[FD] RCE in Teamspeak 3 server

2016-08-12 Thread Hanz Jenson
While auditing the Teamspeak 3 server I've discovered several 0-day vulnerabilities which I'll describe in detail in this advisory. They exist in the newest version of the server, version 3.0.13. I found 10 vulnerabilities. Some of these are critical and allow remote code execution. For the

[FD] Zabbix 2.2.x, 3.0.x SQL Injection Vulnerability

2016-08-12 Thread 1n3
= Title: Zabbix 3.0.3 SQL Injection Vulnerability Product: Zabbix Vulnerable Version(s): 2.2.x, 3.0.x Fixed Version: 3.0.4 Homepage: http://www.zabbix.com Patch link: https://support.zabbix.com/browse/ZBX-11023 Credit: 1N3@CrowdShield

[FD] Nagios Incident Manager Multiple Vulnerabilities

2016-08-12 Thread Francesco Oddo
(, ) (, . '.' ) ('.', ). , ('. ( ) ( (_,) .'), ) _ _, / _/ / _ \ _ \ \==/ /_\ \ _/ ___\/ _ \ / \ / \/ |\\ \__( <_> ) Y Y \ /__ /\___|__ / \___ >/|__|_| / \/ \/.-.\/ \/:wq

[FD] Nagios Network Analyzer Multiple Vulnerabilities

2016-08-12 Thread Francesco Oddo
(, ) (, . '.' ) ('.', ). , ('. ( ) ( (_,) .'), ) _ _, / _/ / _ \ _ \ \==/ /_\ \ _/ ___\/ _ \ / \ / \/ |\\ \__( <_> ) Y Y \ /__ /\___|__ / \___ >/|__|_| / \/ \/.-.\/ \/:wq

[FD] Nagios Log Server Multiple Vulnerabilities

2016-08-12 Thread Francesco Oddo
(, ) (, . '.' ) ('.', ). , ('. ( ) ( (_,) .'), ) _ _, / _/ / _ \ _ \ \==/ /_\ \ _/ ___\/ _ \ / \ / \/ |\\ \__( <_> ) Y Y \ /__ /\___|__ / \___ >/|__|_| / \/ \/.-.\/ \/:wq

[FD] CVE-2016-6483 - vBulletin <= 5.2.2 Preauth Server Side Request Forgery (SSRF)

2016-08-12 Thread Dawid Golunski
vBulletin CVE-2016-6483 vBulletin software is affected by a SSRF vulnerability that allows unauthenticated remote attackers to access internal services (such as mail servers, memcached, couchDB, zabbix etc.) running on the server hosting vBulletin as well as services on other servers on the local

[FD] [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1

2016-08-12 Thread Pedro Ribeiro
tl;dr RCE, file download, weak encryption and user impersonation, all of which can be exploited by an unauthenticated attacker in WebNMS Framework 5.2 and 5.2 SP1. A special thanks to Beyond Security and their SSD program, which helped disclose the vulnerabilities. See their advisory at

[FD] Stored XSS in Advanced Custom Fields: Table Field allows authenticated users to do almost anything an admin user can (WordPress plugin)

2016-08-12 Thread dxw Security
Details Software: Advanced Custom Fields: Table Field Version: 1.1.12 Homepage: https://wordpress.org/plugins/advanced-custom-fields-table-field/ Advisory report:

[FD] DDanchev's Blog Going Private - Request Access

2016-08-12 Thread Ddanchev
Hi, everyone, As, of, today, my, blog - http://ddanchev.blogspot.com is going, private, and, I, decided, to, let, everyone, know, on, how, to, request, access, to, continue, to, maintain, access, to, the, blog.

[FD] Defense in depth -- the Microsoft way (part 42): Sysinternals utilities load and execute rogue DLLs from %TEMP%

2016-08-12 Thread Stefan Kanthak
Hi @ll, several of Microsoft's Sysinternals utilities extract executables to %TEMP% and run them from there; the extracted executables are vulnerable to DLL hijacking, allowing arbitrary code execution in every user account and escalation of privilege in "protected administrator" accounts [*]. *

[FD] NEW VMSA-2016-0011 - vRealize Log Insight update addresses directory traversal vulnerability.

2016-08-12 Thread VMware Security Response Center
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - --- VMware Security Advisory Advisory ID: VMSA-2016-0011 Severity:Moderate Synopsis:vRealize Log Insight update addresses directory