Desknet's NEO Security Vulnerabilities

CVE-2019-13030

eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prior to 2.4.5 allows uncontrolled admin access to start or stop the Node.js process, resulting in the ability to obtain mediola configuration details. This is related to improper access control for addons configuration pages and a.....

CVE-2019-13030

eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prior to 2.4.5 allows uncontrolled admin access to start or stop the Node.js process, resulting in the ability to obtain mediola configuration details. This is related to improper access control for addons configuration pages and a.....

Improper access control

eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prior to 2.4.5 allows uncontrolled admin access to start or stop the Node.js process, resulting in the ability to obtain mediola configuration details. This is related to improper access control for addons configuration pages and a.....

CVE-2019-13030

eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prior to 2.4.5 allows uncontrolled admin access to start or stop the Node.js process, resulting in the ability to obtain mediola configuration details. This is related to improper access control for addons configuration pages and a.....

CVE-2019-9506

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary...

Exploit for Out-of-bounds Write in Google Android

CVE-2019-2107 CVE-2019-2107 CVE-2019-2107 - looks scary....

Neo-Nazi SWATters Target Dozens of Journalists

Nearly three dozen journalists at a broad range of major publications have been targeted by a far-right group that maintains a Deep Web database listing the personal information of people who threaten their views. This group specializes in encouraging others to harass those targeted by their ire,.....

Metasploit Reverse Session Takeover Vulnerability

Exploit for multiple platform in category local...

Microsoft Windows Task Scheduler Local Privilege Escalation

...

Microsoft Windows Task Scheduler Privilege Escalation Vulnerability

Microsoft Windows Task Scheduler suffers from a local privilege escalation vulnerability. The Windows MMC auto-elevates members of the 'administrators' group via the GUI and MMC snap-ins (via mmc.exe) automatically elevate without prompting UAC potentially leading to unintentional elevation of...

Exploit for Out-of-bounds Write in Google Android

CVE-2019-2107 CVE-2019-2107 CVE-2019-2107 - looks scary....

Securing your red team kit with Uncomplicated Firewall

After reading Identifying Cobalt Strike team servers in the wild I started thinking, why are people not firewalling off their kit? If you read the above post and I suggest you do, you will see under section “Scanning and Results” that the research concluded that 7718 unique Cobalt Strike (CS) team....

SUSE SLED12 / SLES12 Security Update : mutt (SUSE-SU-2019:1196-1)

This update for mutt fixes the following issues : Security issues fixed : bsc#1101428: Mutt 1.10.1 security release update. CVE-2018-14351: Fix imap/command.c that mishandles long IMAP status mailbox literal count size (bsc#1101583). CVE-2018-14353: Fix imap_quote_string in imap/util.c that has an....

Intelbras IWR 3000N - Denial of Service (Remote Reboot) Vulnerability

Exploit for hardware platform in category web...

Netgear DGN2200 / DGND3700 - Admin Password Disclosure Vulnerability

Exploit for hardware platform in category web...

Intelbras IWR 3000N 1.5.0 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web...

Intelbras IWR 3000N 1.5.0 - Cross-Site Request Forgery

Intelbras IWR 3000N 1.5.0 - Cross-Site Request...

Netgear DGN2200 / DGND3700 Admin Password Disclosure

...

Intelbras IWR 3000N - Denial of Service (Remote Reboot)

...

Intelbras IWR 3000N 1.5.0 - Cross-Site Request Forgery

...

Netgear DGN2200 / DGND3700 - Admin Password Disclosure

...

Netgear DGN2200 DGND3700 - Admin Password Disclosure

Netgear DGN2200 DGND3700 - Admin Password...

Intelbras IWR 3000N Denial Of Service

...

Intelbras IWR 3000N - Denial of Service (Remote Reboot)

Intelbras IWR 3000N - Denial of Service (Remote...

Intelbras IWR 3000N 1.5.0 Cross Site Request Forgery

...

2 Million IoT Devices Vulnerable to Complete Takeover

Over 2 million IP security cameras, baby monitors and smart doorbells have serious vulnerabilities that could enable an attacker to hijack the devices and spy on their owners — and there’s currently no known patch for the shared flaws. The attack stems from peer-to-peer (P2P) communication...

Cobalt Strike. Walkthrough for Red Teamers

What is Cobalt Strike? Raphael Mudge is the creator of Cobalt Strike (CS), around 2010 he released a tool titled Armitage, which is described by wikipedia as a graphical cyber-attack management for the Metasploit Project, to put this more bluntly, Armitage is a gui that allows you to easily...

