Re: [FD] Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction

Can this be used to perform DNS exfiltration ? (Assuming the UGW is whitelisted to perform DNS (which it likely must be) > # Exploit Title: Microsoft Forefront Unified Access Gateway 2010 External > DNS Interaction > # Vendor Homepage: https://www.microsoft.com/ > # Version: 2010 > # CVE : CVE-2

[FD] [CVE-2018-3667, CVE-2018-3668] Escalation of priviilege via executable installer of Intel Processor Diagnostic Tool

Hi @ll, the executable installers of Intel's Processor Diagnostic Tool (IPDT) before v4.1.0.27 have three vulnerabilities^Wbeginner's errors which all allow arbitrary code execution with escalation of privilege, plus a fourth which allows denial of service. Intel published advisory SA-00140

[FD] can (should?) packets from unauthentcated wifi devices enter layer2 ?

hi, i wondered for a while, why our (mac whitelist based) network-intrusion rarely reports unknown mac adresses on our internal network. i found, that when you just try to login into our internal wifi with wrong password, i see frames (apparently from the non-authenticated device) appear on l

[FD] info-zip, zip command crash.

Hello, I found info-zip's zip command's crash. This vulnerability is occured by off by one. I don't use the malformed file for crash. just command. And if 'zip' binary is added to function, it can be exploitable vulnerability I think. [ Environment ] OS : Ubuntu 16.04.3 LTS Kernel : Linux ubun

[FD] DSA-2018-117 RSA Identity Governance and Lifecycle Uncontrolled Search Path Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 DSA-2018-117 RSA Identity Governance and Lifecycle Uncontrolled Search Path Vulnerability Dell EMC Identifier: DSA-2018-117 CVE Identifier: CVE-2018-11049 Severity: High Severity Rating: 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) Affected P

[FD] APPLE-SA-2018-7-05-1 Wi-Fi Update for Boot Camp 6.4.0

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2018-7-05-1 Wi-Fi Update for Boot Camp 6.4.0 Wi-Fi Update for Boot Camp 6.4.0 is now available and addresses the following: Wi-Fi Available for the following machines while running Boot Camp: MacBook (Late 2009 and later), MacBook Pro (Mid

[FD] c0c0n XI | The cy0ps c0n - Call For Papers & Call For Workshops extended till July 15th

___ ___ __ ___ / _ \/ _ \\ \ / / _ _| ___| | | | ___| | | |_ ____ \ V / | | / __| | | |/ __| | | | ' _ \ |__| > < | | | (__| |_| | (__| |_| |

[FD] Sophos Safeguard Products - Multiple Privilege Escalation Vulnerabilities.

We have recently disclosed a list of vulnerabilities to Sophos that allow local attackers to elevate their privileges and execute code in the security context of the SYSTEM user account. Affected Products: SafeGuard Enterprise 8.00.4 and earlier (Fix: install 8.00.5) SafeGuard Easy 7.00.2.35 an