SecuriTeam Secure Disclosure – Page 20 – Computer Security Articles

Credit to Author: Maor Schwartz| Date: Thu, 04 May 2017 08:56:45 +0000

Every once in a while you hear on the news that cyber criminals were arrested, today I have the honor to interview the man who put them behind bars! Please meet @unixfreaxjp, founder and team leader of MalwareMustDie, NPO (malwaremustdie.org) and Kendo master (3rd Dan). Disclaimer: A lot of criminals are looking for him, so … Continue reading Know your community – @unixfreaxjp, founder and team leader of MalwareMustDie

Independent Securiteam

SSD Advisory – WordPress Unauthorized Password Reset

May 4, 2017 admin Origin Validation Error, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Wed, 03 May 2017 13:09:31 +0000

Vulnerability Summary The following advisory describe Unauthorized Password Reset vulnerability found in WordPress version 4.3.1. WordPress is web software you can use to create a beautiful website or blog. We like to say that WordPress is both free and priceless at the same time. The core software is built by hundreds of community volunteers, and … Continue reading SSD Advisory – WordPress Unauthorized Password Reset

Independent Securiteam

SSD Advisory – Serviio Media Server Multiple Vulnerabilities

May 2, 2017 admin Cross Site Scripting, Information Disclosure, Privilege Escalation, Remote Code Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: Maor Schwartz| Date: Tue, 02 May 2017 10:58:33 +0000

Vulnerabilities Summary The following advisory describes a five (5) vulnerabilities found in Serviio Media Server. Affected version: 1.8.0.0 PRO, 1.7.1, 1.7.0, 1.6.1. Serviio is a free media server. It allows you to stream your media files (music, video or images) to renderer devices (e.g. a TV set, Bluray player, games console or mobile phone) on … Continue reading SSD Advisory – Serviio Media Server Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – CloudBees Jenkins Unauthenticated Code Execution

May 1, 2017 admin Deserialization of untrusted data, Remote Code Execution, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Mon, 01 May 2017 06:28:11 +0000

Vulnerability Summary The following advisory describes Java deserialization vulnerability found in CloudBees Jenkins version 2.32.1 that leads to a Remote Code Execution. Jenkins helps to automate the non-human part of the whole software development process with now common things like continuous integration and by empowering teams to implement the technical aspects of continuous delivery. It … Continue reading SSD Advisory – CloudBees Jenkins Unauthenticated Code Execution

Independent Securiteam

SSD Advisory – SquirrelMail Remote Code Execution

April 25, 2017 admin Remote Code Execution, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Tue, 25 Apr 2017 05:24:06 +0000

Vulnerability Summary The following advisory describes Remote Code Execution found in SquirrelMail version 1.4.22. SquirrelMail is a standards-based webmail package written in PHP. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript required) for maximum compatibility across browsers. It has very … Continue reading SSD Advisory – SquirrelMail Remote Code Execution

Independent Securiteam

SSD Advisory – Emby Media Server Multiple Vulnerabilities

April 25, 2017 admin Directory Traversal, File Disclosure, SecuriTeam Secure Disclosure, SQL Injection

Credit to Author: Maor Schwartz| Date: Tue, 25 Apr 2017 05:03:48 +0000

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Emby Media Server. Affected versions are: 3.1.5, 3.1.2, 3.1.1, 3.1.0 and 3.0.0. Emby Media Server (formerly Media Browser) is a media server designed to organize, play, and stream audio and video to a variety of devices. Emby is open-source, and uses a client server model. … Continue reading SSD Advisory – Emby Media Server Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – HPE OpenCall Media Platform (OCMP) Multiple Vulnerabilities

April 24, 2017 admin Cross Site Scripting, Remote File Inclusion, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Mon, 24 Apr 2017 05:57:39 +0000

Vulnerabilities Summary The following advisory describes Reflected Cross-Site Scripting (XSS) vulnerabilities and a Remote File Inclusion vulnerability that when combined can lead to arbitrary Javascript code execution, were found in HP OpenCall Media Platform (OCMP), version 4.3.2. HPE OpenCall Media Platform (OCMP) is a suite of software and hardware applications which allow implementation of common … Continue reading SSD Advisory – HPE OpenCall Media Platform (OCMP) Multiple Vulnerabilities

Independent Securiteam

Security conferences – Survival guide 2017 Q3

April 20, 2017 admin Know your community, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Thu, 20 Apr 2017 07:10:46 +0000

The security conferences “Survival guide” for 2017 Q3 is here! We have gathered the following information for you for each conference: Dates Place Link to official conference website Ticket price Lectures Workshops So let’s get started: Security conferences – Survival guide part 3 Camp++ Dates: 6 – 9 July 2017 Place: Fort Monostor, Komárom, Hungary … Continue reading Security conferences – Survival guide 2017 Q3