SSD安全公告-GitStack未经验证的远程代码执行漏洞

漏洞概要

以下安全公告描述了在GitStack中存在的一个未经身份验证的动作,允许远程攻击者添加新用户,然后用于触发远程代码执行。

GitStack是一个可以让你设置你自己私人Git服务器的软件。 这意味着你可以创建一个没有任何内容的版本控制系统。GitStack可以非常容易的保持你的服务器是最新的。它是真正Git for Windows,并与任何其他Git客户端兼容。GitStack对于小团队来说是完全免费的。

Continue reading SSD安全公告-GitStack未经验证的远程代码执行漏洞

SSD Advisory – Python Bytecode Disassembler and Decompiler (pycdc) Multiple Vulnerabilities

Vulnerabilities summary
The following advisory describes 12 (twelve) vulnerabilities found in Python Bytecode Disassembler and Decompiler (pycdc).

Python Bytecode Disassembler and Decompiler (pycdc) “aims to translate compiled Python byte-code back into valid and human-readable Python source code. While other projects have achieved this with varied success, Decompyle++ is unique in that it seeks to support byte-code from any version of Python.”

The vulnerabilities found are:

  • Heap buffer overflow (2)
  • Null pointer (8)
  • Global buffer overflow
  • Singed integer overflow

Credit
An independent security researcher from Geeknik Labs has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
Michael Hansen was informed of the vulnerability and release a patches to address them.
For more details: https://github.com/zrax/pycdc/commit/bf60a5831bd3d3c8aa0544c5aefab3310de5d615

PoC
At this time we will not disclose PoC – we may release these later when users of the python code have updated their systems.

SSD Advisory – Hotspot Shield Information Disclosure

Vulnerability Summary
The following advisory describes a information disclosure found in Hotspot Shield.

Hotspot Shield “provides secure and private access to a free and open internet. Enabling access to social networks, sports, audio and video streaming, news, dating, gaming wherever you are.”

Credit
An independent security researcher, Paulos Yibelo, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
“Thank you very much again for contacting us. The info is being reviewed and if there are any questions/comments, we’ll contact you by re-opening this ticket”

CVE: CVE-2018-6460
Continue reading SSD Advisory – Hotspot Shield Information Disclosure

SSD Advisory – iBall Multiple Vulnerabilities

Vulnerabilities summary
The following advisory describes two (2) vulnerabilities found in iB-WRA150N devices, firmware 1.2.6 build 110401 Rel.47776n.

iB-WRA150N is “a powerful solution to Internet connectivity at home, small offices and work stations. The key is if you are using an ADSL2+ connection now and later decide to change to Broadband or vice-versa you don’t need to change your router. This iBall router is 2-in-1 and compatible to both – Broadband connection as well as ADSL2 connection (Telephone connection or cable operator connection). ”

The vulnerabilities found are:

  • Hard coded accounts
  • Remote command execution

Credit
An independent security researcher, maxki4x, has reported this vulnerabilities to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
We tried to contact iBall since December 20 2017, repeated attempts to establish contact were answered, but no details have been provided on a solution or a workaround.

CVE: CVE-2018-6388
Continue reading SSD Advisory – iBall Multiple Vulnerabilities