BugTraq Latest Security Advisories
Posted by Eugene Roshal on Sep 30Hello,
If we assume that anti-virus software cannot detect exe files
downloaded from Internet and started using this method,
nothing prevents an intruder to make a tool, which will download
and run exe from Internet using this method, include it to SFX archive
and start such tool using the standard SFX "Setup" command.
If we assume that for some weird reason tools started with "Setup"
SFX command are analyzed by antiviruses...
Posted by Popovici, Alejo (LATCO - Buenos Aires) on Sep 30Well it's true what you are saying,
But it's also true that anti-virus software is fully aware of the usual way of executing malicious code through SFX
archives. This could be a way of bypassing the anti-virus software thus avoiding detection.
In my opinion it should be fixed.
Consultor | ERS | Cyber Risk Services
Deloitte & Co. S.A.
Pte. Gral.J.D.Perón 646, 7piso, C1038AAN, Buenos Aires Argentina...
Posted by dev on Sep 30I am WinRAR developer. We published the official comment on www.rarlab.com here:
This "vulnerability" is a non-issue. Why attempting to find some hackish esoteric way for a feature, which presents in
SFX archives officially. Any SFX archive can run contained executable files, it is required for installers. Any SFX
archive just like any exe file and any software installer is potentially dangerous...
Posted by FreeBSD Security Advisories on Sep 29=============================================================================
FreeBSD-SA-15:24.rpcbind Security Advisory
The FreeBSD Project
Topic: rpcbind(8) remote denial of service
Affects: All supported versions of FreeBSD.
Corrected: 2015-09-29 18:06:27 UTC...
Posted by Marcello Duarte on Sep 291. Advisory Information
Title: Heap overflow in freeswitch json parser < 1.6.2 & < 1.4.23
Submitter: Marcello Duarte (marcello () cybersightgroup com)
Product URL: http://freeswitch.org
Affected Versions: freeswitch < 1.6.2 & < 1.4.23
Fixed Versions: 1.6.2 , 1.4.23
Link to source code diff:
Posted by Ralf Spenneberg on Sep 29The ICS-CERT will shortly publish an advisory on its own: ICSA-15-146-01
It has calculated the CVSS-Score to be 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C)
We have updated the CVSS Score in our advisory on
Am Dienstag, 29. September 2015, 12:30:35 schrieb Ralf Spenneberg:
Posted by Security Alert on Sep 29ESA-2015-151: RSA® OneStep Path Traversal Vulnerability
EMC Identifier: ESA-2015-151
CVE Identifier: CVE-2015-4546
Severity Rating: CVSS v2 Base Score: 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)
RSA OneStep 6.9 prior to Build 559
RSA OneStep included in RSA Certificate Manager 6.9 build 558 and earlier
RSA OneStep included in RSA Registration Manager 6.9 build 558 and earlier
RSA OneStep 6.9 build 559
Posted by Security Alert on Sep 29ESA-2015-152: RSA Web Threat Detection Multiple Vulnerabilities
EMC Identifier: ESA-2015-152
CVE Identifier: CVE-2015-4547, CVE-2015-4548
Severity Rating: CVSS v2 Base Score: View details below for individual CVSS v2 scores
· RSA® Web Threat Detection software versions prior to 5.1 SP1
RSA Web Threat Detection version 5.1 SP1 contains fixes for multiple vulnerabilities that could potentially be...
Posted by Ralf Spenneberg (OpenSource Security) on Sep 29OS-S Security Advisory 2015-03
Date: September 29th, 2015
CVSS: 5 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Title: Mitsubishi ICS FX3G-24M Permanent Communication Denial of Service
The TCP/IP communication of the Mitsubishi Melsec FX3G-24 is
Ease of Exploitation: Trivial
Vulnerability type: Wrong input validation (buffer overflow?)
Posted by Pedro Ribeiro on Sep 29Hi,
I have found 3 vulnerabilities in Kaseya's flagship product:
- unauthenticated remote code execution (CVE-2015-6922 / ZDI-15-449)
- unauthenticated remote privilege escalation (CVE-2015-6922 / ZDI-15-448)
- authenticated remote code execution (CVE-2015-6589 / ZDI-15-450)
Kaseya VSA is an IT management platform for small and medium corporates.
From its console you can control thousands of computers and mobile
devices. So that if you own...