Security Advisory - FragmentSmack Vulnerability in Linux Kernel

There is a DoS vulnerability in the Linux Kernel versions 3.9+ known as a FragmentSmack attack. Remote attackers could send fragmented IPv4 or IPv6 packets to the affected device to trigger time and calculation reassembly algorithms that could consume excessive CPU resources, resulting in a DoS...

openSUSE Security Update : mutt (openSUSE-2019-52)

This update for mutt fixes the following issues : Security issues fixed : bsc#1101428: Mutt 1.10.1 security release update. CVE-2018-14351: Fix imap/command.c that mishandles long IMAP status mailbox literal count size (bsc#1101583). CVE-2018-14353: Fix imap_quote_string in...

openSUSE: Security Advisory for mutt (openSUSE-SU-2019:0052-1)

The remote host is missing an update for...

Security update for mutt (important)

An update that solves 16 vulnerabilities and has 6 fixes is now available. Description: This update for mutt fixes the following issues: Security issues fixed: bsc#1101428: Mutt 1.10.1 security release update. CVE-2018-14351: Fix imap/command.c that mishandles long IMAP status mailbox...

Heap overflow

Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472 and earlier, Hancom Office 2014 9.1.1.4540 and earlier, Hancom Office 2010 8.5.8.1724 and earlier versions have a heap overflow vulnerability when handling Compound File in document. This result in a program crash or denial.....

CVE-2018-5201

Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472 and earlier, Hancom Office 2014 9.1.1.4540 and earlier, Hancom Office 2010 8.5.8.1724 and earlier versions have a heap overflow vulnerability when handling Compound File in document. This result in a program crash or denial.....

CVE-2018-5201

Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472 and earlier, Hancom Office 2014 9.1.1.4540 and earlier, Hancom Office 2010 8.5.8.1724 and earlier versions have a heap overflow vulnerability when handling Compound File in document. This result in a program crash or denial.....

CVE-2018-5201

Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472 and earlier, Hancom Office 2014 9.1.1.4540 and earlier, Hancom Office 2010 8.5.8.1724 and earlier versions have a heap overflow vulnerability when handling Compound File in document. This result in a program crash or denial.....

CVE-2018-0680

Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to read/send mail or change the...

CVE-2018-0681

Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to login to the Management page and change the...

CVE-2018-0687

Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote attackers to inject arbitrary web script or HTML via unspecified...

CVE-2018-0683

Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote attackers to execute arbitrary code or cause a denial-of-service (DoS) condition via Cookie...

CVE-2018-0684

Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R3.0 and earlier, Denbun IMAP version V3.3I R3.0 and earlier) allows remote attackers to execute arbitrary code or cause a denial-of-service (DoS) condition via multipart/form-data format...

CVE-2018-0685

SQL injection vulnerability in the Denbun POP version V3.3P R4.0 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via HTTP requests for mail...

CVE-2018-0686

Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote authenticated attackers to upload and execute any executable files via unspecified...

CVE-2018-0682

Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) does not properly manage sessions, which allows remote attackers to read/send mail or change the configuration via unspecified...

Security Advisory - SegmentSmack Vulnerability in Linux Kernel

There is a DoS vulnerability in the Linux Kernel versions 4.9+ known as a SegmentSmack attack. Remote attackers may send TCP packets to Linux kernel to make it calls the very expensive functions tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() of the affected device which can lead to a denial of....

CVE-2018-7929

Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain...

CVE-2018-7929

Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain...

Security feature bypass

Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain...

CVE-2018-7929

Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain...

Security Advisory - Lock-screen Bypass Vulnerability in Huawei Mate RS Smartphones

There is a lock-screen bypass vulnerability in Huawei Mate RS smartphones. An attacker could unlock and use the phone through certain operations. (Vulnerability ID: HWPSIRT-2018-06108) This vulnerability has been assigned a CVE ID: CVE-2018-7929. Huawei has released software updates to fix this...

[SECURITY] Fedora 28 Update: yubico-piv-tool-1.6.0-1.fc28

The Yubico PIV tool is used for interacting with the Privilege and Identification Card (PIV) applet on a YubiKey NEO. With it you may generate keys on the device, importing keys and certificate s, and create certificate requests, and other operations. A shared library and a command-line tool is...