Tagged: credit

VU#923388: Swann SRNVW-470 allows unauthorized access to video stream and contains a hard-coded password 0

VU#923388: Swann SRNVW-470 allows unauthorized access to video stream and contains a hard-coded password

Vulnerability Note VU#923388 Swann SRNVW-470 allows unauthorized access to video stream and contains a hard-coded password Original Release date: 17 Feb 2016 | Last revised: 17 Feb 2016 Overview Swann network video recorder (NVR) devices contain a hard-coded password and do not require authentication to view the video feed when accessing from specific URLs. Description CWE-259 : Use of Hard-coded Password – CVE-2015-8286 According to the researcher, the Swann SRNVW-470LCD and Swann SWNVW-470CAM contain a hard-coded passwords allowing administrative or root access.

VU#507216: Hirschmann "Classic Platform" switches reveal administrator password in SNMP community string by default 0

VU#507216: Hirschmann "Classic Platform" switches reveal administrator password in SNMP community string by default

Vulnerability Note VU#507216 Hirschmann “Classic Platform” switches reveal administrator password in SNMP community string by default Original Release date: 16 Feb 2016 | Last revised: 16 Feb 2016 Overview Hirschmann “Classic Platform” switches contain a password sync feature that syncs the switch administrator password with the SNMP community password, exposing the administrator password to attackers on the local network. Description CWE-257 : Storing Passwords in a Recoverable Format For all Hirschmann (part of Belden) “Classic Platform” switches (which includes the MACH series workgroup switches, among others), by default, the switch administrator password is used to construct an SNMP community string that allows remote management of some switch configuration

VU#327976: Cisco Adaptive Security Appliance (ASA) IKEv1 and IKEv2 contains a buffer overflow vulnerability 0

VU#327976: Cisco Adaptive Security Appliance (ASA) IKEv1 and IKEv2 contains a buffer overflow vulnerability

Vulnerability Note VU#327976 Cisco Adaptive Security Appliance (ASA) IKEv1 and IKEv2 contains a buffer overflow vulnerability Original Release date: 11 Feb 2016 | Last revised: 11 Feb 2016 Overview Cisco Adaptive Security Appliance (ASA) Internet Key Exchange versions 1 and 2 (IKEv1 and IKEv2) contains a buffer overflow vulnerability that may be leveraged to gain remote code execution. Description CWE-119 : Improper Restriction of Operations within the Bound of a Memory Buffer – CVE-2016-1287 According to the advisory by Exodus Intelligence : The algorithm for re-assembling IKE payloads fragmented with the Cisco fragmentation protocol contains a bounds-checking flaw that allows a heap buffer to be overflowed with attacker-controlled data. A sequence of payloads with carefully chosen parameters causes a buffer of insufficient size to be allocated in the heap which is then overflowed when fragment payloads are copied into the buffer

“The Dark Net’s Fraud as a Service (FaaS)” 0

“The Dark Net’s Fraud as a Service (FaaS)”

Steve Santorelli, former Scotland Yard cybercrime detective, now director of analysis and outreach at Team Cymru, sums it up nicely in csoonline.com: Couple our industries traditional propensity to hide incidents wherever possible, for fear of bad publicity, with the relatively recent trend towards mandatory breach reporting in several of these key areas, and you have a group of victims that are reeling from the impact. The offenders here are really thriving and we’re helping them with our antiquated systems that will take aeons to evolve

VU#305096: Comodo Chromodo browser does not enforce same origin policy and is based on an outdated version of Chromium 0

VU#305096: Comodo Chromodo browser does not enforce same origin policy and is based on an outdated version of Chromium

Vulnerability Note VU#305096 Comodo Chromodo browser does not enforce same origin policy and is based on an outdated version of Chromium Original Release date: 04 Feb 2016 | Last revised: 04 Feb 2016 Overview Comodo Chromodo browser, version 45.8.12.392, 45.8.12.391, and possibly earlier, does not enforce same origin policy, which allows for the possibility of cross-domain attacks by malicious or compromised web hosts. Chromodo is based on an outdated release of Chromium with known vulnerabilities. Description Comodo Chromodo is a web browser that comes packaged with Comodo Internet Security

VU#544527: OpenELEC and RasPlex have a hard-coded SSH root password 0

VU#544527: OpenELEC and RasPlex have a hard-coded SSH root password

Vulnerability Note VU#544527 OpenELEC and RasPlex have a hard-coded SSH root password Original Release date: 02 Feb 2016 | Last revised: 02 Feb 2016 Overview OpenELEC and derivatives utilize a hard-coded default root password, and enable SSH root access by default. Description CWE-259 : Use of Hard-coded Password OpenELEC has a hard-coded root password. The root partition is by default read-only, preventing a user from changing the password once installed; furthermore, SSH access is enabled by default

VU#719736: Fisher-Price Smart Toy platform allows some unauthenticated web API commands 0

VU#719736: Fisher-Price Smart Toy platform allows some unauthenticated web API commands

Vulnerability Note VU#719736 Fisher-Price Smart Toy platform allows some unauthenticated web API commands Original Release date: 02 Feb 2016 | Last revised: 02 Feb 2016 Overview The Fisher-Price Smart Toy does not perform proper authentication of some API commands, and it may also use a vulnerable version of Android. Description The Fisher-Price Smart Toy bear is a new WiFi-connected Internet of Things (IoT) toy

VU#992624: Harman AMX multimedia devices contain hard-coded credentials 0

VU#992624: Harman AMX multimedia devices contain hard-coded credentials

Vulnerability Note VU#992624 Harman AMX multimedia devices contain hard-coded credentials Original Release date: 21 Jan 2016 | Last revised: 21 Jan 2016 Overview Multiple models of Harman AMX multimedia devices contain a hard-coded debug account. Description CWE-798 : Use of Hard-coded Credentials – CVE-2015-8362 According to the researchers’ blog post , several models of Harman AMX multimedia devices contain a hard-coded “backdoor” account with administrative permissions.

VU#772447: ffmpeg and Libav cross-domain information disclosure vulnerability 0

VU#772447: ffmpeg and Libav cross-domain information disclosure vulnerability

Vulnerability Note VU#772447 ffmpeg and Libav cross-domain information disclosure vulnerability Original Release date: 20 Jan 2016 | Last revised: 20 Jan 2016 Overview ffmpeg is a “cross-platform solution to record, convert and stream audio and video”. ffmpeg is vulnerable to local file disclosure due to improper enforcement of domain restrictions when processing playlist files

VU#916896: Oracle Outside In 8.5.2 contains multiple stack buffer overflows 0

VU#916896: Oracle Outside In 8.5.2 contains multiple stack buffer overflows

Vulnerability Note VU#916896 Oracle Outside In 8.5.2 contains multiple stack buffer overflows Original Release date: 20 Jan 2016 | Last revised: 20 Jan 2016 Overview Oracle Outside In versions 8.5.2 and earlier contain stack buffer overflow vulnerabilities in the parsers for WK4, Doc, and Paradox DB files, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.