Chain of 11 Bugs Takes Down Galaxy S8 at Mobile Pwn2Own

The mobile version of the annual Pwn2Own contest wrapped up today in Tokyo with an unprecedented attack chain leveling the Samsung Galaxy S8. Researchers from MWR Labs used 11 vulnerabilities across six different mobile applications to execute code on Samsung’s flagship device and exfiltrate data...

Forticlient 5.2.3 Windows 10 x64 (Post Anniversary) - Privilege Escalation Exploit

Exploit for windows platform in category local exploits / Check these out: - https://www.coresecurity.com/system/files/publications/2016/05/Windows%20SMEP%20bypass%20U%3DS.pdf - https://labs.mwrinfosecurity.com/blog/a-tale-of-bitmaps/ Tested on: - Windows 10 Pro x64 Post-Anniversary - hal.dll:...

needle - The iOS Security Testing Framework

Needle is an open source, modular framework to streamline the process of conducting security assessments of iOS apps. Description Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes of operation and...

DDN SFA Default SSH Keys

DDN Default SSH Keys DDN SFA devices have default SSH keys in place Product: DDN SFA storage devices, all versions, all models Severity: High CVE Reference: NO CVE ASSIGNED - MWR ref: MWR-2016-0002 Type: Default Credentials Author: John Fitzpatrick Date: 2016-06-15 Description DDN controllers shi...

Apache ActiveMQ 5.0.0 - 5.10.0 JAAS LDAPLoginModule empty password authentication Vulnerability

Exploit for multiple platform in category web applications CVE-2014-3612: ActiveMQ JAAS: LDAPLoginModule allows empty password authentication and Wildcard Interpretation Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache ActiveMQ 5.0.0 - 5.10.0 Description: It wa...

Android System Google Admin app exposed 0day vulnerabilities, can bypass the sandbox-vulnerability warning-the black bar safety net

MWR Labs researchers discovered a 0day vulnerability exists in the Android system of the Google Admin app to handle some URL in the way that, by the vulnerability the attacker can bypass the Android sandbox mechanism. The vulnerability principle For the Google Android security team, this month is...

Android Zero Day in Admin App Can Bypass Sandbox

The Android security team at Google is having a busy month. First the Stagefright vulnerabilities surfaced last month just before Black Hat and now researchers at MWR Labs have released information on an unpatched vulnerability that allows an attacker to bypass the Android sandbox. The...

Amazon Patches Certificate Vulnerabilities in Fire Phones

Amazon last week patched three vulnerabilities in its Fire smartphones, including two in its Certinstaller package that put devices at risk. An attacker could take advantage of the vulnerability in the package, which allows mobile apps to install certificates on Amazon Fire devices without user...

FreeBSD : cassandra -- remote execution of arbitrary code (607f4d44-0158-11e5-8fda-002590263bf5)

Jake Luciani reports : Under its default configuration, Cassandra binds an unauthenticated JMX/RMI interface to all network interfaces. As RMI is an API for the transport and remote execution of serialized Java, anyone with access to this interface can execute arbitrary code as the running user...

[SECURITY ANNOUNCEMENT] CVE-2015-0225

CVE-2015-0225: Apache Cassandra remote execution of arbitrary code Severity: Important Vendor: The Apache Software Foundation Versions Affected: Cassandra 1.2.0 to 1.2.19 Cassandra 2.0.0 to 2.0.13 Cassandra 2.1.0 to 2.1.3 Description: Under its default configuration, Cassandra binds an...

RHEL 7 : qpid (RHSA-2015:0708)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0708 advisory. Red Hat Enterprise MRG is a next-generation IT infrastructure incorporating Messaging, Real Time, and Grid functionality. It offers increase...

Moderate: Red Hat Security Advisory: qpid security and bug fix update

Updated qpid packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG 3 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

RHEL 5 : qpid-cpp (RHSA-2015:0662)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0662 advisory. Red Hat Enterprise MRG Messaging, Realtime, and Grid is a next-generation IT infrastructure for enterprise computing. MRG offers increased...

Moderate: Red Hat Security Advisory: qpid-cpp security and bug fix update

Updated qpid-cpp packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base score...

Moderate: Red Hat Security Advisory: qpid-cpp security and bug fix update

Updated qpid-cpp packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base score...

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.1.0 security and bug fix update

Red Hat JBoss Fuse and A-MQ 6.1.0 Patch 3 on Rollup Patch 1 R1P3, which fixes two security issues and one bug, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base score...

CVE-2014-3629: Apache Qpid's qpidd can be induced to make http requests

Apache Software Foundation - Security Advisory Apache Qpid's qpidd can be induced to make http requests CVE-2014-3629 CVS: 3 Severity: Low Vendor: The Apache Software Foundation Versions Affected: Apache Qpid's qpidd up to and including version 0.30, where xml exchange module is loaded Descriptio...

Moab Authentication Bypass [CVE-2014-5300]

Moab Authentication Bypass : CVE-2014-5300 Software: Moab Affected Versions: All versions prior to Moab 7.2.9 and Moab 8 CVE Reference: CVE-2014-5300 Author: John Fitzpatrick, MWR Labs http://labs.mwrinfosecurity.com/ Severity: High Risk Vendor: Adaptive Computing Vendor Response: Resolved in Moa...

Moab < 7.2.9 - Authorization Bypass

No description provided by source. Moab Authentication Bypass : CVE-2014-5300 Software: Moab Affected Versions: All versions prior to Moab 7.2.9 and Moab 8 CVE Reference: CVE-2014-5300 Author: John Fitzpatrick, MWR Labs http://labs.mwrinfosecurity.com/ Severity: High Risk Vendor: Adaptive Computi...

Moab 7.2.9 - Authentication Bypass

Moab 7.2.9 - Authentication Bypass Moab Authentication Bypass : CVE-2014-5300 Software: Moab Affected Versions: All versions prior to Moab 7.2.9 and Moab 8 CVE Reference: CVE-2014-5300 Author: John Fitzpatrick, MWR Labs http://labs.mwrinfosecurity.com/ Severity: High Risk Vendor: Adaptive Computi...