version 3 license. It is a fork of the project Jyraphe and allows users to share files for a defined period and protect downloads via a password. The project’s official website is gitlab.com/mojo42/Jirafeau. The latest version of the application is 3.3.0, released on September 8, 2017. Ten vulnerabilities were identified within the Jirafeau web application – five cross-site scripting vulnerabilities (two stored and three reflected) as well as five cross-site request forgery vulnerabilities.
SolarWinds Serv-U MFT 184.108.40.206 assigns authenticated users a low-entropy session token that can be included in requests to the application as a URL parameter in lieu of a session cookie. This session token’s value can be brute-forced by an attacker to obtain the corresponding session cookie and hijack the user’s session.
A denial-of-service vulnerability in SolarWinds Serv-U 220.127.116.11 allows an authenticated user to crash the application (with a NULL pointer dereference) via a specially crafted URL beginning with the /Web%20Client/ substring.
Title: Windows DNS Client – Memory Corruption Vulnerabilities Release Date: October 10, 2017 Patch Date: October 10, 2017 Reported Date: March 7, 2017 Vendor: Microsoft Corporation Systems Affected: Windows 8 through Windows 10, and Windows Server 2012 through 2016. Summary: High-risk memory corruption vulnerabilities in the Windows DNS client could lead to the compromise of …
A stored XSS vulnerability was identified in the webmail component of atmail 7. By sending a specially crafted email to a victim, an attacker can include an XSS payload to steal user contacts, send arbitrary emails, expose inbox contents, and more.
The Bishop Fox assessment team discovered an arbitrary command injection vulnerability within the SolarWinds’ Log & Event Manager (LEM) management console (CMC). The CMC is a restricted environment providing functionality for upgrading or maintaining LEM appliances. This vulnerability allows an authenticated user to bypass restrictions imposed by the CMC and execute arbitrary commands on the vulnerable system as the root user.
An improper access control vulnerability was discovered in the SolarWinds’ Log & Event Manager (LEM) management console (CMC). The CMC is a restricted environment providing functionality for upgrading or maintaining LEM appliances. This vulnerability allows an authenticated user to bypass restrictions imposed by the CMC and browse the underlying server’s filesystem, as well as read the contents of arbitrary files contained within.
A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts.
Three vulnerabilities were discovered in the Accellion Kiteworks appliance. The three vulnerabilities consisted of issues directly pertaining to incorrect default permissions, cross-site scripting, and path traversal.
Title: OS X Messages (iMessage): XSS & File Disclosure Release Date: March 21, 2016 Patch Date: March 21, 2016 Reported Date: February 2016 Vendor: Apple Systems Affected: Messages (iMessage) on OS X <= 9.1 Summary: Messages (iMessage) for OS X, a popular messaging platform from Apple, implements much of its user interface via an embedded …
Two high-risk vulnerabilities were discovered in CA Technologies Single Sign-On (formerly CA SiteMinder®) application. These vulnerabilities allowed a remote attacker to cause a denial-of-service attack or possibly gain sensitive information. We worked closely with CA Technologies in the disclosure and remediation process.
A reflected cross-site scripting vulnerability was found in the post-authentication administrative panel for ColdFusion, an Adobe web application development platform. Due to the critical functionality in the administration panel, an attacker could leverage this vulnerability to execute arbitrary commands on the server.